How to break the connection/Sync between Symantec Endpoint Protection Manager (SEPM) and Active Directory and potential impacts.

The following steps are recommeed to remove the connection/Sync permanently between Symantec Endpoint Protection Manager (SEPM) and Active Directory

1. Login to SEPM
2. Keep the settings and Sync on for now.
3. Create a new computer group structure for your computers from scratch.
4. Copy clients to the new groups.
5. Delete the top-level imported OU and it should kill the sync.
6. Click the server under "Admin-Servers"
7. Click "Edit the server properties"
8. Select the "Directory Servers" tab
9. Click on the directory serve name
10. Click "Delete", "Yes", then "OK"

Changes/Impact before and after removing the AD sync from SEPM.

• Create SEPM Authentication (Username and password) to the Administrators for login to SEPM.
  
  Note: If the SEPM credential is not created and before AD is removed from SEPM, this will Impact in SEPM Login issue.
  
  
• If you were unable to copy systems to a new group structure, the SEP clients will report to the Default group once the AD connection is removed. Once after the SEP client is moved to Default group, manually move the SEP client to the respective group.