Hi,
Thank you for posting in Symantec community.
I would be glad to answer your query.
Only the Organizational Unit's data is synchronized with Active Directory
The admin can select one or more users and/or computers from a group and move those selected users and computers to another group.
If the selected user or computer is in an Organizational Unit, the move means Copy. The selected user/computer will be moved to the destination group, and that user/computer criteria will be kept in the Organizational Unit.
Note: If the client is in Computer-based mode, moving the computer name of the client to another group will force the client to switch to the new group and get the new profile of that group.
If the agent is in User-based mode, moving the login user name of the client to another group will cause the client to switch to the new group and get the new profile.
Refer the following articles:
Organizational Units from Active Directory in Symantec Endpoint Protection 11.0
http://www.symantec.com/docs/TECH102546
How to configure Symantec Endpoint Protection Manager to synchronize user data with a directory server
http://www.symantec.com/docs/TECH96201