Unenrolling
Symantec Endpoint Protection Manager
domains from the cloud console

The unenrollment process removes the client groups and clients of the unenrolled domain in the cloud. Any associated policies remain in the cloud console as well as related events.
After you unenroll a
Symantec Endpoint Protection Manager
domain from the ICDm cloud console, you are no longer able to:
  • Manage devices from the cloud console.
  • See files and applications on your devices.
  • Apply cloud-specific policies to devices and device groups to protect them.
During the unenrollment process, a notification appears on the cloud console and you are not able to:
  • Perform any function that is associated with device management, such as creating groups, deleting groups, or moving devices between groups.
  • Perform any function that is associated with policy management, such as applying policies to devices or device groups.
  • Enroll a new domain until the current domain is unenrolled.
To unenroll domains, you require the
Endpoint Console Super Administrator
role. See:
After unenrollment, you continue to see alerts, events, and policies in the cloud console.
  1. To unenroll a
    Symantec Endpoint Protection Manager
    domain
  2. On the Endpoint Security cloud console, go to
    Endpoint > Integration
    .
  3. On the
    Enrollment
    tab, check the
    Domain Enrollment Status
    >
    Enrolled
    check box and select
    Unenroll
    .
  4. Choose an appropriate option:
    • Unenroll
      - Select this option if you only want to unenroll
      Symantec Endpoint Protection Manager
      from the cloud console.
    • Unenroll and remove
      - Select this option if you want to unenroll
      Symantec Endpoint Protection Manager
      from the cloud console and delete all discovered devices and files information.
  5. Type
    Unenroll
    in the text box to confirm.
  6. Select
    Unenroll Domain
    .
Typically unenrollment takes two hours to complete.
More information