To have a good experience with AD integration, I have collected a few best practices that you can do,
1. Create a new user account exclusively for SEPM in AD. Ensure that password never expires and also enable User cannot change password.
2. In the Admin Tab, right-click on the server, click Edit Server Properties. In the Directory Servers Tab, click Add.
Fill in the General information
Use of Secure Connection is more recommended if the SEPM is installed in a different server from the Domain Controller. Please note, you need to turn on this feature in the Domain Controller too.
3. In the Replication Servers tab, add the replicating Domain Controllers, if any.
4. Change the synchronization to a number between 2 to 8 hours. Minimum the syncopation interval, the data in SEP-Manager remains intact more.
4. In the Clients Section of the manager, select My Company and click on Import Organizational unit or container. Select the OU to be sync and push OK.
See your manager synchronizing with the AD like a charm!!