We have multiple "Domains" in our SEP environment.  There used to be 2 separate Microsoft AD Domains which the SEP domains were tied to.  Now the two Microsoft AD domains have been combined.  The problem is that the SEP clients from the now absent Microsoft AD domain are still communicating with the old SEP "Domain" that they used to be tied to.  So our problem is that we need to point the old clients to the other SEP "Domain" which sounds simple.

What we have tried so far:

We ran the cleanwipe utility on a computer and reinstalled the client from an exported package from the desired domain.

We ran the sylink replacement tool to replace the sylink.xml file with one form the desired SEP "Domain".

We stopped the agent using the smc-stop command and replaced the sylink.xml file on the client.

What we see is that the sep clients are still reporting into the old SEP "Domain".  Even after verifying that the domainID in the sylink.xml file is correct.  It still shows online in the old SEP "Domain".  If we install the same install package on a new PC it does report to the correct domain.

Can anyone shed some light on what is happening and how to fix it?  Any help is appreciated.

Cleanwipe doesn't delete the folder which houses the hwid"

http://www.symantec.com/docs/TECH214218

Manually delete it to clear it out and see if the client goes to the new domain.

Have you disabled the old SEP domain?

http://www.symantec.com/docs/HOWTO80764

We have not yet disabled the old domain as we want to make sure the clients were moved first.  I was hoping the sylink.sml file would move them for me.  I will check the folder location for the hwid.

Replacing sylink should've fixed assuming something wasn't stuck somewhere

Tried uninstalling an agent then removing the file with the hwid.  After reinstalling the agent it showed up in the correct domain.

So that worked but I wish there was a better way.  This process will take a lot of time on hundreds of PCs.  I was hoping I could stop the agent, replace the sylink and remove the hwid then restart the agent. But it doesn't seen to work it gets the old hwid.

Create new SEP package and set the setting Remove all previous logs and policies, and reset the client-server communications settings.

Create custom client install settings:

1. Log on to the SEPM you wish to have manage the client.
2. Click the Admin tab, then click Install Packages.
3. Click Client Install Settings, then click Add Client Install Settings.... This will open the Add Client Install Settings dialog.
4. At the bottom of the page under Upgrade Settings: select the setting Remove all previous logs and policies, and reset the client-server communications settings.
5. Set all other options as desired.
6. Click OK

See below articles

Restoring client-server communications with Communication Update Package Deployment

I was able to move one to the new SEP Domain and back to the old using the following method:

turn off tamper protection
smc -stop
replace sylink
reset hwid using utility
smc -start

the only problem is that trying to script this could be hard since turning off tamper protection isn't that easy (for good reson).  I might change the policy to turn it off on the old domain first then run the scipt on a few PCs.  I will post my results.

edit: the reset hwid utility automatically starts the agent so no need for the smc-start.

link to the utility:

http://www.symantec.com/business/support/index?page=content&id=TECH163349

used the repairclonedimage util.

As another method, the MoveClient utility is fully able to shift clients around from one SEP Domain to another.  More details on the MoveClient utility can be found below:

http://www.symantec.com/docs/TECH98302

More details on how to get it to shift clients from doain to domain is in the accompanying PDF.  This will likely be the easiest way of moving a whole load of clients around.

#EDIT#

Oh yeah, as this is run on the SEPM itself, you don't have to play around with any client side scripts.