Yes, by directly editing the database, you can change the [GROUP_ID] for a specific client from a specific AD OU to a Group outside of the AD structure.
Two things to note:
1) Symantec does not support directly editing the database unless instructed by them...
2) When you re-sync with AD, you will have two records for your client, one outside of AD that has the Green Dot, and one within AD that is essentially a blank place holder for the client that was created when the Sync with AD happens.
I would not reccomend this method for normal daily operations...only in very special circumstances.
-Mike