I installed SEP 12.1 on a Windows 2008 Server, the server was moved in our DMZ so now I have to change the client from managed to unmanaged in order to be able to change Live Update Settings; is it possible whithout unininstalling/installing the client (I can't restart the server)?

Solution 1: Uninstall managed SEP client, reboot and install unmanaged SEP client using install routine from Symantec DVD or ISO image.

Solution 2:

How to change managed Symantec Endpoint Protection(SEP) client to unmanaged SEP client?

You can do that without doing it as unmanged, 

create a new group in SEPM, move this client to that group

then Go to the Client page

Policies tab

Under Location specific policies and settings click on Location specific settings

Next to Client user interface control settings click on Tasks >> Edit Settings

Click the radio button for Client control

Now the client will have full control all options are visible. change whatever you want. Thats it.

Our SEPM can't communicate with servers in DMZ.

You need to open firewall port.

http://www.symantec.com/business/support/index?page=content&id=TECH178325

Firewall Configuration (bi-directional):

Refer to the Management Server List assigned to the client group to determine the communications port the SEP clients will use to communicate to the SEPM. Default values are:

TCP 80 (MR2 and earlier)

TCP 8014 (MR3 and later)

TCP 443 (secure communications)

Replace the Sylink file , thats the easiest method.

I can't open the firewal, DMZ server can only acces to internet, there's no way to communicate whitt SEPM. Installing the managed client was a mistake, I want only understand if is possible to unmanaged it without restart the server.

Yeah, when you export as managed package it will have all the policies from SEPM. 

That policy includes tamper protection as well which you need to disable while copying the Sylink.xml file.

I doubt you would be able to replace the sylink. If your current Installation has only Antivirus and antispyware then you can run an umnaged client without reboot.( It might say pending file rename but that can be tricked)

or do any policy changes on a client which is accessible to you . then transfer it on to your server

How to Export and Import a Symantec Endpoint Protection client policy

http://www.symantec.com/business/support/index?page=content&id=TECH190053

You can follow above steps.

How to change managed Symantec Endpoint Protection(SEP) client to unmanaged SEP client?

The key here is switching to Client mode as it will give the end use full control over the settings.

Again, the recommended way by Symantec is to reinstall but if you can't do that, set to Client mode and replace the sylink with the one from the download ISO and it should take care of it.

Reinstall... 

But if you prefer to replace the sylink, ensure that the client has all the rights before you put to unmanged.

I know this is a very old topic.  But for others, the easiest method to change from managed to unmanaged is to get the SyLink.xml from the install package that you received from Symantec.  The one in the folder SEP or SEPx64.  Then go to your installed folder then go into the version folder then BIN.   In the BIN folder just load SylinkDrop.exe.  Click on browse and load up the SyLink.xml then just click on Update SyLink.
You may need to do some registry edits if the managed client had restrictions.   I would always move them to a group first that has no restrictions before doing this.  But since this person already had moved his to a DMZ that no longer has access to the manager, he may need to do some registry edits after making it unmanaged.  Hope this helps others in the future.  

v14 RU5 and above they removed SylinkDrop.exe   you can do the following:
smc -stop
smc -importsylink c:\SyLink.xml   Or other location where you saved the SyLink.xml file.