When a machine is deleted from Active Directory, it still shows up in the Symantec Endpoint Encryption Management Console.
Active Directory Synchronization is configured and enabled
By default, the Active Directory Synchronization will synchronize objects that have been added to the domain, but will not remove deleted objects. To do this, "Reverse Data Verification" must be enabled.
From the Symantec Endpoint Encryption Installation Guide:
Enable Reverse Data Verification
Open the "SEEMS Configuration Manager"
Expand "Active Directory" tab
Go to "Service" tab
Place a check in the box for "Enable Reverse Data Verification"
Subscribing will provide email updates when this Article is updated. Login is required.