Thanks for posting your question this is actually behaving as designed you would need to assign the user when it is in its final group within the EPO system tree.
Is this related to specific ePO and EEPC versions?
We have tested with ePO 4.6.2 and EEPC 6.2 moving a system all around the system tree, waking the agent, running the EE LDAP Sync etc.
The user we have assigned originally remains assigned no matter where we put it.
This is our experience since begining to use EEPC from the very outset. Below is an image of a basic test we ran. We pulled the system out of the main LAPTOP group it was in and placed it in all of these groups waking it up and syncing as we went for thoroughness. The user stayed with the system.
The policy applied has Add Local Domain Users DISABLED so the user is not being re-added.
It is our undertsanding that when you assign a user to a system they are tied to that system. This is the only way EEPC could actually work correctly without adding all users to Group Users.
For example, best practice for upgrading EEPC is to create a group for the agent install and reboot. Seperately create a second group for the EEPC client, install and reboot. Going by your logic when I do this my user will be removed and when I place it back in to the normal population I have to reassign the user again?
Can you run a test similar to the one run here and let us know your result? Also if you let us know how your test ePO and EEPC is configured we can try and get to the bottom of this.
Caveo Systems Technical Support