With Symantec Endpoint Protection Manager (SEPM) 14 Active Directory OUs can no longer be imported using the Administrator account. This action was possible with SEPM 12.                            

In SEP 12.1 :

• Having a Directory Server set up in the SEPM :

• Creating an Administrator account with “Administrator” access right, with default options
• Log on to the SEPM console with the new administrator credentials
• Option to import OU or Container IS available for this administrator :

 
 
 
In SEP 14 (14.0.2349.0100) :

• Having a Directory Server set up in the SEPM :

• Creating an Administrator account with “Administrator” access right, with default options
• Log on to the SEPM console with the new administrator credentials
• Option to import OU or Container IS NOT available for this administrator : 

No error message, the option to import Organizational Unit is grayed out, if logged in with Administrator level account.

SEPM 14 RTM and later versions.

Symantec confirmed that the reported issue is by design. This change was initiated in SEP 14.x for security reasons.

Customer will have to use the System Administrator account to import OU's in SEPM 14 console.

Symantec is currently reviewing this behavior and should reintroduce the functionality to Admin level account in future releases.