The Symantec Endpoint Protection Manager allows integration with AD (Active Directory) or LDAP (Lightweight Directory Access Protocol) so that Endpoint Protection clients can be viewed and managed by AD/LDAP OUs (Organizational Units). Windows clients appear correctly in OUs imported into the SEPM, but Mac or Linux clients appear in only in the SEPM "default" group or other SEPM-defined group.
Mac computers that are AD/LDAP members may not appear correctly in SEPM imported OUs.
This is by design. As of SEP 12.1 RU6, Mac and Linux SEP clients may only be managed using SEPM-defined groups.
Mac and Linux SEP clients that are AD members can be managed by the SEPM but must be managed by using SEPM-defined client groups rather than imported OUs.