This will be a two way process, first get the list from OU, then from monitors - logs -computer status
click on advanced blue link at the bottom
select the OU, export it as CSV
do a vlookup...
You can enable unmanged detectors so that you can get a list of machines which does not have SEP installed
How to enable the Unmanaged Detector in Symantec Endpoint Protection Manager (SEPM)
http://www.symantec.com/business/support/index?page=content&id=TECH105921