When utilizing the Symantec Endpoint Protection Manager (SEPM) and Threat Defense for Active Directory (TDAD), you need to know if you can install them on the same server machine.
Symantec Endpoint Protection 14.2 RU1+
Threat Defense for Active Directory 3.6.2
When using the SEPM and TDAD together, it is a best practice that each product be installed on a separate server. Doing so will reduce work load impact to the machines as well as reduce potential port conflicts.