You wish to know the differences between Windows Event Log Collector and Active Directory Collector.

Using Windows Event Collector you can collect the information from the Active Directory and vice versa. The only difference between them is in the mapping of event in the Symantec Security Information Manager (SSIM).

The events coming from the Active Directory Collector are mapped to the Intrusion Detection schema.
The events coming from the Windows Event Collector are mapped to the Windows schema.

The Active Directory Collector is not longer supported and replaced by the Windows Event collector 4.3 or Vista 4.4.