Symantec Endpoint Threat Defense for AD UI Service does not stay started

book

Article ID: 205753

calendar_today

Updated On:

Products

Endpoint Threat Defense for Active Directory

Issue/Introduction

When attempting to access the Endpoint Threat Defense for AD (TDAD) UI in a web browser is shows Service Unavailable. Windows Event logs show SETDADUISvc stopping and starting every couple of minutes.

Cause

Managed service account fails to launch node.js.

Resolution

Reset the service account for "Symantec Endpoint Threat Defense for AD UI Service" to "NT Service\SETDADuISvc", and ensure no GPOs are removing the user right "Log on as a service" for this account.

Workaround:

Test starting the service with the service account set to Local System. If this works, there may be issues with the service account used. Check applied GPOs for accounts granted the user right "Log on as a service".

Note: It may be necessary to temporarily install the Group Policy Management Console to the TDAD Core server so that the local service accounts are available to add to the applied GPO. In lieu of this, the Built-in security principal SERVICE may be added to the applied GPO.