Symantec Endpoint Threat Defense for AD UI Service does not stay started


Article ID: 205753


Updated On:


Endpoint Threat Defense for Active Directory


When attempting to access the Endpoint Threat Defense for AD (TDAD) UI in a web browser is shows Service Unavailable. Windows Event logs show SETDADUISvc stopping and starting every couple of minutes.


Managed service account fails to launch node.js.


Reset the service account for "Symantec Endpoint Threat Defense for AD UI Service" to "NT Service\SETDADuISvc", and ensure no GPOs are removing the user right "Log on as a service" for this account.


Test starting the service with the service account set to Local System. If this works, there may be issues with the service account used. Check applied GPOs for accounts granted the user right "Log on as a service".

Note: It may be necessary to temporarily install the Group Policy Management Console to the TDAD Core server so that the local service accounts are available to add to the applied GPO. In lieu of this, the Built-in security principal SERVICE may be added to the applied GPO.