Post adding successfully AD gateway under ICDM console, trying to AD sync  with gatway won't be possible due to Red icon and below message:

"To enable Active Directory synchronization, make sure that at least one gateway is online".

ICDM

Symantec Endpoint Security Complete

Missing Threat Defense for Active Directory (TDAD) component during client installation on the gateway will make the client not a candidate for AD sync, hence the RED ICON.

Add Threat defense for Active Directory via Feature Selection policy. or via Add/Remove programs:

Note: The Feature  Selection Policy will automate the installation/removal of the feature, simply enabling any feature will install it at next policy update.