Hi IT's
I run in the same problem after upgrading SEPM 12.1.4 to 12.1.5.
I am using GPO for control "logon as service" like all other here.
What I did after reading to your comment is just this:
Create two new AD users - semsrv and semwebsrv - normal users with passwd never change and strong passwd;
Do not use admin accounts - there is a reason/issue why Symantec has change to run the services as not priv. accounts.
Add the new users to my GP which controls the policy "logon as service" ;
Apply GP to the SEPM server, in my case WIn2012R2; (gpupdate /force)
Change the service accounts of the sepm services to the new accounts;
Start the services;
This is all;
We are using SQL server, not the embedded DB. Sorry
Regards,