Sorry I have been busy at work and to be flat honest forgot to post. I made the changed the account to use a service account, and the reporting is working. Now I do want to mention that our SQL is on a cluster, it shouldn't matter, but I want to throw that out there.
making the McAfee ePolicy Orchestrator 4.0.0 Event Parser service run under the same (domain) user account that ePO also uses to connect to the database.
Really thought it was the NOC fault. Thought they had firewalled some port they shouldn't. Reading through the client logs I see that they can connect to the server in port 80 and the start gathering the events. Then I get the message that they send the events to the server and it says the server did not reply. And they terminate the connection.
But now I noticed that the events have stopped since the day I applied the patch 4.0.2...
"It appears that the Event Parser service doesn't have the right permissions to connect to the remote database, when running in the Local System Account."
Does seem like a pretty big thing to go unnoticed in quality control. :mad:
Still I don't see what they changed that caused this. Now they need added privileges or was it something in the installer?
If we want ePO to use sql authentication, then this fix is still fine right(use service account in the eventp****r)? I mean I do not see the connection on why the NT account for eventp****r service and ePO DB connection has to be the same.