4 Replies Latest reply on Sep 17, 2014 9:48 AM by jorixine

    ePO tagging password change (SIEM)

    jorixine

      Hi folks, first time in this forum.

       

      I would like to ask a simple question... I am pretty new to McAfee products. I just integrated ePO to SIEM and when I tried to see the 'ePO tagging' it asked for credentials.

       

      I put the ones I have (not admin). Now it is giving me 'Bad Command' or 'Internal Server Error'. I am supposing that it needs to do something that is not permitted for my login credentials, but I cannot find a way to change the one I already put there.

       

      When I go to ePO Tagging, on the ePO device properties, it gives me errors and wont ask for the credentials again. Is there a way to change this?

       

      Many thanks in advance!

       

      Regards,

        • 1. Re: ePO tagging password change (SIEM)
          Scott Taschler

          You do need credentials with more than simple user rights in ePO for tagging operations.  If I recall correctly, you need at least "Group Admin" rights.

           

          There are (potentially) 2 different places for ePO credentials.  There are credentials in the ePO device config.  If you select your ePO device in the system tree, and get properties, and select the Connection tab, you'll see where you can enter your DB credentials, as well as UI credentials.  Think of the UI credentials as a set of shared creds that are used by ESM for tagging operations.

           

          You'll also see a checkbox there for "Require User Authentication".  If you select that box, then each user will need to supply their own ePO credentials.  These will be used for operations performed by individual users (the central creds will still be used by ESM for things not performed by ESM). 

           

          You can enter your own user credentials via the "options" menu in the top-right corner.  In that dialog, you'll find a tab for ePO Credentials. 

           

          Scott

          • 2. Re: ePO tagging password change (SIEM)
            jorixine

            Thanks Scott for your reply.

             

            So if I got it correctly, if I do not tick the 'Require Authentication' box. When it needs user auth for checking the epo tagging stuff it'll use the same credentials as de UI ?

             

            I'll ask the ePO admins to give necessary rights for it to work without the need of providing credentials.

             

            Thanks!

            • 3. Re: ePO tagging password change (SIEM)
              Scott Taschler

              You got it.

               

              Scott

              • 4. Re: ePO tagging password change (SIEM)
                jorixine

                Awesome Scott, thank you very much!