running epo 5.3.1 with HF1080544 and HF1102635. AV 8.8 on all server. Current branch running Agent 22.214.171.1248 without any issues. I've checked in agent 126.96.36.199 into evaluation and deployed that to a few testsystems. I think I need an idiot check / confirmation. I can't get agent 5.0.2 to get in managed state. When I update them through ePo, the agent gets in unmanaged state and will not comunicate to ePo:
C:\Program Files\McAfee\Agent>cmdagent -i
Component: McAfee Agent
InstallLocation: C:\Program Files\McAfee\Agent\
EpoServerList: xxx <-- masked, but absolutely correct
Failed to get value of EpoServerLastUsed
C:\Program Files\McAfee\Agent>cmdagent -c
2015-12-22 10:32:57.357 cmdagent(1116.3060) cmdagent.Info: Agent is running in unmanaged mode. Can not check new policies.
I've tried to uninstall the agent (with /forceuninstall) and redeploy it. Same issue. Installed it from commandline, same issue. I tried to enable the debuglog (loglevel 8) on the agent but for some reason it doesn't generate a logfile at all (or at least I can't find it where it should be) which is another issue. Now I know 5.0.0 could not communicate without SSL, which was supposedly fixed in 5.0.1. I have SSL enabled and working, port 18443 as shown above is my SSL port. 4.8 agents connect to that just fine. Checking with a browser reveals SSL is in place with the correct selfsigned cert. I've tried redeploying the agent with Access protection and mcshield disabled, to prevent McAfee files being updated by itself (I don't think it would need that but who knows). Still no luck. I've got a few machines in a different subnet, I checked the firewall logs and the agent doesn't even seem to try to connect to the ePo server at all on either port.
I've been staring at this for about 8 hours, but it can't be that difficult. I think I need a pair of fresh eyes. Anyone?