I wanted to highlight one key difference in the latest version of the PI Data Archive, PI 2018 SP3 Patch 1. This patch is a security update to fix a few issues, but it also brings one key difference in how PI services run on the Data Archive server.
The release notes state: "All subsystems are now running under Least Required Privileges"
This means that any PI services that used to run as Local System will now run under a much lower privilege account. Practically it means that interfaces that run on your PI Data Archive server - like PI Performance Equation Scheduler - now run as a different account and may not authenticate to your PI server the same way.
I encountered this with a test system where PI Performance Equation Scheduler would not start, failing to connect with the dreaded "No Trust" error:
New Pinet 1 connection: PipeE No Trust established for: machinename|127.0.0.1|PipeE. Explicit login is required for access.
and issuing an Error -10400: pipt_nextptwsourcelong failed for point source UI_IF_INFO error.
A quick look at the Windows services shows that PI Performance Equation Scheduler is running as NT SERVICE\pipeschd now.
One fix is to add a trust to match the PipeE application name, and the PI Data Archive server's IP address, to map to an identity that has enough privilege.
I see this security fix as a positive change, but it can introduce little quirks like this. Please test before implementing new versions of PI!
EDIT: The reason why this wasn't working for this test system was because the "loopback trust" Proxy_127 that maps all connections from 127.0.0.1 wasn't present on this test system.