Based on Technical Articles ID: KB52601. McAfee KnowledgeBase - How to configure Microsoft Windows Vista and Windows 7 to be scanned by Vulne...
based on the requirements of this article, do you have an idea if allowing the remote registry with "Read only" access to the user can solve the issue?
Have anyone tried to do the authenticated scan with with a user other than "Administrator" ? is there any workaround the C$ issue? I cannot enable "Administrator" account on my network
Also if anyone had tried to enable Remote Registry service with read-only access ,, did it work or not?
there is an alternative to "enabling administrator"
Create a service account that is part of the domain admin group. Give the account a strong password. Use this service account to log on to the endpoints.
Once the scan is done , you can remove it.
Thank you for advice koseelen ,, I tried to do so, the success was limited due to - I quote from the mentioned McAfee article-;
"Other user accounts, even if they are part of the administrators group, do not have permissions to map the C$ share by default. This is caused by a change in handling of access tokens known as User Access Control (UAC). The inability to map C$ will prevent Windows-specific credentialed scripts from functioning properly."
I want to take advantage of all scanning scripts of the authenticated scan WITHOUT using the "administrator" account. I believe there should be a way to configure either Windows or scanner to overcome the mentioned obstacle..
Is the domain admin group part of the local admin group on the endpoints ?
This would allow for the c$ and admin$ connections.
Alternatively you ca have a look at this https://support.microsoft.com/en-us/kb/951016.