there is an alternative to "enabling administrator"
Create a service account that is part of the domain admin group. Give the account a strong password. Use this service account to log on to the endpoints.
Once the scan is done , you can remove it.
Thank you for advice koseelen ,, I tried to do so, the success was limited due to - I quote from the mentioned McAfee article-;
"Other user accounts, even if they are part of the administrators group, do not have permissions to map the C$ share by default. This is caused by a change in handling of access tokens known as User Access Control (UAC). The inability to map C$ will prevent Windows-specific credentialed scripts from functioning properly."
I want to take advantage of all scanning scripts of the authenticated scan WITHOUT using the "administrator" account. I believe there should be a way to configure either Windows or scanner to overcome the mentioned obstacle..
Is the domain admin group part of the local admin group on the endpoints ?
This would allow for the c$ and admin$ connections.
Alternatively you ca have a look at this https://support.microsoft.com/en-us/kb/951016.