The scanning engine requires access to the administrative share and the registry to perform trusted scanning of Windows hosts. It is recommended that you verify the functionality of the new account from a remote host before using the account for Windows trusted scanning.
Use one domain member to map the administrative share of another domain member:
Select Run from the Start menu.
Enter cmd.exe and then click OK.
Run this command to test administrative share access:
net use Z: \\<ip address>\C$ /USER:your_domain\qualys_scanner /PERSISTENT:no
Run this command to test registry access:
runas /user:your_domain\qualys_scanner "cmd /k reg.exe query
\\<ip address>\HKLM\Software"
Note: There's a space after "query" and before "\\<ip address>"
Running these tests is highly recommended to ensure that the scanning engine has system level access to the target Windows hosts. Many vulnerability checks for vulnerability scans and many compliance checks for compliance scans depend on system information that comes from the administrative share and registry on each target host.