Using a service account from a different domain

One thing you can try is to disable the service manager TCP connection option, so that it only uses named pipes.  TCP has issues when connecting across domains which named pipes doesn't have.  In Preferences -> Performance set the Service Manager TCP Connection to Disabled.  

Thanks Adam,

I tried your suggestion and rescanned the collection.

The Scan Status now says, "Access Denied - Failed to connect to ADMIN$ share"

Are you entering the credentials as domain\UserName ?

It sounds like the service isn't fully authenticating to the target computers.  Are the background service user and the scan user the same?  Are you able to open the ADMIN$ share on the target computers with Windows Explorer using the scanning credentials?  

@ Selfman: Yes, domain\username are being used. In fact, these credentials are successfully being used in it's home domain.

@Adam: I actually logged into a local laptop with what I'll call the, 'Domain B Admin account' and found that it doesn't have admin access on the laptop; even though it's part of the Builtin/administrators group in this, 'Domain A'...

Definitely looking like a Windows credentials issue.

The weird part is, there are a few computers that do check out in the PDQ inventory list ok.

A couple more tidbits of info:

• all machines are Windows 7
• group policy is enforcing the firewall OFF successfully

One thing we've found is that turning the firewall off on Windows 7 can cause connectivity problems, since the firewall service is used to perform some of the authentication.  Try turning the firewall on and see if it helps.  Make sure to set these exceptions:

http://support.adminarsenal.com/entries/21531976-Windows-Firewall-Ports-and-Exceptions

Thanks Adam,

I'll move a couple machines into a test OU and try this out.

Once I had some issues with stored credentials which were in conflict. The simplest thing is to clean them up.

Control Panel\User Accounts and Family Safety\Credential Manager