If the "Runas" user for the agent scan group does not have admin access to target systems, or if the target systems are not domain members or are on domains other than the Enterprise Coordinator / Site Coordinator system, additional Credential settings within Datacenter are required.
In order for a scan group to successfully scan remote servers, valid administrative credentials will need to be applied to the agent scan group in question.To apply one or more credential entries (Datacenter will try each credential listed if the first or subsequent credentials fail) follow steps given below:

1. For DLP 9.x, make sure that the credential needed is added under the Admin->Users & Groups->Credentials page.

2. Edit the configuration for the Agent scan group in question on the Admin->Datacenter page or sub page.

3. On the edit Agent Group screen select the Optional Settings button

4. Select the Credentials tab and select/insert one or more accounts you wish to use to scan the remote machines.
5. There are two sections in the credentials page. The top section is for entering domain credentials for machines that are joined to a domain and the bottom section is for entering credentials for machines that are not part of a domain.

1. In the top section use the domain credential in the format domain\account name, for example RSA\AdminUser. For 9.x, this credential has to be entered in Step 1.

Or

2. In the lower section, gain access to machines that are not in an Active Directory. Please provide credentials in NTLM format, e.g. Machine\AdminUser. For 9.x, this credential has to be entered in Step 1.