The issue was AD permissions. Basically the service account doesn't
have the permissions to access AD objects. I need to refresh my memory
on exactly what I need to set but a Domain Admin account fixed the issue
temporarily. Just thought i'd share that with you.
Ben - Thanks for the reply. I like the idea of agentless scanning.
I already run an agent for SCCM and don't really want to run
another one as the benefits don't seem to be there (I am
evaluating still). But I will see later.
