OC Scanner is placed on a server that can access the Sharepoint server over the network (remote scan).
OC Scanner is placed on the Sharepoint server itself (local scan).
OC Scanner scan file is created on the OC Configurator server, with the appropriate credentials/IP/FQDN, and Scheduler details.
User account that is running the scan, has permissions on the Sharepoint server software itself.
CredSSP Authentication is enabled on both the OC Scanner server, and the Sharepoint server itself (required for both local, and remote scan mode for SP 2010).
If running the Sharepoint 2010 scan in local mode, the Sharepoint server itself is both the CredSSP client and server at the same time.
Setting the correct scan user permissions (see above).
Enable CredSSP Authentication (see above).
Additional requirements:
Use gpedit.msc on the CLIENT (OC Scaner server) to enable Delegating Fresh Credentials to WSMAN/*:
Expand Local Computer Policy, expand Computer Configuration, expand Administrative Templates, expand System, and then click Credential Delegation.
In the Settings pane, double-click Allow Delegating Fresh Credentials with NTLM-only Server Authentication.
In the Allow Delegating Fresh Credentials with NTLM-only Server Authentication dialog box, do the following:
Click Enabled.
In the Options area, click Show.
In Value, type WSMAN/*, and then click OK. Make sure that Concatenate OS defaults with input above is selected, and then click OK.
The following needs to be done on each Sharepoint 2010 server:
If only Powershell 2 is installed on the server, run this command without -PSVersion 2.0: