Just a simple vulnerability assessment/scan to determine software levels, vulnerable software installations, users, misconfigurations, etc using basic/standard scan policies from any vulnerability software (openvas, nexpose, nessus, etc).
In most cases I have come up against, the vulnerability scanning tools need credentials so it can authenticate to a machine to perform the necessary enumeration of users, user configurations, software installed, services, etc.
The challenge is not everyone has a domain structure where a domain user can be added that would have rights, or a tool (group policy) to make sure there are standard configs in an environment.
I was 'hoping' someone has already had this experience and perhaps has a better solution that what I have come up with so far - going to each machine and configuring it as necessary...