To ensure that Windows agent computers can run queries on IIS endpoints, you must ensure that local and domain group policies allow NetIQ VBscripts to run.
To enable NetIQ VBscripts:
(Conditional) To create a local policy, log on with a local administrator account to the computer where you want to create the new software restriction policy.
(Conditional) To create a domain group policy, log on with a domain administrator account to the domain controller where you want to create the new software restriction policy.
Open the group policy editor for the local computer or the domain group policy object (GPO).
In the policy editor, navigate to Security Settings\Software Restriction Policies\Additional Rules.
Right-click Additional Rules, and then select New Certificate Rule.
Click Browse, and then navigate to the NetIQ Corporation.cer file in the Vulnerability Manager Agent folder, by default the following location:
\%Program Files%\NetIQ\Secure Configuration Manager\NetIQ Security Agent for Windows
Click Open.
For Security level, select Unrestricted.
Click OK to enable the new software restriction policy.