I just change administrator permissions to include the subkeys as well and I was able to read the registry.
It was really handy, turns out there was four newer domain controllers put in a year ago. The tool mentioned that the RPC connections were fine, but I could see hundreds of password changes queue'd up on the four newer DC's.
It was firewall, I needed to allow port 135 back to the IDM server from the DC's. 135 was open from IDM to them so the tool reported success even though going back to IDM wasn't open.