Hello All, I'm having some problems running an audit on my windows domain. I am able to audit the local system without any problems. When i run audit.vbs, the only output i seem to get is "Customer specific audits". I am able to access the "ie_form_page" from any domain computer, but could there be a permission problem with writing? I'm not totally sure how i should be managing the permissions on the wwwroot. I have posted my audit.config file below.
Other info: OS: Windows Server 2008R2, w/ IIS7, PHP 5.3.6
' ' Standard audit section ' audit_location = "r" verbose = "n" audit_host="http://support" online = "yesxml" strComputer = "" ie_visible = "n" ie_auto_submit = "y" ie_submit_verbose = "n"
'ie_form_page = audit_host + "/admin_pc_add_1.php" ie_form_page = "http://aldenaudit/admin_pc_add_1.php"
'non_ie_page = audit_host + "/admin_pc_add_2.php" non_ie_page = "http://aldenaudit/admin_pc_add_2.php"
input_file = ""
' ' Email authentication ' '
email_to = "chead@aldenlab.com" email_from = "openaudit@aldenlab.com" email_sender = "Open-AudIT" email_server = "gmail-smtp-in.l.google.com ' IP address or FQDN email_port = "25" ' The SMTP port email_auth = "0" ' 0 = Anonymous, 1 = Clear-text Authentication, 2 = NTLM email_user_id = "example@example.com" ' A valid Email account in user@domain format email_user_pwd = "some_password" ' The SMTP email password email_use_ssl = "false" ' True/False email_timeout = "60" ' In seconds send_email = "true" ' True/False - Enable/Disable email sending
audit_local_domain = "y" ' 'Set domain_type = 'nt' for NT4 or SAMBA otherwise leave blank or set to ldap domain_type = "LDAP"
local_domain = "LDAP://aldenlab.com"
' ' Example Set Domain name for NT ONLY for LDAP use the above format ' NOTE This is Case Sensetive. See the example below. ' 'local_domain = "WinNT://IEXPLORE" 'local_domain = "WinNT://<domainname>" '
hfnet = "n" Count = 0 number_of_audits = 10 script_name = "audit.vbs" monitor_detect = "y" printer_detect = "y" software_audit = "y" uuid_type = "uuid" ' ' Nmap section ' nmap_tmp_cleanup = true ' Set this false if you want to leave the tmp files for analysis in your tmp folder nmap_subnet = "192.168.171." ' The subnet you wish to scan nmap_subnet_formatted = "192.168.171." ' The subnet padded with 0's nmap_ie_form_page = audit_host + "/admin_nmap_input.php" nmap_ie_visible = "n" nmap_ie_auto_close = "y" nmap_ip_start = 1 nmap_ip_end = 254 nmap_syn_scan = "y" ' Tcp Syn scan nmap_udp_scan = "y" ' UDP scan nmap_srv_ver_scan = "y" ' Service version detection. nmap_srv_ver_int = 9 ' Service version detection intensity level. Values 0-9, 0=fast
|