Open-AudIT

What's on your network?
It is currently Wed Jan 24, 2018 12:16 am

All times are UTC + 10 hours




Post new topic Reply to topic  [ 23 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: OA2 - Alpha3 - Feedback
PostPosted: Fri Jun 11, 2010 1:51 am 
Offline
Helper

Joined: Tue Jul 25, 2006 2:33 am
Posts: 83
Location: Hampshire, UK
Mark,
Glad to see Alpha 3 is out!
Is the database compatible with Alpha 2 or do we have to start over?

Thanks,
John

_________________
OA environment:
OA Server: Ubuntu 10.04LTS
1 Windows 2008R2 Server
4 Windows 2003 Servers
20 Windows XP workstations
1 Windows 7 workstation
2 Ubuntu 11.10 servers
Misc other networked items


Top
 Profile  
Reply with quote  
PostPosted: Fri Jun 11, 2010 4:10 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1228
Gave it a try and here's what I've seen so far.

Missing www\theme-tango\28_*.png's. These were included in the last alpha.

Still doesn't work with MySQL strict mode enabled database servers. It looks like version 2 of the Codeigniter framework will help with finding these problems with the stricton database config. To get it working I added the following to system\database\DB.php just before the 'return $DB;".
Code:
$DB->query('SET SESSION sql_mode=""');


I think the $system_folder setting in index.php should use single quotes for the string and the code to handle Windows paths doesn't work. If one is lazy and cut-n-paste's the codeigniter path we get something like
Code:
$system_folder = "C:\Program Files\Apache Software Foundation\Apache2.2\var\www\openaudit2\code_igniter\system";    // Windows

With double-quoted strings the \v in \var gets turned in to a vertical tab in php >= 5.2.5.

I see there is code to deal with the above path but I don't think it works. I think it needs the path separator swap before the full-server path expansion.
Code:
// Swap directory separators to Unix style for consistency
$system_folder = str_replace("\\", "/", $system_folder);
 
if (strpos($system_folder, '/') === FALSE)
{
   if (function_exists('realpath') AND @realpath(dirname(__FILE__)) !== FALSE)
   {
      $system_folder = realpath(dirname(__FILE__)).'/'.$system_folder;
   }
}


Unless you're going to add the option for IE post back I think you should remove the following from audit_windows.vbs:
Code:
ie_visible = "y"
ie_auto_submit = "y"
ie_auto_close = "n"
use_proxy = "n"


In audit_domain.vbs I had to comment out the if(operating_system > "") check. The script_name can't contain spaces. The example uses a full path so if your path contains spaces you need to use the script name only or change the run command to quote the script_name path.

I'll continue to poke at it.


Top
 Profile  
Reply with quote  
PostPosted: Fri Jun 11, 2010 7:30 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1935
Location: Brisbane, Australia
Quote:
Is the database compatible with Alpha 2 or do we have to start over?

I have made changes to the schema.
It may work with the Alpha 2 database, but I've not tested it.
Best to start over :-)

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Fri Jun 11, 2010 7:48 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1935
Location: Brisbane, Australia
Quote:
Missing www\theme-tango\28_*.png's. These were included in the last alpha.

Yeah - the theme doesn't use them anymore.
I can post them if you want them...

Quote:
Still doesn't work with MySQL strict mode enabled database servers.

Didn't realise that. My dev box at the moment is just using XAMPP (and another using XAMPPLite). Will take a look at it - thanks.

Quote:
$system_folder setting in index.php

Thanks - my path doesn't include spaces, so I've not run into that issue. Shall fix.

Quote:
Unless you're going to add the option for IE post back

Yeah - this is simply legacy crap. Shall delete.

Quote:
In audit_domain.vbs I had to comment out the if(operating_system > "") check.

I think something like this was experienced by people last time. Weird. Doesn't occur for me (on Win XP SP3). Will try it on some other Windows OS's I have access to.

Thanks very much for the feedback - much appreciated.

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Fri Jun 11, 2010 7:53 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1228
Mark wrote:
Quote:
Missing www\theme-tango\28_*.png's. These were included in the last alpha.

Yeah - the theme doesn't use them anymore.
I can post them if you want them...

I only said they were missing because the Logout button image was missing for me. I assumed they got left out on accident. May be the Logout button just missed getting its theme updated.

For the operating_system check how about something less magic like
Code:
if (len(operating_system) > 0) then


Top
 Profile  
Reply with quote  
PostPosted: Wed Jun 16, 2010 6:35 am 
Offline
Helper

Joined: Fri Feb 19, 2010 1:02 am
Posts: 67
Location: Washington State, USA
So it seems to be much improved over OA2a2, but I found that it is not pulling the License Keys for Office 2007 or higher, or for Windows 7 and Windows 2008 Server.

It will pull the keys for Office 2003 on Windows 7, so it has to be a change Microsoft has made in how it stores the keys for its newer software, so in case all of this is confusing here is a list of what it is not pulling license keys for:

Office 2007
Office 2010
Windows 7
Windows 2008 Server

Keep up the good work.

_________________
Server Info:
OA: v1.0.3
OS: Ubuntu 13.04 on Hyper-V for Website (LAMP)
OS: Windows Server 2008 R2 for Script (Domain Server)
Auditing: 366 Machines (XP/Win7/Ubuntu)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Sat Jun 19, 2010 12:10 am 
Offline
Newbie

Joined: Wed Jun 16, 2010 9:23 pm
Posts: 3
I have OAv2 installed in a subdirectory in WWW home and the excel link has bad reference.

When I tried to use the audit domain script and leaved the OS version filter empty it returned the number of computers found in domain, but the array list with the computer names will remain empty.

The original code is:
Code:
if (operating_system > "") then
        if (instr(computer_os, operating_system) > 0) then
                pc_array(count) = strcomputer ' feed computers into array
                count = count + 1
        end if
end if


Proposed solution:
Code:
if ( (len(operating_system)>0 and instr(computer_os, operating_system)>0) or (len(operating_system)=0) ) then
        pc_array(count) = strcomputer ' feed computers into array
        count = count + 1
end if


Top
 Profile  
Reply with quote  
PostPosted: Fri Jun 25, 2010 12:14 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1935
Location: Brisbane, Australia
I actually have this in the version I currently use.
Apologies, it never made it into the release version...



Code:
if ((operating_system > "") AND (instr(computer_os, operating_system) > 0)) then
      pc_array(count) = strcomputer ' feed computers into array
      count = count + 1
end if


I've now updated it to look like this.

Code:
do until objrecordset.eof
   strcomputer = objrecordset.fields("name").value
   computer_os = objrecordset.fields("operatingSystem").value
   if ( ((len(operating_system) > 0) AND (instr(computer_os, operating_system) > 0)) OR (len(operating_system) = 0) ) then
      pc_array(count) = strcomputer ' feed computers into array
      count = count + 1
   end if
   objrecordset.movenext
loop

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Sat Jul 10, 2010 10:10 am 
Offline
Newbie
User avatar

Joined: Wed Apr 02, 2008 8:45 am
Posts: 21
So far, still will use OA1 love the layout and the audit scripts.

I did install OAv2 today and gave it a spin. I can also attest that no ms 2007 keys are discovered only 2003 or lower. And the logout icon is also missing.

Really miss the dell link.

I don't see the software register am I blind?

Also not fond of the information menu layout.

_________________
Jon
The Tech Guy
http://www.thetechguyusa.com


Top
 Profile  
Reply with quote  
PostPosted: Sat Jul 10, 2010 8:36 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1935
Location: Brisbane, Australia
Quote:
I don't see the software register am I blind?

NO, it's not in there as yet.
Quote:
Also not fond of the information menu layout.

Besides "not fond of", any feedback on why or what you'd like to see ?

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 15, 2010 1:06 am 
Offline
Newbie

Joined: Mon Mar 02, 2009 9:50 pm
Posts: 4
Enumerating CDROMs fails:
http://trycatch.be/blogs/scratchthesurface/archive/2007/07/11/error-0x80041004-when-using-wmi-to-enumerate-cd-rom-devices.aspx
hotfix - http://support.microsoft.com/kb/823778
it would be better to include line 473
Code:
on error resume next

in these tests, so there would be wider coverage of audit.

I will do another scan tomorrow to see if there will be much wider coverage (up to 2000 computers).
Wouldn't be a good option to log failed audits?

HaND


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 15, 2010 9:17 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1935
Location: Brisbane, Australia
Have added the "on error" with a reference to the KB article.
Logging failed audits would be great... I think the Open-AudIT script does this ? (damn brain - can't remember this stuff)

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 15, 2010 6:53 pm 
Offline
Newbie

Joined: Mon Mar 02, 2009 9:50 pm
Posts: 4
NO there isn't. There is only logging for hung processes.
For preliminary exiting processes there isn't any logging (need to check if scanned computer also submitted audit report to server).

HaND


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 15, 2010 10:47 pm 
Offline
Newbie

Joined: Mon Mar 02, 2009 9:50 pm
Posts: 4
In network autogenerated groups there's bug in SQL, which make them extremely slow. Should be rewritten like these:
Code:
SELECT
   distinct(system.system_id)
FROM
   system,
    sys_hw_network_card,
    sys_hw_network_card_ip
WHERE
   (sys_hw_network_card_ip.ip_address_v4 >= 'xxx.xxx.xxx.xxx' AND
   sys_hw_network_card_ip.ip_address_v4 <= 'yyy.yyy.yyy.yyy' AND
   sys_hw_network_card_ip.ip_subnet = '255.255.255.0' AND
   sys_hw_network_card_ip.net_mac_address = sys_hw_network_card.net_mac_address AND
   sys_hw_network_card.system_id = system.system_id)
UNION
SELECT
   distinct(system.system_id)
FROM
   system
WHERE
   (system.man_ip_address >= 'xxx.xxx.xxx.xxx' AND
   system.man_ip_address <= 'zzz.zzz.zzz.zzz')


Top
 Profile  
Reply with quote  
PostPosted: Wed Jul 21, 2010 11:22 pm 
Offline
Newbie

Joined: Tue Mar 16, 2010 10:44 pm
Posts: 25
Location: Germany
I've tested a little bit and recognized that the "refresh" of a report (e.g. Software - Installed to Software - Updates) doesn't work well. (OpenSuse 11.2 and Firefox 3.5.5)
It shows me the "top - down" view:
If I start at "Software - Keys" and change to "Hardware - Motherboard" then "Keys" is last in line.
This is on purpose and "by design" or just an error?

*later* IE 8 under Windows 7 (default settings) totally wrecks the entire view plus an additional logon on every site.

4077


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 23 posts ]  Go to page 1, 2  Next

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 6 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group