Open-AudIT

Hi-

Trying to figure out why audit_domain.vbs is failing on execute from a Win machine - script stored on Linux(Centos) box.
( I've been running Open Audit v1 for a few years and have always used Linux install but ran the VBscript on Windows via Samba.)

And now I'm trying OAv2 for the first time - please bear with me.
<smile>

1.
The "audit_windows" script seems to run fine when passing a computer name.
But, audit_domain trips up somewhere...

2.
Here is the last bit of the run:
...
227 of 228
processes running: 2
next system: WIN-VNC
--------------
Now Auditing: y
select name, location, operatingSystem, lastLogon from 'y' where objectclass='computer'
\\mdnoa\other\audit_domain.vbs(132, 2) Provider: Table does not exist.

3.
I've searched for Provider: Table does not exist and have found numerous post on LDAP errors - and not MySQL?
Is the line number in the script the error refers to above?
( using vi - setline num)
132 set objrecordset = objcommand.execute

4.
Is it really looking for the "system" table in mySQL?
Is there an LDAP issue or mis-configuration/incorrect value to "audit_domain"?

5.
Perhaps the syntax here is not correct below in "audit_domain"?
' the name and path of the audit script to use
script_name = "/var/www/html/OAv2/other/audit_windows.vbs"

' set the below to your active directory domain
domain_array = array("LDAP://ou=Company,dc=Company,dc=local")
local_domain = "" ( Should there be a value in here?)

6.
What other details of setup/config might I be missing?

Thx in advance for any help.

-SP

I'd modify the domain_array:
[code]domain_array = array("LDAP://dc=Company,dc=local")
or
domain_array = array("LDAP://Company.local")[/code]
See [url=http://msdn.microsoft.com/en-us/library/windows/desktop/aa746471%28v=vs.85%29.aspx]Searching with ActiveX Data Objects[/url].

Hi Jpa & all-

Thanks for the info.
Appears to be moving thru the array of systems now - made two passes it looks like...

C:\>cscript \\mdnoav2\other\audit_domain.vbs
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

1st pass:
Now Auditing: LDAP://dc=Auxiant,dc=local
select name, location, operatingSystem, lastLogon from 'LDAP://dc=Auxiant,dc=local' where objectclas
s='computer'
number of systems retrieved from ldap: 241
number of filtered systems: 234
--------------
0 of 234
processes running: 1
next system: 2V87W61
--------------

2nd pass:
Now Auditing: LDAP://Auxiant.local
select name, location, operatingSystem, lastLogon from 'LDAP://Auxiant.local' where objectclass='computer'
number of systems retrieved from ldap: 241
number of filtered systems: 234
--------------
0 of 234
processes running: 2
next system: 2V87W61
--------------
C:\>

...then seems to end normally - did "not" check return code.


Script appears to add computer names to the DB but the web portion has an issue when viewing summary?
--> http://mdnoav2/index.php/main/system_display/111

Have you seen this error before?

Summary - <computer name>
An Error Was Encountered
Unable to load the requested file: theme-tango/v_display_.php


-SP

You only want one pass so make sure you have domain_array set and then have local_domain = "". local_domain just gets appended to domain_array. I'm not sure why we have both domain_array and local_domain but for a single domain fill in one or the other.

Haven't seen the display error before. I would check that you have your OAv2 files installed and permissioned correctly per the install readme. I run the back end on Windows so I won't be much help with Linux.

Hi jpa-

Ok - thanks again for your help.

1.
I've set the audit_domain vars as follows:

audit_run_type = "remote" ( this is what I've set in the past in OAv1)
audit_run_type = "local" ( Can I leave both un-commented?)

domain_array = array("LDAP://dc=company,dc=local")
local_domain = ""

2.
Also added this back after looking at a Beta4.0 "audit_domain" script:
operating_system = "Windows XP"

Was set to this?
operating_system = "Server"

3.
Still having issues updating all fields in mySQL w/ audit_domain script.
The "audit_windows" script works fine on its own.

4.
But, it appears that the php menu/links code end up calling missing links - not a perms issue.

This Error is a result of an issue in the DB:
"Unable to load the requested file: theme-tango/v_display_.php"

5.
This is the link I am clicking on:
http://mdnoav2/index.php/main/system_display/49 ( Calling for "system_id" - table/column - "man_type" from MySql DB)

6.
And in the DB query:
mysql> select * from system where system_id=49;
| system_id | system_key | uuid | hostname | domain | description | type | icon | os_group | os_family | os_name | os_version | linked_sys | serial | model | manufacturer | uptime | form_factor | pc_os_bit | pc_memory | pc_num_processor | pc_date_os_installation | printer_port_name | printer_shared | printer_shared_name | printer_color | printer_duplex | man_os_group | man_os_family | man_os_name | man_domain | man_acting_server | man_status | man_environment | man_criticality | man_class | man_description | man_function | man_type | man_ip_address | man_owner | man_org_id | man_location_id | man_location_level | man_location_suite | man_location_room | man_location_rack | man_location_rack_position | man_serial | man_asset_number | man_model | man_manufacturer | man_form_factor | man_icon | man_vendor | man_vm_server_name | man_vm_system_id | man_vm_group | man_cluster_name | invoice_id | man_purchase_invoice | man_purchase_order_number | man_purchase_cost_center | man_purchase_vendor | man_purchase_date | man_purchase_amount | man_warranty_duration | man_warranty_expires | man_warranty_type | man_terminal_number | man_switch_id | man_switch_port | man_patch_panel | man_patch_panel_port | man_wall_port | man_picture | contact_id | man_service_number | man_service_provider | man_service_type | man_service_plan | man_service_network | man_unlock_pin | man_serial_imei | man_serial_sim | last_seen | last_seen_by | last_user | timestamp | first_timestamp |
+-----------+------------+------+------------+---------------+-------------+--------+--------------+----------+-----------+-------------------------------+------------+------------+--------+-------+--------------+--------+-------------+-----------+-----------+------------------+-------------------------+-------------------+----------------+---------------------+---------------+----------------+--------------+---------------+-------------------------------+------------+-------------------+------------+-----------------+-----------------+-----------+-----------------+--------------+----------+-----------------+-----------+------------+-----------------+--------------------+--------------------+-------------------+-------------------+----------------------------+------------+------------------+-----------+------------------+-----------------+--------------+------------+--------------------+------------------+--------------+------------------+------------+----------------------+---------------------------+--------------------------+---------------------+-------------------+---------------------+-----------------------+----------------------+-------------------+---------------------+---------------+-----------------+-----------------+----------------------+---------------+-------------+------------+--------------------+----------------------+------------------+------------------+---------------------+----------------+-----------------+----------------+---------------------+------------------+-----------+---------------------+---------------------+
| 49 | | | accounting | auxiant.local | | system | windows_2003 | windows | | Microsoft Windows Server 2003 | | 0 | | | | | | | 0 | 0 | 0000-00-00 | | | | | | windows | | Microsoft Windows Server 2003 | | no | production | production | normal | | | | | 192.168.010.021 | | 0 | 0 | | | | | | | | | | | windows_2003 | | | | | | NULL | | | | | 0000-00-00 | | 0 | 0000-00-00 | | 0 | | | | | | | 0 | | | | | | | | | 2012-09-15 00:00:00 | active directory | | 2012-10-01 13:08:13 | 2012-09-15 00:00:00 |
+-----------+------------+------+------------+---------------+-------------+--------+--------------+----------+-----------+-------------------------------+------------+------------+--------+-------+--------------+--------+-------------+-----------+-----------+------------------+-------------------------+-------------------+----------------+---------------------+---------------+----------------+--------------+---------------+-------------------------------+------------+-------------------+------------+-----------------+-----------------+-----------+-----------------+--------------+----------+-----------------+-----------+------------+-----------------+--------------------+--------------------+-------------------+-------------------+----------------------------+------------+------------------+-----------+------------------+-----------------+--------------+------------+--------------------+------------------+--------------+------------------+------------+----------------------+---------------------------+--------------------------+---------------------+-------------------+---------------------+-----------------------+----------------------+-------------------+---------------------+---------------+-----------------+-----------------+----------------------+---------------+-------------+------------+--------------------+----------------------+------------------+------------------+---------------------+----------------+-----------------+----------------+---------------------+------------------+-----------+---------------------+---------------------+
1 row in set (0.00 sec)

7.
The link is not complete - the correct file/link is listed here:

# ls -lt code_igniter/system/application/views/theme-tango/v_display_system.php
-rw-r--r-- 1 apache apache 120328 Sep 12 13:29 code_igniter/system/application/views/theme-tango/v_display_system.php

And this PHP template calls this page:
[root@scott-pichelman-linux-test OAv2]# grep -i "v_display_" code_igniter/system/application/views/theme-tango/*
code_igniter/system/application/views/theme-tango/v_template.php: if (strpos($include, 'v_display_') == 0)

8.
We fixed the issue above after adding "system" to man_type in the mySQL DB:

mysql> update system set man_type="system" where system_id=49;
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0

9.
Then, this link worked now - but, still missing data in the DB from the audit scan.
http://mdnoav2/index.php/main/system_display/49

10.
Back to the "audit_domain" script - seems execution gets this far - looping thru and listing computer names from local_domain but does not update all the fields/column info in the DB?

if audit_run_type = "local" then
for i = 0 to ubound(pc_array)
while num_running > number_of_audits
wscript.echo("processes running (" & num_running & ") greater than number wanted (" & number_of_audits & ")")
wscript.echo("therefore - sleeping for 4 seconds.")
wscript.sleep 4000
num_running = HowMany
wend
if pc_array(i) <> "" then
wscript.echo(i & " of " & ubound(pc_array))
wscript.echo("processes running: " & num_running)
wscript.echo("next system: " & pc_array(i))
wscript.echo("--------------")
command1 = "cscript //nologo " & script_name & " " & pc_array(i)
set sh1=wscript.createobject("wscript.shell")
sh1.run command1, 6, false
set sh1 = nothing
num_running = HowMany
end if
next
end if

11.
Not sure why "audit_domain" script ends and does not populate DB with all data for system from "audit_windows" yet...

Any other ideas - much appreciated.

-SP

At this point (unless you've already done it) I'd wipe your database and start over with a fresh clean one. After you've wiped the database I'd make sure that your audit_windows.vbs script will correctly audit a machine and push data to the OA website. Once you know that's working then run the audit_domain.vbs and make sure it populates the data as you'd expect.

audit_run_type can be local or remote. remote has some permission problems in some cases. I'd leave it on local.

operating_system is a filter so it should be operating_system = "Windows" if you want to audit all machines.

It's a bug in the display code of the latest beta.
Will fix asap and upload a new version.
My apologies.

PS - It looks like that audit took its detail from Active Directory and not the actual machine.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.

Thanks Mark and Jpa.

In response to wiping the DB and checking audit_windows - I think the DB is ok.
Does the MVC(Code Ignitor) have the ability to corrupt or "screw up"(technical term) up the DB?
Don't understand that part - but, I know you are more familiar with the design.

Audit_Windows has been fine(good) from the start - no issues.
Audit_Domain appears to be the issue - the looping structure or code does not utilize "audit_windows" properly.
Meaning - it will not add all the data fields to the array and populate the DB - it only grabs system/computer names, operating system and a few other vars leaving the rest of the columns empty for the record in the system table.(Pardon any incorrect terms here)
Does that make sense?

We have OpenAudit(v1) and OAv2 running on the same MySQL server - no issue with either for queries or DB functionality AFAIK, so far.
I can easily wipe out the OAv2 db since I've only populated it with a few machines.

Also - I had not created any Organizations, Groups, Locations or Connections - appears OAv2 created the network(we only have 3 subnets - small company - one AD Domain) and All Devices.
A very simple setup I believe?

Ok- got it - leave local and Operating System(filter) alone - thx.

Good to know - no problem!
The display code bug - that a PHP or Code_Ignitor bug?

Please know that I really appreciate the great work done and time invested with Open Audit(OAv2) and enjoy learning the code and helping in any way I can.

-SP

[quote="spichelman"]Audit_Domain appears to be the issue - the looping structure or code does not utilize "audit_windows" properly.
Meaning - it will not add all the data fields to the array and populate the DB - it only grabs system/computer names, operating system and a few other vars leaving the rest of the columns empty for the record in the system table.(Pardon any incorrect terms here)
Does that make sense?

Hi Jpa-

Yep - if I understand correctly - audit_domain is basically a vbs wrapper w/ a looping code that calls audit_windows.
So - I a confused why it only gathers computer names and not all system info from the audit_windows script.

Here is the result of audit_windows run on a samba share(OAv2 server) from a window server machine:

Y:\>cscript //nologo audit_windows.vbs mdn-test ldap="LDAP://Auxiant.local"
starting audit - mdn-test
Not pinging target, attempting to audit.
My PID is : 6572
Audit Start Time : 2012-10-03 12:39:09
Audit Location: remote
-------------------
system info
windows info
User data is null for physicalDeliveryOfficeName
User data is null for company
Windows User: administrator@auxiant
bios info
scsi info
processor info
memory info
motherboard info
optical info
modem info
video info
monitor info
sound info
disk info
partition info
shares info
network card info
network address info
DNS info
printer info
scheduled tasks
environment variables
logs
pagefile
local users info
local groups info
Codec info
ODBC Driver info
MDAC info
DirectX info
Windows Media Player info
Internet Explorer info
Outlook Express info
Software info
Services info
CD Keys
network routing info
Audit Generated in 57 seconds.
Submitting audit online
Audit Submitted


Response
--------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><meta http-equiv=
"Content-type" content="text/html; charset=utf-8" />
<head>
<title>XHTML-document</title>
</head>

<body>
<a href='http://mdnoav2/index.php/system'>Back to input page</a><br />
<a href='http://mdnoav2/index.php'>Front Page</a><br />
System Key: 4C4C4544-0057-5810-8057-B6C04F373731-mdn-test<br />
Exist Type: full<br />
System id: 1<br />
<b>Update</b><br />
Time: seconds.</body>
</html>
Total Execution Time: 60 seconds.

2.
And in the DB - looks fine:

mysql> select * from system where system_id=1;
+-----------+-----------------------------------------------+--------------------------------------+----------+---------------+-------------+--------+------------+----------+------------+-----------------------------------+------------+------------+---------+---------------+---------------------------+--------+-------------+-----------+-----------+------------------+-------------------------+-------------------+----------------+---------------------+---------------+----------------+--------------+---------------+-----------------------------------+------------+-------------------+------------+-----------------+-----------------+-----------+-----------------+--------------+----------+-----------------+-----------+------------+-----------------+--------------------+--------------------+-------------------+-------------------+----------------------------+------------+------------------+---------------+---------------------------+-----------------+------------+------------+--------------------+------------------+--------------+------------------+------------+----------------------+---------------------------+--------------------------+---------------------+-------------------+---------------------+-----------------------+----------------------+-------------------+---------------------+---------------+-----------------+-----------------+----------------------+---------------+-------------+------------+--------------------+----------------------+------------------+------------------+---------------------+----------------+-----------------+----------------+---------------------+--------------+-----------+---------------------+---------------------+
| system_id | system_key | uuid | hostname | domain | description | type | icon | os_group | os_family | os_name | os_version | linked_sys | serial | model | manufacturer | uptime | form_factor | pc_os_bit | pc_memory | pc_num_processor | pc_date_os_installation | printer_port_name | printer_shared | printer_shared_name | printer_color | printer_duplex | man_os_group | man_os_family | man_os_name | man_domain | man_acting_server | man_status | man_environment | man_criticality | man_class | man_description | man_function | man_type | man_ip_address | man_owner | man_org_id | man_location_id | man_location_level | man_location_suite | man_location_room | man_location_rack | man_location_rack_position | man_serial | man_asset_number | man_model | man_manufacturer | man_form_factor | man_icon | man_vendor | man_vm_server_name | man_vm_system_id | man_vm_group | man_cluster_name | invoice_id | man_purchase_invoice | man_purchase_order_number | man_purchase_cost_center | man_purchase_vendor | man_purchase_date | man_purchase_amount | man_warranty_duration | man_warranty_expires | man_warranty_type | man_terminal_number | man_switch_id | man_switch_port | man_patch_panel | man_patch_panel_port | man_wall_port | man_picture | contact_id | man_service_number | man_service_provider | man_service_type | man_service_plan | man_service_network | man_unlock_pin | man_serial_imei | man_serial_sim | last_seen | last_seen_by | last_user | timestamp | first_timestamp |
+-----------+-----------------------------------------------+--------------------------------------+----------+---------------+-------------+--------+------------+----------+------------+-----------------------------------+------------+------------+---------+---------------+---------------------------+--------+-------------+-----------+-----------+------------------+-------------------------+-------------------+----------------+---------------------+---------------+----------------+--------------+---------------+-----------------------------------+------------+-------------------+------------+-----------------+-----------------+-----------+-----------------+--------------+----------+-----------------+-----------+------------+-----------------+--------------------+--------------------+-------------------+-------------------+----------------------------+------------+------------------+---------------+---------------------------+-----------------+------------+------------+--------------------+------------------+--------------+------------------+------------+----------------------+---------------------------+--------------------------+---------------------+-------------------+---------------------+-----------------------+----------------------+-------------------+---------------------+---------------+-----------------+-----------------+----------------------+---------------+-------------+------------+--------------------+----------------------+------------------+------------------+---------------------+----------------+-----------------+----------------+---------------------+--------------+-----------+---------------------+---------------------+
| 1 | 4C4C4544-0057-5810-8057-B6C04F373731-mdn-test | 4C4C4544-0057-5810-8057-B6C04F373731 | mdn-test | auxiant.local | mdn-test | system | windows_xp | Windows | Windows XP | Microsoft Windows XP Professional | 5.1.2600 | 0 | 6WXW771 | OptiPlex 170L | Dell Computer Corporation | 11868 | Mini Tower | 32 | 524288 | 1 | 2012-05-25 | | | | | | Windows | Windows XP | Microsoft Windows XP Professional | | no | production | production | normal | | mdn-test | | system | 192.168.001.182 | | 0 | 0 | | | | | | 6WXW771 | | OptiPlex 170L | Dell Computer Corporation | Mini Tower | windows_xp | | | | | | NULL | | | | | 0000-00-00 | | 0 | 0000-00-00 | | 0 | | | | | | | 0 | | | | | | | | | 2012-10-03 12:39:09 | audit | | 2012-10-03 12:39:09 | 2012-09-28 14:32:40 |
+-----------+-----------------------------------------------+--------------------------------------+----------+---------------+-------------+--------+------------+----------+------------+-----------------------------------+------------+------------+---------+---------------+---------------------------+--------+-------------+-----------+-----------+------------------+-------------------------+-------------------+----------------+---------------------+---------------+----------------+--------------+---------------+-----------------------------------+------------+-------------------+------------+-----------------+-----------------+-----------+-----------------+--------------+----------+-----------------+-----------+------------+-----------------+--------------------+--------------------+-------------------+-------------------+----------------------------+------------+------------------+---------------+---------------------------+-----------------+------------+------------+--------------------+------------------+--------------+------------------+------------+----------------------+---------------------------+--------------------------+---------------------+-------------------+---------------------+-----------------------+----------------------+-------------------+---------------------+---------------+-----------------+-----------------+----------------------+---------------+-------------+------------+--------------------+----------------------+------------------+------------------+---------------------+----------------+-----------------+----------------+---------------------+--------------+-----------+---------------------+---------------------+
1 row in set (0.00 sec)


3.
And using PHP pages - website search - click on hostname - looks good as well.( All system data appears to be there)
(See attached snapshot)


4.
See attached scripts - audit_windows.vbs and audit_domain.vbs.

Thanks for your quick response.

-SP

Hi Again-

Added a pic/snapshot of audit_domain run result of a machine that has no data.
Also the audit script --> audit_domain.

-SP

Instead of running the manual test against machine mdn-test run it against accounting and see what the output looks like.

Hi Jpa-

1.
Ran against Accounting - however - please understand that any machine I run with audit_windows works fine.

############################################################

Y:\>cscript //nologo audit_windows.vbs accounting ldap="LDAP://Auxiant.local"
starting audit - accounting
Not pinging target, attempting to audit.
My PID is : 4928
Audit Start Time : 2012-10-03 14:10:27
Audit Location: remote
-------------------
system info
windows info
User data is null for physicalDeliveryOfficeName
User data is null for company
Windows User: administrator@auxiant
bios info
scsi info
processor info
memory info
motherboard info
optical info
modem info
video info
monitor info
sound info
disk info
partition info
mount point info
shares info
network card info
network address info
DNS info
printer info

Port: IP_192.168.10.142
IP:
First attempt to detect if PortName matches an IP address
0 Resulting IP is
Not a valid IP address so far. Using PortName.
1 Resulting IP is 192.168.10.142
IP: 192.168.10.142
Status: OK
RegKey: Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\Mailroom\DsDriver\
Colour: 0
Duplex: 1
Printer: SAVIN 4051 -- IP_192.168.10.142 -- 192.168.10.142 -- OK

Port: CRDPTR::192.168.10.24
IP:
First attempt to detect if PortName matches an IP address
0 Resulting IP is
Not a valid IP address so far. Using PortName.
1 Resulting IP is
Assuming printer is attached by network to a hostname, not an IP
Printer has a hostname but no IP. Running NSLookup
2 Resulting IP is
Status:
RegKey: Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\IDCard\DsDriver\
Colour: 1
Duplex: 1
Printer: DTC550 Card Printer -- CRDPTR::192.168.10.24 -- --

Port: IP_192.168.10.127
IP:
First attempt to detect if PortName matches an IP address
0 Resulting IP is
Not a valid IP address so far. Using PortName.
1 Resulting IP is 192.168.10.127
IP: 192.168.10.127
Status: OK
RegKey: Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\Claims\DsDriver\
Colour: 0
Duplex: 1
Printer: Canon iR5070e -- IP_192.168.10.127 -- 192.168.10.127 -- OK

Port: IP_192.168.10.16
IP:
First attempt to detect if PortName matches an IP address
0 Resulting IP is
Not a valid IP address so far. Using PortName.
1 Resulting IP is 192.168.10.16
IP: 192.168.10.16
Status: OK
RegKey: Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\CDR_MKT_Color\DsDriver\
Colour: 1
Duplex: 1
Printer: HP Color LaserJet 4700 -- IP_192.168.10.16 -- 192.168.10.16 -- OK

Port: IP_192.168.10.17
IP:
First attempt to detect if PortName matches an IP address
0 Resulting IP is
Not a valid IP address so far. Using PortName.
1 Resulting IP is 192.168.10.17
IP: 192.168.10.17
Status: OK
RegKey: Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\CDR_Marketing_BLK\DsDriver\
Colour: 0
Duplex: 1
Printer: Canon iR2200-3300e -- IP_192.168.10.17 -- 192.168.10.17 -- OK

Port: CDR_HRA_HP4250
IP:
First attempt to detect if PortName matches an IP address
0 Resulting IP is
Not a valid IP address so far. Using PortName.
1 Resulting IP is
Assuming printer is attached by network to a hostname, not an IP
Printer has a hostname but no IP. Running NSLookup
2 Resulting IP is
Status:
RegKey: Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\CDR_HRA_HP4250\DsDriver\
Colour: 0
Duplex: 0
Printer: HP LaserJet 4250 -- CDR_HRA_HP4250 -- --

Port: IP_192.168.10.50
IP:
First attempt to detect if PortName matches an IP address
0 Resulting IP is
Not a valid IP address so far. Using PortName.
1 Resulting IP is 192.168.10.50
IP: 192.168.10.50
Status: OK
RegKey: Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\Accounting\DsDriver\
Colour: 1
Duplex: 1
Printer: SAVIN 2535/2235 -- IP_192.168.10.50 -- 192.168.10.50 -- OK
scheduled tasks
environment variables
logs
pagefile
local users info
local groups info
Codec info
ODBC Driver info
MDAC info
DirectX info
Windows Media Player info
Internet Explorer info
Outlook Express info
Software info
Services info
mssqlserver
SQL info
SQL Express: n
SQL Server: y
DB Version: 8.00.2039
DB Edition: Developer Edition
DB Login Type: Allow Windows Authentication or SQL Server Authentication
DB Port: 1433
DB Type: SQL Server
SQL State: Running
Which Instance: MSSQLSERVER
Provider=SQLOLEDB;Integrated Security=SSPI;Persist Security Info=False;Data Source=accounting;DATABA
SE=master
DB Instance: MSSQLSERVER
DB Count: 9
DB Name: AuxiantFlex
DB Name: AuxiantFlex_backup
DB Name: helpdesk
DB Name: master
DB Name: model
DB Name: msdb
DB Name: Northwind
DB Name: pubs
DB Name: tempdb
IIS 6 Installed
CD Keys
network routing info
Audit Generated in 770 seconds.
Submitting audit online
Audit Submitted


Response
--------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><meta http-equiv=
"Content-type" content="text/html; charset=utf-8" />
<head>
<title>XHTML-document</title>
</head>

<body>
<a href='http://mdnoav2/index.php/system'>Back to input page</a><br />
<a href='http://mdnoav2/index.php'>Front Page</a><br />
System Key: 4C4C4544-0052-3310-804E-B4C04F433531-accounting<br />
Exist Type: bulk<br />
System id: 49<br />
<b>Update</b><br />
<div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_manufacturer</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 142</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_model</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 150</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_manufacturer</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 142</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_model</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 150</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_manufacturer</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 142</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_model</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 150</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_manufacturer</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 142</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_model</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 150</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_manufacturer</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 142</p>

</div><div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">

<h4>A PHP Error was encountered</h4>

<p>Severity: Notice</p>
<p>Message: Undefined variable: snmp_model</p>
<p>Filename: models/m_printer.php</p>
<p>Line Number: 150</p>

</div>Time: seconds.</body>
</html>
Total Execution Time: 775 seconds.

############################################

2.
Slowly adding some cryptic debugging/logging to the "audit_domain" script to see what could be happening...
Y:\>cscript //nologo audit_domain.vbs ldap="LDAP://Auxiant.local" >> C:\Software\OAv2\Logs\audit_domain.txt

3.
Starts out fine...
Now Auditing: LDAP://dc=Auxiant,dc=local
select name, location, operatingSystem, lastLogon from 'LDAP://dc=Auxiant,dc=local' where objectclass='computer'
number of systems retrieved from ldap: 241
number of filtered systems: 234
--------------
Have list of PC's from AD-LDAP

0 of 234
processes running: 1
next system: 2V87W61
....

233 of 234
processes running: 2
next system: WINXPTEST
--------------

4.
Echo - finished loop here --> "End of Loop - what happened"?

if audit_run_type = "local" then
wscript.echo(run_type)
for i = 0 to ubound(pc_array)
while num_running > number_of_audits
wscript.echo("processes running (" & num_running & ") greater than number wanted (" & number_of_audits & ")")
wscript.echo("therefore - sleeping for 4 seconds.")
wscript.sleep 4000
num_running = HowMany
wend
if pc_array(i) <> "" then
wscript.echo(i & " of " & ubound(pc_array))
wscript.echo("processes running: " & num_running)
wscript.echo("next system: " & pc_array(i))
wscript.echo("--------------")
command1 = "cscript //nologo """ & script_name & """ " & pc_array(i) & " ldap=""" & local_domain & """ "
set sh1=wscript.createobject("wscript.shell")
sh1.run command1, 6, false
set sh1 = nothing
num_running = HowMany
end if
next
end if

--> wscript.echo("End of Loop - what happened?")


5.
"Made it to checking how many cscripts are running" echo line - end of script...

--> wscript.echo("Made it to checking how many cscripts are running...")

Function HowMany()
Dim Proc1,Proc2,Proc3
Set Proc1 = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set Proc2 = Proc1.ExecQuery("select * from win32_process" )
HowMany=0
For Each Proc3 in Proc2
If LCase(Proc3.Caption) = "cscript.exe" Then
HowMany=HowMany + 1
End If
Next
End Function

6.
Will work on adding more debugging - need to see what some of the values of vars set -Ex: run_type" and pc_array, domain_array, etc.
Other ideas I can try?
Thx.

-SP

[quote="spichelman"]
Ran against Accounting - however - please understand that any machine I run with audit_windows works fine.

All the audit_domain script does is query active directory for a list of domain computer names and their operating system. This is filtered according to the contents of the operating_system variable. It then iterates over this array and for each computer, passes it's name to audit_windows. That's all it does. audit_domain does not submit any information to the OAv2 database.

The bug I was referring to occurs when audit_windows cannot find a PC as given to it by audit_domain. audit_windows will then contact active directory and get what little detail active directory can supply about the machine. That is all fine. The bug is that when this (limited) result is submitted, the PHP code did not populate the man_type field - only the type field. When the display_system page is called, if man_type is not set to system, it uses the value for the trailing section of the filename. When it's set to nothing (as you have seen), it creates a bad filename. Hence the bug.

As for what looks like a second issue around SNMP and printers, I'll take a look at that today.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.