Open-AudIT
https://www.open-audit.org/phpBB3/

audit user accounts
https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=6514
Page 1 of 1

Author:  vanderheyde [ Fri Feb 19, 2016 2:50 am ]
Post subject:  audit user accounts

We keep record of both computers and user accounts. AD users, office 365 accounts, logins for the ISP, etc.

Would it be possible to get this info into open-audit in some way? We're currently using spreadsheets on Sharepoint to audit both computers and accounts, but it would be so much easier if we could combine these in open audit. I'm not expecting any sort of automation on the account auditing (besides maybe AD users, but manually will do, too).

Is there a way I can create a new type for this?

thanks

Author:  Mark [ Mon Feb 22, 2016 9:42 am ]
Post subject:  Re: audit user accounts

Using the audit scripts should get you the accounts on each computer.
You can see them in the Device Details -> Settings -> Users.
Is this not what you want?

There is also the Elevated Users report (works for Windows users only at the moment).

Author:  vanderheyde [ Mon Feb 22, 2016 6:25 pm ]
Post subject:  Re: audit user accounts

I'm looking for slightly more than that. I'm think of an 'item' per user, instead of having a user attached to the item of a device.

Besides windows/AD users, I'd like to be able to add accounts that have nothing to do with the pc/os. Office 365 accounts, logins for the ISP, FTP accounts for the hosting, etc. And being able to enter a password for each of these accounts, and a small note/name for them.

For example:

Office 365 account
name: bob bobson o365
email: bob@example.com
password: P@ssword
notes: has administrator permissions

would be nice to have:
Send as permissions: john@example.com
Full access: john@example.com
licence: Business Premium


And for non office 365 email accounts, pop/imap/smtp server would be handy to have in there as well.

If we could get all info in open audit instead of only the pc's/servers, it would make everything so much smoother. Excel works too slow to look something up quickly, so this would be a godsend.

Author:  Mark [ Tue Feb 23, 2016 12:22 pm ]
Post subject:  Re: audit user accounts

So a purely manual input of user details?
Personally I'd not have an issue, except for passwords.
What about something like [url=http://keepass.info/]KeePass[/url]?
I'm not trying to say 'no', but storing of passwords is not something that should be taken lightly. There are entire applications just for this - KeePass, LastPass, et al.

Author:  vanderheyde [ Tue Feb 23, 2016 8:25 pm ]
Post subject:  Re: audit user accounts

True, and keepass is another route we're looking at for the passwords. However, keepass doesn't offer much in terms of multiple users, access permissions, read-only, etc. Since openaudit already stores credentials for every device, I figured, why not put the users in there too? Our open audit server is only accessible internally, so that would reduce the risk as well.

It would indeed be a purely manual input of user details.

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/