Open-AudIT

What's on your network?
It is currently Fri Jan 19, 2018 9:21 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 38 posts ]  Go to page Previous  1, 2, 3  Next
Author Message
PostPosted: Wed Jan 09, 2008 1:00 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Does the user display OK on the system page, I see something like Domain\\Username.. not a big issue, as the AD stuff is OK, but slightly odd.
Anybody else have this issue?

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Fri Jan 11, 2008 3:38 am 
Offline
Contributor

Joined: Fri Sep 28, 2007 12:07 am
Posts: 189
A_Hull wrote:
Does the user display OK on the system page, I see something like Domain\\Username.. not a big issue, as the AD stuff is OK, but slightly odd.
Anybody else have this issue?


I concur,

I really do not like the "\\" between the domain name and username.

Can this be reverted back to "\" instead?

Thanks

Jason

_________________
OA Deployment:
Windows 2003 with XAMPP install
80 Windows Servers
250 Windows workstations (mixed XP and 2000)
5 MACs
Multiple printers, switches, routers, firewalls, and other servers (ESX, AIX etc.)


Top
 Profile  
Reply with quote  
PostPosted: Fri Jan 11, 2008 7:24 am 
Offline
Newbie

Joined: Fri Mar 17, 2006 4:46 am
Posts: 13
That's odd... I do not get the \\ between the user name and domain... I only get \... In fact with out this I was like the rest in this thread and I was getting DOMAINNAMEusername jumbled together without a \... And now the links to get the LDAP info for the user work perfectly...

Could this be an issue between linux and windows servers?? My Open-Audit is running on windows... What are you \\ people running it on??


Top
 Profile  
Reply with quote  
PostPosted: Fri Jan 11, 2008 6:32 pm 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
W2k3 SP2 / IIS 6 / PHP 5.2.1 and I have the double backslash issue...
Only those of you having the DOMAINusername issue (no backslash between domain and username), please try this:
- set in your running php.ini
Code:
magic_quotes_runtime = On

- restart your web service
- revert audit.vbs to the original
Code:
form_input = "system01^^^" & clean(net_ip_address) & "^^^" & clean(net_domain) _
                       & "^^^" & clean(net_user_name) & "^^^" & clean(net_client_site_name) _
                       & "^^^" & clean(Replace(net_domain_controller_address, "\\", "")) & "^^^" & clean(Replace(net_domain_controller_name, "\\", "")) & "^^^"
entry form_input,comment,objTextFile,oAdd,oComment

- audit systems again and let us know what you see.

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Fri Jan 11, 2008 11:56 pm 
Offline
Helper

Joined: Sat Sep 17, 2005 7:15 am
Posts: 71
I gotta say, I'm not seeing this issue. I looked at my system page and everything is showing up with a single backslash.

Is there somewhere else I should be checking?

_________________
Server Info:
OS : Windows Server 2003
Auditing: ~300 machines
LDAP: Windows Server 2003 Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Sat Jan 12, 2008 1:07 am 
Offline
Newbie

Joined: Fri Mar 17, 2006 4:46 am
Posts: 13
Well now that to me seems like a tough call... If you are going to require that setting in PHP to be on then changing it should be included in the documentation... Otherwise I beleive the script should be modified so both php and open-audit can work out of the box... Me personally I would lean towards the later since out of the box functionality is always more preffered to me...


Top
 Profile  
Reply with quote  
PostPosted: Sat Jan 12, 2008 1:18 am 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
jsherman wrote:
Well now that to me seems like a tough call... If you are going to require that setting in PHP to be on then changing it should be included in the documentation... Otherwise I beleive the script should be modified so both php and open-audit can work out of the box... Me personally I would lean towards the later since out of the box functionality is always more preffered to me...

But did you (and anybody else previously having the DOMAINusername issue) try if that fix works for you? What is the developers team point of view?

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Mon Jan 14, 2008 8:25 pm 
Offline
Contributor

Joined: Fri Jul 28, 2006 6:30 am
Posts: 157
Location: London
jsherman wrote:
Well now that to me seems like a tough call... If you are going to require that setting in PHP to be on then changing it should be included in the documentation... Otherwise I beleive the script should be modified so both php and open-audit can work out of the box... Me personally I would lean towards the later since out of the box functionality is always more preffered to me...


Rather than having to modify PHP.INI, couldn't we use the set_magic_quotes_runtime() function within the OA code to configure this setting?
http://uk.php.net/set_magic_quotes_runtime

Cheers, Nick.

_________________
Cheers, Nick.

OA Server: Windows Server 2003 / Apache 2
Auditing: 1600 Workstations, 200 Servers
OS's: Windows XP / Windows 2000 / Windows 2003 Server / Windows Vista
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Mon Jan 14, 2008 9:40 pm 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
Hi Nick, although interesting, I don't think it could be added to the code for various reasons:
- it could work for those seeing DOMAINusername, but it would negatively influence also those of us correctly seeing DOMAIN\username with the original audit.vbs
- it would require (I think) allowing the web service user the right to modify the php.ini file (not secure)
- changes to php.ini require restarting the web service to be applied.
So, is it working for you as I proposed on 11 Jan 2008 09:32 ?

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Mon Jan 14, 2008 10:54 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
I thought I'd add my pennyworth...

Why don't we store the value as username@domain, or possibly even in two separate fields net_user_name and net_user_domain, and then display it as \\net_user_domain\net_user and net_user@net_user_domain on the page.

That way we can deal with both the Windows NT convention (\\DOMAIN\USERNAME) and the Active Directory convention (user@domain or user@fully.qualified.domain)

The underlying php logic can then take care of how to correctly form the URLs and Links, based on the data.

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Mon Jan 14, 2008 11:18 pm 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
A_Hull wrote:
I thought I'd add my pennyworth...

Why don't we store the value as username@domain, or possibly even in two separate fields net_user_name and net_user_domain, and then display it as \\net_user_domain\net_user and net_user@net_user_domain on the page.

That way we can deal with both the Windows NT convention (\\DOMAIN\USERNAME) and the Active Directory convention (user@domain or user@fully.qualified.domain)

The underlying php logic can then take care of how to correctly form the URLs and Links, based on the data.

Yes Andrew, but consider that the username property from win32_computersystem is in the DOMAIN\username format and the domain property is in the FQDN format.

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Mon Jan 14, 2008 11:51 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
So it might be best to sort out the existing code so it woks for everybody... We could simply store the \ character as data as character &H92 and swap back when displaying. What do you think?

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Tue Jan 15, 2008 7:04 pm 
Offline
Contributor

Joined: Fri Jul 28, 2006 6:30 am
Posts: 157
Location: London
Quote:
Yes Andrew, but consider that the username property from win32_computersystem is in the DOMAIN\username format and the domain property is in the FQDN format.


We're already doing this conversion for "net_domain" in the script so it would be trivial to do the same for "net_user_name".

Cheers, Nick.

_________________
Cheers, Nick.

OA Server: Windows Server 2003 / Apache 2
Auditing: 1600 Workstations, 200 Servers
OS's: Windows XP / Windows 2000 / Windows 2003 Server / Windows Vista
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Tue Jan 15, 2008 8:45 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Am I missing the obvious here, surely we should be logging all three things. username ntdomain and activedirectorydomain since all three are useful to us. :shock:

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Wed Jan 16, 2008 2:52 am 
Offline
Contributor

Joined: Fri Sep 28, 2007 12:07 am
Posts: 189
A_Hull wrote:
Am I missing the obvious here, surely we should be logging all three things. username ntdomain and activedirectorydomain since all three are useful to us. :shock:


true. can we revert back to single "\", to how it was before? the double "\\" is rather irritating :(

jason

_________________
OA Deployment:
Windows 2003 with XAMPP install
80 Windows Servers
250 Windows workstations (mixed XP and 2000)
5 MACs
Multiple printers, switches, routers, firewalls, and other servers (ESX, AIX etc.)


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 38 posts ]  Go to page Previous  1, 2, 3  Next

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group