Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Sun Dec 08, 2019 8:32 pm

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 22 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: Problem setting up mysql
PostPosted: Thu Mar 29, 2007 10:08 pm 
Offline
Newbie

Joined: Tue Mar 27, 2007 1:25 am
Posts: 11
Location: LONDON
Hi,
I am having problem in setting this thing up. I followed all the procedures but still cant get the sql part to work. I followed the process which was explained in FAQ's for setting up sql. But once i provide the details while running setup.php it comes up with the following warnings!

1) Could not create db: database already exists
2) Could not grant priveleges :access denied for user @localhost to database.

Now, If i create a schema in the sql and assign permissions for a specific user as described in the FAQ. I get those two msgs i mention above.
If i dont create a new schema manully in the sql and let the setup.php create it that works fine but the second error for granting priveleges remain the same.

I am running MYSQL 5.0 on the same machine. I would really appreciate any help.

Thanks

_________________
Dars..

Auditing Server: Win2003 with vertrigo Serv
500 Xp Workstations
100 Windows 2003 Servers
LDAP


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Mar 30, 2007 12:56 am 
You can do it manually, no problem. All you need to do is create the tables from the .sql file. Then copy include_config_defaults.php to include_config.php and edit the mysql connection parameters. No need to run setup.php then.


Top
  
Reply with quote  
 Post subject: Audit.VBS
PostPosted: Fri Mar 30, 2007 2:58 am 
Offline
Newbie

Joined: Tue Mar 27, 2007 1:25 am
Posts: 11
Location: LONDON
Thanks very much i have got the main page up and running. Can u please explain me how can i audit a system now. I ran the audit.vbs in command line it came up with (158,7) error. I have no clue what so ever.

Appreciate ur previous response and thanking u in advance.

_________________
Dars..

Auditing Server: Win2003 with vertrigo Serv
500 Xp Workstations
100 Windows 2003 Servers
LDAP


Top
 Profile  
Reply with quote  
 Post subject: Re: Audit.VBS
PostPosted: Fri Mar 30, 2007 3:20 am 
Offline
Newbie

Joined: Wed May 25, 2005 5:11 am
Posts: 49
Location: Toronto, Ontario, Canada
idar wrote:
Thanks very much i have got the main page up and running. Can u please explain me how can i audit a system now. I ran the audit.vbs in command line it came up with (158,7) error. I have no clue what so ever.

Appreciate ur previous response and thanking u in advance.


The user account that you are running audit.vbs under must have local administrator rights on the computer you are trying to audit (which is why many people run it under a domain administrator account for example). It looks like you are trying to run the audit script remotely to a computer where you don't have local admin rights


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Mar 30, 2007 4:38 am 
Take a look through our FAQs. Chances are your question is answered there. Short version: probably a misconfiguration of audit.config (which must be in the same directory as the audit.vbs).

Try this page: http://www.open-audit.org/phpbb2/viewtopic.php?t=1464


Top
  
Reply with quote  
 Post subject:
PostPosted: Fri Mar 30, 2007 9:26 pm 
Offline
Newbie

Joined: Tue Mar 27, 2007 1:25 am
Posts: 11
Location: LONDON
Hi,
Thanks for the help. I have managed to run t he script through the basic script settings avaible in FAQ. The problem i was facing before is that i couldn't connect to the WMI services although logeed inn as an administrator.

Anyways, i managed to run the script on the remote computer and it ran fine.
Now as i was using active directory and configured the config file to audit the domain it didnt do that infact it only audited the system i ran it on. Tested on another system and it audited that single pc.
I am running the script as a domian admin and i have setup the mail setting to inform me if it cant audit any machine but nothin comes up. I am searching through subnet using nmap_subnet. It detected all the printer in other items discovered but no machine except the ones where i ran the script.

Secondly when i goto the pc which was detected and click computer details it comes up "LDAP connectivity is not available,please check php.ini"
I assume may be thats the problem preventing the above not to work, If yes then how do i configure the ldap in php.ini. I searched the php.ini for ldap setting but couldn't find anything there. had a google search but didnt magae to understand.
I can post my config file setting if that can help

I really want to thank all u people helping me.

_________________
Dars..

Auditing Server: Win2003 with vertrigo Serv
500 Xp Workstations
100 Windows 2003 Servers
LDAP


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Mar 30, 2007 11:13 pm 
If you want to audit the domain, double check that strComputer = "". If it is instead set to, for example ".", then it will only audit your local machine.

I haven't actually used the LDAP stuff on the computer pages, but all I know is you need to enable the ldap extension for php. Try searching for that, otherwise I bet Andy (A_Hull) will be able to get you going with it.


Top
  
Reply with quote  
 Post subject:
PostPosted: Sat Mar 31, 2007 12:55 am 
Offline
Newbie

Joined: Tue Mar 27, 2007 1:25 am
Posts: 11
Location: LONDON
Mike,
Thanks dude! U were right i needed to correct the StrComputer = "".
I am auditing my domain at the moment. I have managed to set up the ldap in php.ini.

Now i am getting a different error and i guess thats related to how u define ur ldap settings in the config under admin tab. i am sure i haven't set the ldap parameters correct thats why when i hit computer or user details it says, "not found in dc=mydomian.com" can u point me how do i fill out the following parameters in config:

FQDN Domain Suffix for Management Utilities:
LDAP Base DN:
LDAP Connection Server:
LDAP Connection User:
LDAP Connection Secret:

what i have in the settings is as follows:

FQDN Domain Suffix for Management Utilities: mydomain.com
LDAP Base DN: dc=mydomain.com
LDAP Connection Server: 192.168.1.1
LDAP Connection User: mydomain\domainAdmin
LDAP Connection Secret: password

Thanks

_________________
Dars..

Auditing Server: Win2003 with vertrigo Serv
500 Xp Workstations
100 Windows 2003 Servers
LDAP


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Mar 31, 2007 3:44 am 
Well, I didn't write that component so I may or not be correct, but let's just modify the include_config.php by hand.

You should see a section like this:

Just modify it for yours (the example is the mydomain.local domain with administrative account 'unknown').

Quote:
$domain_suffix = 'local' ;
$ldap_base_db = 'dc=mydomain,dc=local';
$ldap_user = 'unknown@domain.local';
$ldap_secret = 'password';
$ldap_attributes = array('displayname','description','userprincipalname','homedirectory','homedrive','profilepath','scriptpath','mail','samaccountname','telephonenumber','usncreated','department','sn');

$ldap_filter = '(&(objectClass=user)(objectCategory=person)(|(samaccountname='.$name.chr(42).')(name='.$name.chr(42).')(displayname='.$name.chr(42).')(cn='.$name.chr(42).')))';

$ldap_connect_string = 'LDAP://server.domain.local';


Top
  
Reply with quote  
 Post subject:
PostPosted: Sat Mar 31, 2007 10:12 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
Code:
LDAP Base DN: dc=mydomain.com


should be

Code:
LDAP Base DN: dc=mydomain,dc=com


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon Apr 02, 2007 4:41 pm 
Offline
Newbie

Joined: Tue Mar 27, 2007 1:25 am
Posts: 11
Location: LONDON
Mike,
I have edited the include_config.

i didn't get all the parameters listed in the config file. following were missing.
$ldap_connect_string
$ldap_attributes = array('displayname','description','userprincipalname','homedirectory','homedrive','profilepath','scriptpath','mail','samaccountname','telephonenumber','usncreated','department','sn');

$ldap_filter = '(&(objectClass=user)(objectCategory=person)(|(samaccountname='.$name.chr(42).')(name='.$name.chr(42).')(displayname='.$name.chr(42).')(cn='.$name.chr(42).')))';

Anyways,
whenever i try to get computer/user details i get this message. "Not found in dc=mydomian.com,dc=com.

Am i missing anything do i have to define the OU aswell. If i dont then does it look for the entire domain?
Thanks

_________________
Dars..

Auditing Server: Win2003 with vertrigo Serv
500 Xp Workstations
100 Windows 2003 Servers
LDAP


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Apr 03, 2007 2:37 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
idar wrote:
Mike,
I have edited the include_config.

i didn't get all the parameters listed in the config file. following were missing.
$ldap_connect_string
$ldap_attributes = array('displayname','description','userprincipalname','homedirectory','homedrive','profilepath','scriptpath','mail','samaccountname','telephonenumber','usncreated','department','sn');

$ldap_filter = '(&(objectClass=user)(objectCategory=person)(|(samaccountname='.$name.chr(42).')(name='.$name.chr(42).')(displayname='.$name.chr(42).')(cn='.$name.chr(42).')))';

Anyways,
whenever i try to get computer/user details i get this message. "Not found in dc=mydomian.com,dc=com.

Am i missing anything do i have to define the OU aswell. If i dont then does it look for the entire domain?
Thanks


Seems you still haven't quite got the ldap string right, the message seems to indicate it is looking in mydomain.com.com ..... have another quick look at this first.

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Apr 06, 2007 8:07 am 
Offline
Newbie

Joined: Tue Mar 27, 2007 1:25 am
Posts: 11
Location: LONDON
Andrew,
I didnt get a chance to change the file but will get back as soon i get to it.

Thanks

_________________
Dars..

Auditing Server: Win2003 with vertrigo Serv
500 Xp Workstations
100 Windows 2003 Servers
LDAP


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Apr 10, 2007 11:45 pm 
Offline
Newbie

Joined: Tue Mar 27, 2007 1:25 am
Posts: 11
Location: LONDON
Hi,
Andrew i made the change but its still coming up with the same error.
"not found in dc=mydomain,dc=com."

Any clue?

Thankss

_________________
Dars..

Auditing Server: Win2003 with vertrigo Serv
500 Xp Workstations
100 Windows 2003 Servers
LDAP


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Apr 11, 2007 1:04 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Not sure, right click on the User Details or Computer Details link, and copy the link location to the paste buffer. Paste it into another Tab or Window in your browser.

Try the same url, but remove the name, so change the last bit to for example...

/ldap_details.php?name=&full_details=n&record_type=user&

or

/ldap_details.php?name=&full_details=n&record_type=computer&


This should produce a list of all of the user or computer names which CAN be found in the ldap container you have connected to.

It may be that you need to refine the ldap connect string to see what you require.

Let me know the results. :lol:

BTW the cannot be found message does it say "not found in dc=mydomain,dc=com."
or "not found in dc=mydomain.com,dc=com."

What is the exact error?

I hope you are using the real Active directory name for mydomain.com and not "mydomain.com"

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 22 posts ]  Go to page 1, 2  Next

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group