Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 3:59 pm

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 15 posts ] 
Author Message
 Post subject: Domain Scan Issues
PostPosted: Thu Oct 25, 2007 9:37 am 
Offline
Newbie

Joined: Thu Oct 25, 2007 12:14 am
Posts: 27
Hello all Iam having some issues scanning my Domain. I change the config lines to assoacite my Domain the LDAP:// line and also the Sacn domain to Y.
I run the Audit.vbs form CMD with cscript audit.vbs and it start to list all the PC in the domain in the CMD screen.
It look likes it;s doing the audit but after it gets to the 360 computer and quits nothing shows up on the web interface.
How is the Domain scan suppose to work and what could I be doing wrong.


Next question
What is the best way to run this as a login script. Most of my users are not Local admins to the PC's so I am not sure what the best way to run this at login would be.
If I run it from a .bat file it wont work becuase they are not Admins to the PC.
How network intesive is this going to be if a bunch log in at once and this runs?


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Fri Oct 26, 2007 2:43 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
[quote="ndrog"]Hello all Iam having some issues scanning my Domain. I change the config lines to assoacite my Domain the LDAP:// line and also the Sacn domain to Y.
I run the Audit.vbs form CMD with cscript audit.vbs and it start to list all the PC in the domain in the CMD screen.
It look likes it;s doing the audit but after it gets to the 360 computer and quits nothing shows up on the web interface.
How is the Domain scan suppose to work and what could I be doing wrong.


I suspect the only thing you are doing wrong is scanning as a user which cannot connect to WMI on the machines in question, check the firewall etc. Have a look through the FAQ section for a full rundown of what to do when trying to debug domain audits.

[quote="ndrog"]
Next question
What is the best way to run this as a login script. Most of my users are not Local admins to the PC's so I am not sure what the best way to run this at login would be.
If I run it from a .bat file it wont work becuase they are not Admins to the PC.
How network intesive is this going to be if a bunch log in at once and this runs?

The best way is probably using the domain audit. The local user login script would probably work, use strComputer = "." in the audit.config for the login script version. Try it as a couple of users, and see if they populate the web pages correctly, if so this will probably work for everyone. remember to use cscript audit.vbs not wscript audit.vbs and turn off verbose in audit.config once you manage to make it work.

The whole thing is remarkably un-intensive, 100+ users on my local lan generates a total database size of about 18Mb and hardly gets noticed on our traffic graphs. By the same token I do run it at 18:30 and 13:30 when things are quite quiet anyway.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Fri Oct 26, 2007 8:30 am 
Offline
Newbie

Joined: Thu Oct 25, 2007 12:14 am
Posts: 27
Thanks for the response I read the FAQ and thing I have done everything it says. I'm able to run the audti.vbs as myself with no problem on the local PC or a remote PC if I enter the name into the STR_Computer fieald. When I try to run the Domain scan from my username that I can run on or PC at time It doenst work. My audit.config is below. When I run the Audit.vbs it scans my Domain and starts to list all the PC's and it looks like something is happening but nothing gets update the site 0 out of 360 clients. I run cscript audit.vbs is starts listing all the PC's in the domain and the below is listed for all PC it finds
-------
1of 356
Process Running 4
Next System PCname
----------------

[code]audit_location = "l"
verbose = "y"
online = "yesxml"
strComputer = ""
ie_visible = "n"
ie_auto_submit = "y"
ie_submit_verbose = "y"
ie_form_page = "http://nd2k3-vm01/openaudit/admin_pc_add_1.php"
non_ie_page = "http://nd2k3-vm01/openaudit/admin_pc_add_2.php"
input_file = "\Test"
email_to = ""
email_from = ""
email_server = ""
audit_local_domain = "y"
local_domain = "LDAP://dli.local"
hfnet = "n"
Count = 0
number_of_audits = 20
script_name = "audit.vbs"
monitor_detect = "y"
printer_detect = "y"
software_audit = "y"
uuid_type = "mac"
[/code]


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Fri Oct 26, 2007 3:09 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
Have you run firewall_allow.vbs locally on each machine ?

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Fri Oct 26, 2007 8:31 pm 
Offline
Newbie

Joined: Mon Oct 22, 2007 9:52 pm
Posts: 3
I think your LDAP configuration is wrong.
Try:
local_domain = "LDAP://dc=dli,dc=local"
and why are you using input_file = "\test" try leaving it blank "" you are running the script with an administrative user account right ? so you dont need to provide any file with user and password's

Hope it helps


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Fri Oct 26, 2007 10:00 pm 
Offline
Newbie

Joined: Thu Oct 25, 2007 12:14 am
Posts: 27
I didnt run the firewall_allow.vbs on the machines. Do I need to do this even if I can run audit.vbs on the machines of I choose the machine. I have ollwed acceptions via GP in or Domain. Does the firewall_allow.vbs need to be run. I know I have PC;s that done even have the Firewall on and those dont show up when I run a Domain Scan


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Sat Oct 27, 2007 1:35 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
I think if the input file is not blank, then it will be used as the source of computer names, and the domain settings ignored, so set this to ""
The ldap string should be something like
audit_local_domain = "y"
local_domain = "LDAP://mydomain.local"

BUT only of your Active Server Domain FQDN is mydomain.local if you have used something like mydomain.mylocaltion or mydomain.com then use this instead.

Do a NET CONFIG WORKSTATION from a command prompt, you should see it there under Full Computer Name, or look at properties of My Computer, Computer Name.

You do need to be able to connect to WMI on other machines for this to work, so have another look through the FAQs to see how to check this.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Mon Oct 29, 2007 10:25 pm 
Offline
Newbie

Joined: Thu Oct 25, 2007 12:14 am
Posts: 27
It doesnt make any sense, I changed my Domain local_domain = "LDAP://dc=dli,dc=local" and also local_domain = "LDAP://dli.local. I then run cscript audit.exe from the PC that has the Open-Audit installed, logged in as a Domain admin. The script runs and starts listing all the PC's in the Domain and looks like it is auding them. It then finsihes after about 3min and nothing every gets posted to the Web site as audited. I'm able to run the script at login and if I do one computer at a time. I have a GP that allows exeptions in the firewall and I', able to connect to WMI as the FAQ suggested. Any suggestions, I'm so close?

[[code]audit_location = "l"
verbose = "n"
online = "yesxml"
strComputer = ""
ie_visible = "n"
ie_auto_submit = "y"
ie_submit_verbose = "y"
ie_form_page = "http://nd2k3-vm01/openaudit/admin_pc_add_1.php"
non_ie_page = "http://nd2k3-vm01/openaudit/admin_pc_add_2.php"
input_file = ""
email_to = ""
email_from = ""
email_server = ""
audit_local_domain = "y"
local_domain = "LDAP://dc=dli,dc=local"
hfnet = "n"
Count = 0
number_of_audits = 20
script_name = "audit.vbs"
monitor_detect = "y"
printer_detect = "y"
software_audit = "y"
uuid_type = "mac"
[/code]


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Mon Oct 29, 2007 11:01 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Can you connect to WMI from the PC running the domain audits. Right Click on My Computer, Select Manage, go to WMI, drill down.
Can you connect to WMI on one of the other machines from the machine doing the domain audits. Right Click on My Computer, Select Manage, Connect to another computer, select the other machine, go to WMI, drill down.
Can you see the "add" pages from the machine doing the domain audits. Just load up the add page, you should see a form to fill in.
Switch off passwords and https in OpenAudit. (if you have enabled them). Try it all again. What happens?

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Tue Oct 30, 2007 12:24 am 
Offline
Newbie

Joined: Thu Oct 25, 2007 12:14 am
Posts: 27
I can connect to another PC from the Audit Station via WMI.
I can see the add page if I browse to it in IE
HTTPS and Passwords are not enabled


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Tue Oct 30, 2007 2:17 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Just a hunch... try
[code]
number_of_audits = 2
[/code]
rather than
[code]
number_of_audits = 20
[/code]

in audit.config

Could be the web server is becoming bogged down with POST requests.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Tue Oct 30, 2007 9:13 pm 
Offline
Newbie

Joined: Thu Oct 25, 2007 12:14 am
Posts: 27
I set number_of_audits = 2 and the same outcome. It started going through the list of PC on the Domian but nothing never got posted to the site. I.m running it in a login script with no issues but cant get a Domian scan to work. So close


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Thu Nov 01, 2007 11:45 am 
Offline
Newbie

Joined: Thu Oct 25, 2007 12:14 am
Posts: 27
Thanks for all the help, I got it running
1) Get rid of doman.local and jsut use Domain
2) I copied the VBS and config to my Local pc and CD into that directory and ran it
3) Worked great I love this product. Great job with it


Top
 Profile  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Thu Nov 01, 2007 1:35 pm 
Yes, if your domain is, for example: mycorp.com, then you would replace domain.local with mycorp.com. "domain.local" is just a sample. The LDAP local_domain line would then be "LDAP://dc=mycorp,dc=com"


Top
  
Reply with quote  
 Post subject: Re: Domain Scan Issues
PostPosted: Thu Nov 01, 2007 7:11 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
[quote="mikeyrb"]Yes, if your domain is, for example: mycorp.com, then you would replace domain.local with mycorp.com. "domain.local" is just a sample. The LDAP local_domain line would then be "LDAP://dc=mycorp,dc=com"


... and if the domain is just mycorp, then "LDAP://dc=mycorp" would do the trick. :)

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 15 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group