Open-AudIT

How to audit only a single XP station? My server is Debian.

Alter audit.config (in the scripts dir) to suit your needs.
In the scripts directory, copy audit.vbs and audit.config to the XP machine.
On the XP machine, open a dos prompt, navigate to the dir where audit.vbs and audit.config are.
Type "cscript audit.vbs ." without quotes.
It should run the audit, and send it to the server.
Done.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.

Alternatively, if you are feeling up to using beta software, if you download the latest SVN version (see the FAQs for how to do this), then from the XP box, navigate to Admin > Audit My Machine.

Run the a web configured script which will be sent to your browser, and the machine should be audited.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

[quote="A_Hull"]Alternatively, if you are feeling up to using beta software, if you download the latest SVN version (see the FAQs for how to do this), then from the XP box, navigate to Admin > Audit My Machine.

Run the a web configured script which will be sent to your browser, and the machine should be audited.

_________________
[size=85]OA Server: W2k3/IIS/PHP5/MySQL
Currently auditing 558 servers, 138 Workstations
LDAP=AD, Audit interval ~ once/month[/size]

Ok, [quote="Mark"]Alter audit.config (in the scripts dir) to suit your needs.
In the scripts directory, copy audit.vbs and audit.config to the XP machine.
On the XP machine, open a dos prompt, navigate to the dir where audit.vbs and audit.config are.
Type "cscript audit.vbs ." without quotes.
It should run the audit, and send it to the server.
Done.

[quote="ccpyle"][quote="A_Hull"]Alternatively, if you are feeling up to using beta software, if you download the latest SVN version (see the FAQs for how to do this), then from the XP box, navigate to Admin > Audit My Machine.

Run the a web configured script which will be sent to your browser, and the machine should be audited.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

[quote]
Ok, but I have that to make this in each machine? He is possible set appointments the execution?

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

[quote="A_Hull"]
Are you sure you have the very latest SVN version, one of the versions I posted recently did indeed throw back a blank vbs file to IE.
(It worked fine in Firefox). We are currently on SVN 988, and I have just tried this with IE and firefox and it works as expected.

_________________
[size=85]OA Server: W2k3/IIS/PHP5/MySQL
Currently auditing 558 servers, 138 Workstations
LDAP=AD, Audit interval ~ once/month[/size]

Tried it today and got an empty file again. Updated to latest SVN. Actually noticed the IP it returned was not correct and realized it was picking up our proxy address. Turned off proxy usage, got the correct IP in the filename, but still have an empty file.
Does the audit.config file require something in it? Trying to think of where mine might be incorrect. I've changed the audit.config file, but nothing else that I can see as related to this functionality.

_________________
[size=85]OA Server: W2k3/IIS/PHP5/MySQL
Currently auditing 558 servers, 138 Workstations
LDAP=AD, Audit interval ~ once/month[/size]

OK. I will have to think about this, when you click on the link Admin >Adit My Machine the script throws back a blank audit.vbs. I assume this is Zero bytes long?

What it should throw back is an audit.vbs with the server URL hard coded in to the first line, so try this...

Copy audit.vbs to the workstation, edit it, and change the first line to point to the correct URL for your server.

Try running the script from the workstation again.

I suspect the blank audit.vbs script may be related to proxy or anti-virus issues.

If this all fails to work, we can copy audit.vbs and audit.config to the workstation, and modify the line strComputer = "" to strComputer = "." and the server URL references to point to your server and try that.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

Tried on a workstation with No Antivirus or proxy use. Results -
0 byte empty audit.vbs.
When I copy over audit.vbs and replace the host name at the top, I get a "Error: Expected Statement" Line 108,1. It does, however create a audit.config, here are the contents:

[code]<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>

<h1>The page cannot be found</h1>
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.
<hr>
<p>Please try the following:</p>
<ul>
<li>Make sure that the Web site address displayed in the address bar of your browser is spelled and formatted correctly.</li>
<li>If you reached this page by clicking a link, contact
the Web site administrator to alert them that the link is incorrectly formatted.
</li>
<li>Click the <a href="javascript:history.back(1)">Back</a> button to try another link.</li>
</ul>
<h2>HTTP Error 404 - File or directory not found.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>404</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>Web Site Setup</b>, <b>Common Administrative Tasks</b>, and <b>About Custom Error Messages</b>.</li>
</ul>

</TD></TR></TABLE></BODY></HTML>[/code]

Line 108 in my audit.vbs reads:

[code]ExecuteGlobal CreateObject("Scripting.FileSystemObject").OpenTextFile(this_config).ReadAll[/code]

_________________
[size=85]OA Server: W2k3/IIS/PHP5/MySQL
Currently auditing 558 servers, 138 Workstations
LDAP=AD, Audit interval ~ once/month[/size]

Find the FIRST line like this ...

this_config_url = "http://{whatever}/openaudit/list_export_config.php"

near the start of audit.vbs on your workstation..

The whole section reads...

[code]
'''''''''''''''''''''''''''''''''''
' Open Audit '
' Software and Hardware Inventory '
' Outputs into MySQL '
' (c) Open-Audit.org 2003-2007 '
' Licensed under the GPL '
'''''''''''''''''''''''''''''''''''
'
this_config_url = "http://localhost/openaudit/list_export_config.php"
if (left(this_config_url,1) = "%") then
this_config_url = "http://openaudit/openaudit/list_export_config.php"
end if
'
...
[/code]

Change {whatever} to the ip address or name of your web server.

In the above example I am auditing my laptop to itself, so the (whatever) is the name localhost (but could also be 127.0.01 the loopback IP address or the real IP address of my laptop), but if I was auditing to my live server it would be liveserver.mydomain.local or the ip address of that server.

Make the change and save audit.vbs

To check the link is correct, from the workstation, browse to the above link and you should see something like this....

[code]
audit_location = "r" server_install_path = "/openaudit" verbose = "n" audit_host="http://localhost" online = "yesxml" strComputer = "." ie_visible = "n" ie_auto_submit = "y" ie_submit_verbose = "n" ie_form_page = "http://localhost/openaudit/admin_pc_add_1.php" non_ie_page = "http://localhost/openaudit/admin_pc_add_2.php" input_file = "" send_email = FALSE email_to = "openaudit@mydonain.com" email_from = "openaudit@mydonain.com" email_sender = "Open Audit" email_server = "mail.mydomain.com" email_port = "25" email_auth = "1" email_user_id = "openaudit@mydonain.com" email_user_pwd = "MailPassword" email_use_ssl = "false" email_timeout = "60" audit_local_domain = "n" domain_type = "ldap" local_domain = "LDAP://mydomain.local" hfnet = "n" Count = 0 number_of_audits = 10 script_name = "audit.vbs" monitor_detect = "y" printer_detect = "y" software_audit = "y" uuid_type = "uuid" nmap_subnet = "192.168.0." nmap_subnet_formatted = "192.168.000." nmap_ie_form_page = "http://localhost/openaudit/admin_nmap_input.php" nmap_ie_visible = "n" nmap_ie_auto_close = "y" nmap_ip_start = 1 nmap_ip_end = 254 keep_this_config = "n" keep_audit_log = "n" requesting_host = "localhost" requesting_addr = "127.0.0.1"
[/code]

(Some of the details should automatically reflect the name and requesting host, and audit server)

This is the web config the script is expecting to download.

If you see the stuff you had before, then the URL is wrong.. so check it again.

I cant think why you are getting a blank audit.vbs ..... Ah Yes I can... your web server doesn't have permission to write to the openaudit folder! Thus it can't write the template it needs to create the audit.vbs to send back to the web browser. (I told you this was beta, my fault entirely.. I will have to rewrite this to only use a buffered version of audit.vbs in memory .... Obvious when I think about it!!!)

Meantime, are you using IIS or Apache?

As a work around, you could give the web server write permissions on the folder, if using Apache on linux, chmod the openaudit folder 777 just to confirm.
If using IIS, set the permissions using IIS Admin. Apache on windows, ensure the directory is writable by the user running the apache service.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

Write permissions solved the problem. No more empty audit.vbs. The saved audit.vbs contains
[code]this_config_url = "http://openaudit\/list_export_config.php"[/code]
at the top. I have all files in root of host "openaudit"

By the way you reply to these questions, one would think you wrote this software or something...

The previous problem was my error. I did not put the full path, but rather replaced %host_url% with the hostname or IP address, not adding the rest of the path.

I definitely think a "read from memory" in this case would be a lot more secure than leaving the root folder with write permissions to the http account. I am using IIS and gave IUSR_ write permissions

_________________
[size=85]OA Server: W2k3/IIS/PHP5/MySQL
Currently auditing 558 servers, 138 Workstations
LDAP=AD, Audit interval ~ once/month[/size]

Strange one this, the server must have write access to include_config.php in the root folder, or the setup would fail. I will need to have a think about this.... probably re-write with buffered version rather than writing to the root folder. Glad it worked though, you would almost think I knew what I was talking about..

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

Try it now (SVN 989) the issue with the blank audit.vbs should now be addressed. As were a couple of other niggles.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]