Open-AudIT

Hi folks,

i opened up a new thread with a modification of audit.vbs solving the following problems:
its based on the current build 1242

* collect 32 bit OS keys including win7 and S2008R2
* collect Software keys including knowledge of Office 2010 and apps
* collecting 32 bit software inventory
* collecting 64 bit software inventory


--> This audit.vbs does the job fine running
on a 32 bit windows platform
AND
on a 64 bit platform

Please - anyone of the deveopers - add it to the svn.

Works for me. Not too many developers with time for OpenAudit anymore. Maybe ef (Eduardo)?

I'll take a look and integrate it into OAv2...

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.

Sorry if that last post came off a bit wrong. I'd like to reiterate that even though OpenAudit (anyversion) is probably a huge time and money sink for you and the other developers I still use it all the time and appreciate all your efforts.

JPA

Hi,
although I can't test auditing to/from 64 bit systems, did you manage the case of auditing W2k8 (not R2) servers ? Does the script retrieve regular W2k8 PKs?

_________________
Edoardo

[quote="jpa"]Sorry if that last post came off a bit wrong. I'd like to reiterate that even though OpenAudit (anyversion) is probably a huge time and money sink for you and the other developers I still use it all the time and appreciate all your efforts.

JPA

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

[quote="ef"]Hi,
although I can't test auditing to/from 64 bit systems, did you manage the case of auditing W2k8 (not R2) servers ? Does the script retrieve regular W2k8 PKs?

Hi, I mean if replacing lines 3371-3383 in the audit.vbs proposed version with these[code]''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' MS CD Keys for Windows XP, 2000, 2003, Vista, Win7 and 2008 '
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
IsOSXP = InStr(OSName, "Windows XP")
IsOS2K = InStr(OSName, "Windows 2000")
IsOS2K3 = InStr(OSName, "Server 2003")
IsOSVista = InStr(OSName, "Windows Vista")
IsOS2K8 = InStr(OSName, "2008")
IsOS7 = InStr(OSName, "Windows 7")
IsOSMicrosoft = CInt(IsOSXP + IsOS2K + IsOS2K3 + IsOSVista + IsOS2K8 + IsOS7)

if (IsOSMicrosoft > 0) then
path = "SOFTWARE\Microsoft\Windows NT\CurrentVersion"

[/code] are W2k8 (both R2 or not) PKs retrieved? The proposed version seems to me retrieving only 2008 R2 PKs.

To correctly handle all system.system_os_name formats we could update the function determine_os() in include_functions.php (but we need all possible 2008/2008 R2/7 system.system_os_name strings, including various ®, © and so on.

_________________
Edoardo

It seems to me the code is trying to find "modern" Windows. Everything going forward will probably use the same key location and format. Maybe it would make more sense to filter out non-modern (95,98,NT) Windows for the OS keys. Maybe that would be for OpenAudit v2.

Thank you, added your mods to SVN rev. 1243.
The 32/64 bit software stuff seems to slow down auditing a bit, though.

_________________
Edoardo

[quote="jpa"]I looked at this and it does not handle all the os_names in my network.

Non-exhaustive list that I pulled from system.system_os_name:
[code]
Handled - Microsoft Windows Server 2008 R2 Enterprise
Handled - Microsoft Windows Server 2008 R2 Standard
Handled - Microsoft Windows XP Professional
Not Handled - Microsoft&#174 Windows Server&#174 2008 Standard
Handled - Microsoft(R) Windows(R) Server 2003, Standard Edition
Handled - Microsoft(R) Windows(R) Server 2003, Standard Edition R2
[/code]

Server 2008 non-R2 has beautiful registered marks mucking up the name. But the code doesn't handle it even it they weren't there.

_________________
Edoardo

SVN update 1243: audit.vbs. It crashs saying:
Line: 3387
Char: 1
Error: Expected statement
Code: 800A0400
Source: Microsoft VBScript compilation error.

software inventory is running fine now thank you for checking it in to SVN eduardo

Just collection of office 2010 keys is under investigation (may be 64 bit office as well).
it works
running audit.vbs running on a 32 bit platform --> collecting all keys incl. win7 from 32 and 64 bit destinations (collects 32 and 64 bit office)

running it on an x64 platform it doesnt get the 64 bit keys tho. still havent found a working solution - i think the function call must be changed like i did with the software inventory (openeing WMI connection setting parameter for architecture 32 and 64 before and then setting the request.

I will give it a try as soon as i have time for it then...
If any1 wanna try - u may take the function calls from software 32 bit and 64 bit sections in script and try on office 2010 (x64 app) from a platform like win7 x64 of s2008R2