Open-AudIT
https://www.open-audit.org/phpBB3/

Audit LDAP Directory Error
https://www.open-audit.org/phpBB3/viewtopic.php?f=10&t=5961
Page 1 of 2

Author:  Fadlishah [ Thu Oct 25, 2012 11:34 am ]
Post subject:  Audit LDAP Directory Error

Hi,

When I run the Audit LDAP Directory, it shows error as below:-

Fatal error: Call-time pass-by-reference has been removed in C:\xampp\htdocs\open-audit\ldap_audit_script.php on line 306

What would be causing it? :D

Thank you.

Author:  jpa [ Thu Oct 25, 2012 2:08 pm ]
Post subject:  Re: Audit LDAP Directory Error

OAv1 is old and has code which uses features that have been removed in PHP 5.4 Use PHP 5.3.X or earlier or fix the code. I'll take a look and see how much work the fix entails.

Author:  jpa [ Sat Oct 27, 2012 4:40 am ]
Post subject:  Re: Audit LDAP Directory Error

[url=http://www.php.net/manual/en/language.references.pass.php]Should be pretty simple[/url]. You need to remove the ampersand (&) from the function arguments in calls to PagedLdapSearch and ldap_Search in the ldap_audit_script.php file.

So go from:
[code]PagedLdapSearch(&$ldap_link,&$base_dn,$filter,&$attributes,$usn_low,$usn_high,$results);[/code]
To:
[code]PagedLdapSearch($ldap_link,$base_dn,$filter,$attributes,$usn_low,$usn_high,$results);[/code]
But only in the function calls and not the function definition. So the line around line 313.

And from:
[code]$search_results=ldap_search($ldap_link,$base_dn,$full_ldap_filter,&$attributes,null,1000);[/code]
To:
[code]$search_results=ldap_search($ldap_link,$base_dn,$full_ldap_filter,$attributes,null,1000);[/code]
You'll need to test and see it that works.
EDIT: Added ldap_search changes.

Author:  Fadlishah [ Wed Oct 31, 2012 12:37 pm ]
Post subject:  Re: Audit LDAP Directory Error

Thank you guys, it solve the problem :D . When I run the Admin > Audit LDAP Directory, it doesn't show any error but it shows below message:-

Auditing LDAP Path: DC=******,DC=***,DC=**
Auditing user accounts in: DC=******,DC=***,DC=**
Updating Users table ...
Auditing computer accounts in:DC=******,DC=***,DC=**
Updating Computers table ...

Is it mean that the script is running? :?: :?:

Regards.

Author:  jpa [ Thu Nov 01, 2012 1:26 am ]
Post subject:  Re: Audit LDAP Directory Error

Yes. Reporting available under the Queries menu. "All LDAP Systems" and "All LDAP Users"

Author:  Fadlishah [ Thu Nov 01, 2012 1:17 pm ]
Post subject:  Re: Audit LDAP Directory Error

Hi Guys.....

Checking the Queries > All LDAP Systems & All LDAP users... no result...

Anywhere that still need to do further tuning...?

Anyway... the Auditing process works great... It captured all info in my domain... Many..many thanks to all the guys that develope this software... May God Bless You....:D :D

:?: another question on the MS Office Keys. Why it doesn't captured the Office 2010 key?

Regards...

Author:  jpa [ Fri Nov 02, 2012 1:57 am ]
Post subject:  Re: Audit LDAP Directory Error

[quote="Fadlishah"]Why it doesn't captured the Office 2010 key?OA version 1 is ancient and the public version even more so. If you want to stick with OA v1 make sure to get the [url=http://open-audit.svn.sourceforge.net/viewvc/open-audit/trunk/?view=tar]latest from SVN[/url]. I think that version audits Office 2010 keys.

Even the SVN version is missing some things to deal with newer MySQL versions. That's the problem you're now having with getting the ldap audit data into the database. You need to add the following code to the ldap_audit_script.php file just before the "AuditLdapPaths();" line around line 68. I had forgotten about this change in my own version.

[code]
# <HACK>
# The following turns off strict checking so incorrect
# datatypes can be inserted into fields!
$sql = "SET @@session.sql_mode=''";
$result = mysql_query($sql);
# </HACK>
[/code]

Author:  Fadlishah [ Mon Nov 05, 2012 4:52 pm ]
Post subject:  Re: Audit LDAP Directory Error

Hi, Good day!!!

I have done by adding the following code to the ldap_audit_script.php file just before the "AuditLdapPaths();" line around line 68. When I run the [color=#BF0000]Admin > Audit LDAP Directory[/color] again and check back the [color=#BF0000]Queries > All LDAP Users or All LDAP Systems[/color], it still shows nothing.

Anyway I already updated the OA v1 with the latest svn and it can captured the Office 2010 key. Unfortunately, the key that captured is not the same as stated on the Installation Case of the Office 2010.

Cheers!!

Fadli

Author:  jpa [ Tue Nov 06, 2012 2:08 am ]
Post subject:  Re: Audit LDAP Directory Error

Sorry once again. I have forgotton all the things I've done to my audit.vbs over the years. Here is my current audit script. You can diff against your current one to see what I've changed. It does correctly decode Office 2010 keys.

[attachment=0] audit.txt [233.11 KiB]
Downloaded 698 times

Author:  Fadlishah [ Wed Nov 07, 2012 2:23 pm ]
Post subject:  Re: Audit LDAP Directory Error

Thank you JP, it works. Double check with the original serial key. Its the same, thanks a million. The only thing is that, it doesn't indicate the Mirosoft Office 2010 name under the Software list. It just empty. Anything to add to the script?

Author:  jpa [ Thu Nov 08, 2012 2:48 am ]
Post subject:  Re: Audit LDAP Directory Error

Not sure I understand the problem. What report are you running that's missing the Office 2010 name? Is it just Office or all software? Or is the name missing from the Office Keys report?

Author:  jpa [ Thu Nov 08, 2012 3:17 am ]
Post subject:  Re: Audit LDAP Directory Error

You could run the following on a host with Office 2010 to see if your Office isn't in the list of Office versions OA knows about.

Put the following in a file named officereg.vbs, run "cscript officereg.vbs" and report back the output:
[code]
strComputer = "."

Const HKEY_LOCAL_MACHINE = &H80000002
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "SOFTWARE\Microsoft\Office\14.0\Registration"
oReg.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubKeys
For Each subkey In arrSubKeys
path = strKeyPath & "\" & subkey
strOffXPRU = "HKLM\" & path & "\DigitalProductId"
subKey2 = "DigitalProductId"
oReg.GetBinaryValue HKEY_LOCAL_MACHINE,path,subKey2,key
if IsNull(key) then
else
wscript.echo "Office14: " & subkey

strOffXPRU = "HKLM\" & path & "\ConvertToEdition"
subKey2 = "ConvertToEdition"
oReg.GetStringValue HKEY_LOCAL_MACHINE,path,subKey2,key
wscript.echo "ConvertToEdition: " & key

end if
Next[/code]

Author:  Fadlishah [ Thu Nov 08, 2012 4:09 pm ]
Post subject:  Re: Audit LDAP Directory Error

Hi JP,

Thank you 4 your respond, fyi, I run the script provided on my machine and below is the result:

C:\xampp\htdocs\openaudit\scripts>cscript officereg.vbs
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.

Office14: {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFF1CE}
ConvertToEdition: Microsoft Office Professional 2010

Its stated the Office 2010 name. How to add the script into the audit.vbs in order to get the Office 2010 name stated under the Software
column when you open Queries > All Ms Office Keys which currently empty.

Thank you.... :D :D :D

Author:  jpa [ Fri Nov 09, 2012 2:45 am ]
Post subject:  Re: Audit LDAP Directory Error

That "FFFFF" stuff is unexpected. Could you open Regedit and export the "HKLM\SOFTWARE\Microsoft\Office\14.0\Registration" branch to a file and PM it to me. You can remove the DigitalProductID key if you don't want me to see your CD key. If you remove the DigitalProductID you can probably just post the reg file here. But don't do that unless you remove the DigitalProductID from the output.

Author:  jpa [ Wed Nov 21, 2012 2:49 am ]
Post subject:  Re: Audit LDAP Directory Error

Edit your audit.vbs file.
Find the following line (line 4711 in my file)
[code]if vers = "003B" then vers_name = "Microsoft Office Project Professional 2010" end if[/code]
Insert the following on the next line after the line above
[code]if vers = "003D" then vers_name = "Microsoft Office Professional 2010" end if[/code]
You should now have something like
[code]if vers = "003B" then vers_name = "Microsoft Office Project Professional 2010" end if
if vers = "003D" then vers_name = "Microsoft Office Professional 2010" end if
if vers = "0044" then vers_name = "Microsoft Office InfoPath 2010" end if[/code]

Page 1 of 2 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/