Open-AudIT
https://www.open-audit.org/phpBB3/

How to add windos systems in groups in OAv2 Beta4?
https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=5843
Page 1 of 1

Author:  deepakdeshp [ Sun Feb 19, 2012 1:10 am ]
Post subject:  How to add windos systems in groups in OAv2 Beta4?

I have created a group and the audited systms should show up in that group.

The process I am following:-

1.Copy the audit_windows.vbs file on the desktop to be audited.
2.Run the .vbs file from the desktop with create local file option enabled. This will create an xml file on the desktop.
3.Use the add system option in OA, paste the xml generated in step 2 and save.
Run the audit_windows.vbs file on the desktop. Now the audits show in the newly created group.


I want to know if the above process is correct or is there a more efficient method.

I have posted this in a separrate topic and woud be tankful to get an answer to my quesry. It is about initiating audit from the Linux server

The link to the query:- viewtopic.php?f=20&t=5841

Author:  snue [ Mon Feb 20, 2012 5:10 pm ]
Post subject:  Re: How to add windos systems in groups in OAv2 Beta4?

If the clients have network access to the OAv2 server you can let them send the report automatically to the server, as far as i remeber it, you only have to set the "url" parameter for your environment.

you have to be more specific about the "group" issue, afaik groups select the systems they contain depending on the settings you made for the group. e.g. "all system with 4gb ram", "all system in subnet 192.168.0.0" or "all systems of organisation "test"

Author:  deepakdeshp [ Tue Feb 21, 2012 5:28 am ]
Post subject:  Re: How to add windos systems in groups in OAv2 Beta4?

snue wrote:
If the clients have network access to the OAv2 server you can let them send the report automatically to the server, as far as i remeber it, you only have to set the "url" parameter for your environment.


1.I did set up the url parameter in audit_windows.vbs file to my environment, which has the OAV2 server name in this parameter.
2.I copied the audit_windows.vbs file manually on the desktop whose audit I want to do.
3. From the desktop I double clicked the .vbs file to execute and send the audit to the Linux server.

The above 3 steps are for one desktop and I repeat the above tasks for every single desktop which are not part of any domain but have an ip and can reach the OAV2 server over the net.

snue wrote:
you have to be more specific about the "group" issue, afaik groups select the systems they contain depending on the settings you made for the group. e.g. "all system with 4gb ram", "all system in subnet 192.168.0.0" or "all systems of organisation "test"


By groups I mean:-

The first type of group is :- All system in subnet 192.168.0.0.

The 2nd type of group is :- All systems in organisation x will be showing in group x, and all systems of organization y will show in group y. Organistation x and y will have different logins x and y. So when x logs in, the audits of organisation x desktops has to be done and should show under group x . Similarly for group y. How to do it?

How do i manage the network group? tht is, the corresponding systems will show in that group. e.g. the first group will have only the systems in subnet 192.168.0.0.

Author:  Mark [ Tue Feb 21, 2012 10:05 am ]
Post subject:  Re: How to add windos systems in groups in OAv2 Beta4?

Quote:
1.I did set up the url parameter in audit_windows.vbs file to my environment, which has the OAV2 server name in this parameter.
2.I copied the audit_windows.vbs file manually on the desktop whose audit I want to do.
3. From the desktop I double clicked the .vbs file to execute and send the audit to the Linux server.

The above 3 steps are for one desktop and I repeat the above tasks for every single desktop which are not part of any domain but have an ip and can reach the OAV2 server over the net.


Good - so these do appear in OAv2, yes?

Quote:
The first type of group is :- All system in subnet 192.168.0.0.


This group (being a network group) should have been automatically created. Has it been? Are all systems appearing in it that should?


Quote:
All systems in organisation x will be showing in group x, and all systems of organization y will show in group y. Organistation x and y will have different logins x and y. So when x logs in, the audits of organisation x desktops has to be done and should show under group x . Similarly for group y. How to do it?


So you need to find an attribute on the systems that you can use to determine which organisation they belong to. If it's an automatically derived (by the script) attribute, great. Let me know the attribute and the values and I can create you a group.

If it's NOT automatically derived, then you will need to set the Owner or Organisation Name manually (via the web interface). Then you can create a group based on that. I have had to do this for our ~7,000 systems here at work. It's not as bad as you would think. You can create groups based around AD OU, IP Subnet or whatever and bulk edit those systems (set the Owner).

I will attach an example Group definition that uses the Organisation ID. You can edit this and put it in the OAv2/code_igniter/system/application/controllers/groups directory or use the Admin -> Groups -> Import Group menu function.

Attachments:
File comment: Example "Org Workstations" Group
OrgWorkstations.xml [2.66 KiB]
Downloaded 148 times

Author:  Mark [ Tue Feb 21, 2012 10:09 am ]
Post subject:  Re: How to add windos systems in groups in OAv2 Beta4?

And here's a Report I use to display a lot of attributes I use for sorting, etc.

Attachments:
File comment: System Details sample report definition
SystemDetails.xml [4.97 KiB]
Downloaded 145 times

Author:  deepakdeshp [ Thu Mar 01, 2012 4:25 am ]
Post subject:  Re: How to add windos systems in groups in OAv2 Beta4?

Mark,

Thank you for the inputs and attachments. They have been invaluable.

Quote:
Good - so these do appear in OAv2, yes?


Yes all the systems appear in OAv2 .

Quote:
This group (being a network group) should have been automatically created. Has it been? Are all systems appearing in it that should?


Yes the network groups were automatically created all systems are appearing in the appropriate network groups.

I am facing problems for the server side audit initiating for Windows 7 desktops which arent part of any domain. I know that WMI has to be used for this but I havent been able to get information on how to do it. With this method the audit files gets copied from the OA server on to the desktop, and is executed on the desktop.

So right now I am limited only to client side initiated server audits. That is, I know how to start audit by copying the audit_windows.vbs file on the Windows desktop and schdule it using Windows scheduler. I have spent a lot of days figuring out how to set up the server initiated audit using WMI but not successful til now. Any clues will be most welcome.

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/