Open-AudIT

What's on your network?
It is currently Thu Oct 18, 2018 9:08 pm

All times are UTC + 10 hours




Post new topic Reply to topic  [ 6 posts ] 
Author Message
PostPosted: Tue Mar 24, 2015 3:37 am 
Offline
Newbie

Joined: Fri Aug 08, 2014 3:48 am
Posts: 8
I have just updated from Open-AudIT 1.4.1 to 1.6.2. I'm not sure if the issues I'm having are because of the upgrade or just specific to this version in general.

I already upgraded the database after I logged in.

1) Attempting to update an existing user and add a password gives the following error (all other updates like email address etc work).
A PHP Error was encountered
Severity: Warning
Message: Creating default object from empty value
Filename: controllers/admin_user.php
Line Number: 102

2)In the ADMIN -> CONFIG menu attempting to update ad_server does not work. Other fields on this page such as ad_domain or default_windows_domain does work. There is no error message given, just the value never turns blue after editing. If you login to the SQL database directory and update the config_value field for ad_server in the oa_config table directly, the value properly shows on the configuration page, but still cannot be updated. If you attempt to update ad_domain, then all subsequent updates will fail until you leave the page and come back again (it's like the page cannot accept any udpates after that because it is still frozen waiting for ad_domain to upate).

3)The logo (ADMIN -> CONFIG) was set to logo-banner-logo-banner-oae after the upgrade. I had to change it manually to logo-banner-oae-oac.

4)Active Directory users and local users can both login, but if ad_server is set, when the local administrator logs in, the following error is given (login still works but error shows up)
A PHP Error was encountered
Severity: Warning
Message: ldap_bind(): Unable to bind to server: Invalid credentials
Filename: models/m_oa_user.php
Line Number: 435


Top
 Profile  
Reply with quote  
PostPosted: Tue Mar 24, 2015 1:55 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1961
Location: Brisbane, Australia
Hey Nathan,

Thanks very much for reporting the issues. #2 in particular is a frustrating one!

Quote:
1) Attempting to update an existing user and add a password gives the following error (all other updates like email address etc work).

I cannot replicate this.
You can try putting this code on line 101 (after the $erro = "0"; line)
Code:
$details = new stdClass();
I have included this in the next release.

nathanpeters wrote:
2)In the ADMIN -> CONFIG menu attempting to update ad_server does not work.

Now this one is really weird. I can see the bug, but I cannot see why it happening. I have included a work-around for the next release. You can mitigate this by replacing the following attached files.
/open-audit/code_igniter/application/controllers/ajax.php
/open-audit/code_igniter/application/views/theme-tango/v_edit_config.php

nathanpeters wrote:
3)The logo (ADMIN -> CONFIG) was set to logo-banner-logo-banner-oae after the upgrade.

Yep, known (and fixed for next release) issue mentioned here.
viewtopic.php?f=20&t=6418

nathanpeters wrote:
4)Active Directory users and local users can both login, but if ad_server is set

Known and fixed bug for next release. Can be fixed by replacing line 425 of /open-audit/code_igniter/application/models/m_oa_user.php with
Code:
$ad = @ldap_connect($ad_ldap_connect);
File also attached.


Attachments:
File comment: Rename m_oa_user.php
m_oa_user.php.txt [26.31 KiB]
Downloaded 104 times
File comment: Rename to ajax.php
ajax.php.txt [23.75 KiB]
Downloaded 104 times
File comment: Rename to v_edit_config.php
v_edit_config.php.txt [5.11 KiB]
Downloaded 107 times

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.
Top
 Profile  
Reply with quote  
PostPosted: Wed Mar 25, 2015 2:37 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1256
I can't replicate the Admin->Config ad_server setting problems in my production or test with multiple different browsers with the Windows 1.6.2 distribution. Just an FYI.


Top
 Profile  
Reply with quote  
PostPosted: Wed Mar 25, 2015 3:01 am 
Offline
Newbie

Joined: Fri Aug 08, 2014 3:48 am
Posts: 8
1) I figured out what the issue was. This is actually more to do with the Open-AudIT installer and CentOS.

When installing on CentOS is claims that it is enabling the epel repository. However, it doesn't seem to actually enable it. So when you get to the part where it tries to install php-mcrypt it fails. I assumed since everything else was working that php-mcrypt was not needed on CentOS, but everything except saving passwords works without it...

I'm not sure how the installer script is attempting to enable the repo but I found that 'yum install epel-release' worked for me. Then I was able to to 'yum install php-mcrypt' and saving a password started working.

One thing to note is that the error message I was getting is fixed by the code your provided, but that fix is actually completely unrelated to the password update, and the password update will succeed without showing you the error because you are forwarded off the page so fast you don't get time to see it. So yes, it should still be fixed, but the major problem was the php-mcrypt and the epel repo not working by default on CentOS.

4) That fix still doesn't suppress the error. Apparently code-igniter has it's own error handling and will still throw the error even with the @ suppressor in front of the ldap call.
Putting error_reporting(0); at the top of the script works, but that is more like a sledgehammer solution.


Top
 Profile  
Reply with quote  
PostPosted: Wed Mar 25, 2015 8:54 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1961
Location: Brisbane, Australia
Thanks for the follow-up Nathan.

Re #1 - I'll take a look at the installer.
Re #4 - looks like we might _have_ to use a sledgehammer. I'll grab the value for error_reporting, set it to 0, run the command, then restore it back to it's original value. Agreed this is not optimal :-(


Code for #4.

Code:
 
           $error_reporting = error_reporting();
            error_reporting(0);
            $ad = @ldap_connect($ad_ldap_connect);
            error_reporting($error_reporting);
            unset($error_reporting);

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Wed Mar 25, 2015 9:34 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1256
The PHP @ error control operator works on Windows (at least for me.) I thought that the @ operator basically does what your code does. It sets the error reporting level to 0 for the line. I don't see any call to set_error_handler in the 1.6.2 OA Windows source which would override the @ operator error display.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 8 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group