Open-AudIT
https://www.open-audit.org/phpBB3/

Problem with permissions files
https://www.open-audit.org/phpBB3/viewtopic.php?f=5&t=2724
Page 1 of 1

Author:  Arnold [ Thu Apr 10, 2008 10:57 pm ]
Post subject:  Problem with permissions files

hello!
I have a domain, run a GPO to launch audit of the closing meeting of all users of the domain. I realized that the only runs when the user politics is local administrator of the workstation, or a domain administrator. Investigating I saw that each workstation on the road: "c: \ windows" are created 3 files "audit.config", "failed_audits.txt" and "setupapi.log." As users are only "domain users" have no permits "write" in the "c: \ windows" of the local machine, so the team was not audited. What if I fix to users of dominoes as local administrators. But I do not think a good solution, I would like to know how I can fix this so that simply being "authenticated users domain" no domain or local administrators. Have you ever had this problem. What is the best solution?.

Thank you for everything :P

Author:  A_Hull [ Fri Apr 11, 2008 2:28 am ]
Post subject:  Re: Problem with permissions files

First, update to the latest SVN version. Next ensure that the audit.vbs script you are running is the version from the SVN.
Run the script from a location where the users CAN change the log file (call the script from a batch file, but call it on a share where the script can write its logs when run as the user logging in and you should have no trouble).

Finally if you are still struggling, you can modify the script .

Change this section, particularly, fix the path rather then using the variables. The downside of this method is that you must re-modify the script every time a new version is released.

[code]
' Find out the name of this script, usually audit.vbs but it depends where we were called form.
full_script_name = WScript.ScriptFullName
' Strip off the .vbs and the path, so we can create files with the same suffix.
' No point in creating or overwriting audit.config if we aren't called audit.vbs
script_prefix = Left(full_script_name,(InStrRev(full_script_name,".vbs")-1))
script_prefix = Right(script_prefix,(len(script_prefix) - (InStrRev(WScript.ScriptFullName,"\"))))
' We also need the Path
sScriptPath=Left(WScript.ScriptFullName, InStrRev(WScript.ScriptFullName,"\"))

this_config = sScriptPath & script_prefix & ".config"

'this_config = "audit.config"
this_audit_log = sScriptPath & script_prefix & "_log.csv"
' keep_audit_log = "y"
'
' This takes no account of the command line switches added to a forked version, but in principal
' The logic should be...
' look for audit.config and use that, if it doesn't exist, grab it from
' the web server, if we cant do that, then use the internal defaults.
' Finally modify the defaults depending on any command line switches
'
'
' First check to see if we have no config file, if so lets see if we can grab one from the server
'
[/code]

What you change it to depends on where you want the log files and config to live.

BTW Was your post translated by Google by any chance? :P

Author:  Arnold [ Fri Apr 11, 2008 10:03 pm ]
Post subject:  Re: Problem with permissions files

Hi Andrew!

Yes, I transladted last reply with google, and was unsuccesfull LOL :D

Is possible to send this files: "audit.config", "failed_audits.txt" and "setupapi.log." to another path?
This files now are created on this path: "C:\Windows" (in each local machine). Problem with permission is that some users don´t have permission to create and modify files on path C:\Windows.

Thanks for reply!!

Regards!!

Author:  A_Hull [ Fri Apr 11, 2008 10:32 pm ]
Post subject:  Re: Problem with permissions files

Well, the files should be created in the same folder as the script runs. The trouble is if you run the script from a folder where you have no permissions, you will not be able to create the log or modify the config.

As stated previously, you could simply run the script from a share where the users do have permissions.

For example create a share on server Myserver called Audit$ and give every read write permissions on this folder.
copy your audit.vbs and audit.config there.

In your login script add a line
[code]
cscript \\MYSERVER\AUDIT$\audit.vbs
[/code]

Now the audit.vbs will run from the myserver share, and since the script path is \\myserver\audit$\ then this is where the script should create its logs.
If you are a little paranoid about the script being deleted or modified by your users, set it read only, set the permissions to admin r/w and you should be fine.

Author:  Arnold [ Mon Apr 14, 2008 5:01 pm ]
Post subject:  Re: Problem with permissions files

Hi Andrew,
Thanks for reply!

Our structure is that you said. We have a folder in our server with R/W permissions, but in computers generate this scripts: "audit.config", "failed_audits.txt" and "setupapi.log" on this folder C:\Windows.
When computer run script, I suppose that it ran in windows folder.
Is possible to specify another folder to create this.

We try to change write permissions on C:\Windows (on each PC), and all computers audit perfectly.

What will I do?

Thanks for all!!

Rergards!

Author:  A_Hull [ Mon Apr 14, 2008 6:37 pm ]
Post subject:  Re: Problem with permissions files

:? The script should create these files in the folder where the script is run from. Therefore if you run the audit.vbs script from for example.. J:\scripts then the files should be created in J:\scripts...

Does the batch file you are running call the script from \\server\share or from a mapped drive?

Author:  Arnold [ Mon Apr 14, 2008 6:54 pm ]
Post subject:  Re: Problem with permissions files

[quote="A_Hull"]:? The script should create these files in the folder where the script is run from. Therefore if you run the audit.vbs script from for example.. J:\scripts then the files should be created in J:\scripts...

Does the batch file you are running call the script from \\server\share or from a mapped drive?

Hi Andrew!!
Thanks for reply!

The batch file call the script from 'cscript \\server\share\audit.vbs'!!

Yes, I know that scripts will generate on run directory, but in workgroup scripts generate this files on each PC windows folder. I don´t know if we can create this files in other directory, because users don´t have permissions for modify Windows folder!

Regards!!

Author:  A_Hull [ Mon Apr 14, 2008 7:44 pm ]
Post subject:  Re: Problem with permissions files

As a workround, create an audit.config in the same folder as the audit.vbs, and ensure that use_audit_log = "n" is set in the audit.config this will ensure that no files are created anywhere.

Author:  Arnold [ Tue Apr 15, 2008 12:29 am ]
Post subject:  Re: Problem with permissions files

[quote="A_Hull"]As a workround, create an audit.config in the same folder as the audit.vbs, and ensure that use_audit_log = "n" is set in the audit.config this will ensure that no files are created anywhere.

Thanks for reply Andrew!

We created a config file with use_audit_log = "n", but didn´t works well. Didn´t audit and also have the same problem, permissions on windows folder.
I´m turning crazy with this problem, what is happening?
Andrew, no more people have this problem? Am I the only one that have it???

Thanks for all, and regards!!

Author:  A_Hull [ Tue Apr 15, 2008 5:58 pm ]
Post subject:  Re: Problem with permissions files

What version are you using. Try calling the script from a mapped drive, it could be the case that because the script is being run from a UNC it doesn't work correctly.

To summarise... Place the script, the config file and the batch file running the script in the share, Map a drive letter (for example J:) to the share (you could use a second batch file to do this) run the script with something like...
[code]
@echo off
j:
CSCRIPT J:\audit.vbs
pause
[/code]
What SHOULD happen is that the script will run, use the config file it finds in the current folder (in this case J:audit.config) and complete the audit, creating its log file also on drive J: (assuming the use_audit_log = "n" is not set in the config)

Modify this config file to suit your server name.

[code]
audit_location = "r"
verbose = "y"
audit_host="http://myserver.mydomain.local"
online = "yesxml"
strComputer = "."
ie_visible = "n"
ie_auto_submit = "y"
ie_submit_verbose = "n"
ie_form_page = "http://myserver.mydomain.local/openaudit/admin_pc_add_1.php"
non_ie_page = "http://myserver.mydomain.local/openaudit/admin_pc_add_2.php"
input_file = ""
email_to = ""
email_from = ""
email_server = ""
audit_local_domain = "n"
local_domain = "LDAP://mydomain.local"
hfnet = "n"
Count = 0
number_of_audits = 10
script_name = "audit.vbs"
monitor_detect = "y"
printer_detect = "y"
software_audit = "y"
uuid_type = "uuid"
nmap_subnet = "192.168.0." ' The subnet you wish to scan
nmap_subnet_formatted = "192.168.000.000" ' The subnet padded with 0's
nmap_ie_form_page = audit_host & "/openaudit/admin_nmap_input.php"
nmap_ie_visible = "n"
nmap_ie_auto_close = "y"
nmap_ip_start = 1
nmap_ip_end = 254
use_audit_log = "n"
[/code]

Let me know the results. Good luck. :D

Author:  Arnold [ Thu Apr 17, 2008 12:28 am ]
Post subject:  Re: Problem with permissions files

Hi Andrew,

We tried to map drive letter where are scripts, but wasn´t succesfull.

The problem really is that this files can´t create on this folder "c:\windows".
I think that problems comes from another part. Mapping folder with scripts doesn´t change folder where the files are created.

Thanks for all!!

Regards!!!!!

Author:  A_Hull [ Thu Apr 17, 2008 1:11 am ]
Post subject:  Re: Problem with permissions files

Modify the line.
[code]
sScriptPath=Left(WScript.ScriptFullName, InStrRev(WScript.ScriptFullName,"\"))
[/code]
to
[code]
sScriptPath="J:\PATHNAME"
[/code]

Where J:\PATHNAME is the location you would like the script to create the files. Run the script and let me know the results.

Thanks

Author:  Arnold [ Tue Apr 22, 2008 6:26 pm ]
Post subject:  Re: Problem with permissions files

Thanks for reply Andrew!

The evidence that we have done thus far are satisfactory, as you say goes all in 2 days :D :D :D

Thanks for all, and regards!! :mrgreen:

Author:  Arnold [ Wed Apr 30, 2008 5:02 pm ]
Post subject:  Re: Problem with permissions files

Hi Andrew,
I feel the delay in reply, have not been 2 days, but it is better late than never ... jaja :mrgreen: . Now I have more tests to verify whether the operation is correct. The code works perfectly with the changes. thanks for support :mrgreen: :mrgreen:

Thanks for all, and regards!!
:mrgreen:

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/