Open-AudIT https://www.open-audit.org/phpBB3/ |
|
new member (and active directory deploy) https://www.open-audit.org/phpBB3/viewtopic.php?f=5&t=5763 |
Page 1 of 1 |
Author: | sgiunchi [ Sat Sep 17, 2011 7:12 pm ] |
Post subject: | new member (and active directory deploy) |
Hi all, just registered, I'm using OAv1 with some of my customers' networks, for about 300 pc. I want to share some of my results. I started executing audit.vbs from a server, regularly; in doing this, there are two big problems: the server CPU goes 100% (I found the problem is the "deconstruct" function, when using the script in 4+ concurrent scans), and it usualli doesn't get all the clients. So, I transferred the scan on the client side: I copied audit.vbs and related config file to c: in every client, then created a scheduled task to start it at every pc start. Doing so, the audit.vbs is started only once on every pc, not hurting the pc speed. I use this audit.bat file, to check that the oa server is available and wait 5 minutes before starting the actual scan: [code] @echo off ping 127.0.0.1 -w 1000 -n 300 set /a "c=1" :retry echo c=%c% ping oa_server -w 1000 -n 3 if %errorlevel% neq 0 ( set /a "c+=1" if %c% GTR 100 ( goto endfile ) goto retry ) cscript.exe audit.vbs 127.0.0.1 > c:\oa\audit.log :endfile [/code] To automate this, using Windows 2008 new group policy options, I create a policy with: 1) file copy policy, copies the content o the \\server\oa folder in c:\oa on every client, to always have the last edit of the files 2) create an "openaudit" scheduled task on the client, which starts c:\oa\audit.bat at the pc start, and at 13:00 (when usually the pc is unused and turned on). Thanks to Mark for creating such an useful tool! Stefano |
Page 1 of 1 | All times are UTC + 10 hours |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |