Como auditar un dominio Active Directory desde Open-AudIT Community

Publicado el 29 agosto 2016 por Oscar Oscar Meza @vidagnu

A continuación muestro como hacer una auditoria de los equipos en un dominio Windows, asumiendo que instalaste Open-AudIT en un servidor Linux.
Traslada los archivos "audit_windows.vbs" y "audit_domain.vbs" que se encuentran en la carpeta /usr/local/open-audit/other a tu servidor de dominio, abre el archivo "audit_windows.vbs" y encuentra las siguientes lineas.

' the address of the Open-AudIT server "submit" page
url = "http://localhost/open-audit/index.php/system"

' the username (if not using the user running the script)
struser = ""

' the password (if not using the user running the script)
strpass = ""

Sustituyelo por lo siguiente.

' the address of the Open-AudIT server "submit" page
url = "http://ip-de-tu-servidor-open-audit/open-audit/index.php/system"

' the username (if not using the user running the script)
struser = "nombre-de-tu-dominio\administrador"

' the password (if not using the user running the script)
strpass = "clave-de-administrador-de-dominio"

Guárdalo, ahora abre el archivo "audit-domain.vbs" y encuentra las siguientes lineas.

' the below are needed for remote audits as PSexec takes them as command line arguements
' I don't think (could be wrong) that PSexec can use the local logged on users credentials
' If it can, someone please provide me with a "how to"
' NOTE - if using the "local" option, the below are not needed
remote_user = ""
remote_password = ""

' the name and path of the audit script to use
script_name = "c:\una-direccion\audit_windows.vbs"

' set the below to your active directory domain
' you can add multiple domains in the array below.
'domain_array = array("LDAP://your.domain.here", "LDAP://domain.number.2", "LDAP://another.domain.org")
domain_array = array("LDAP://")

Y sustitúyelas por las siguientes.

' the below are needed for remote audits as PSexec takes them as command line arguements
' I don't think (could be wrong) that PSexec can use the local logged on users credentials
' If it can, someone please provide me with a "how to"
' NOTE - if using the "local" option, the below are not needed
remote_user = "administrador"
remote_password = "clave-del-administrador-de-dominio"

' the name and path of the audit script to use
script_name = "c:\audit_windows.vbs"

' set the below to your active directory domain
' you can add multiple domains in the array below.
'domain_array = array("LDAP://your.domain.here", "LDAP://domain.number.2", "LDAP://another.domain.org")
domain_array = array("LDAP://nombre-de-tu-dominio")

Ahora para iniciar la auditoria de equipos haz doble clic sobre el script "audit-domain.vbs" y listo.

Acerca del Autor

Mas informacion sobre el autor de este Blog