Revista Informática

Como auditar un dominio Active Directory desde Open-AudIT Community

Publicado el 09 marzo 2020 por Oscar Oscar Meza @vidagnu

A continuación muestro como hacer una auditoria de los equipos en un dominio Windows, asumiendo que instalaste Open-AudIT en un servidor Linux.

Traslada los archivos "audit_windows.vbs" y "audit_domain.vbs" que se encuentran en la carpeta /usr/local/open-audit/other a tu servidor de dominio, abre el archivo "audit_windows.vbs" y encuentra las siguientes lineas.

' the address of the Open-AudIT server "submit" page url = "http://localhost/open-audit/index.php/system" ' the username (if not using the user running the script) struser = "" ' the password (if not using the user running the script) strpass = ""

Sustituyelo por lo siguiente.

' the address of the Open-AudIT server "submit" page url = "http://ip-de-tu-servidor-open-audit/open-audit/index.php/system" ' the username (if not using the user running the script) struser = "nombre-de-tu-dominio\administrador" ' the password (if not using the user running the script) strpass = "clave-de-administrador-de-dominio"

Guárdalo, ahora abre el archivo "audit-domain.vbs" y encuentra las siguientes lineas.

' the below are needed for remote audits as PSexec takes them as command line arguements ' I don't think (could be wrong) that PSexec can use the local logged on users credentials ' If it can, someone please provide me with a "how to" ' NOTE - if using the "local" option, the below are not needed remote_user = "" remote_password = "" ' the name and path of the audit script to use script_name = "c:\una-direccion\audit_windows.vbs" ' set the below to your active directory domain ' you can add multiple domains in the array below. 'domain_array = array("LDAP://your.domain.here", "LDAP://domain.number.2", "LDAP://another.domain.org") domain_array = array("LDAP://")

Y sustitúyelas por las siguientes.

' the below are needed for remote audits as PSexec takes them as command line arguements ' I don't think (could be wrong) that PSexec can use the local logged on users credentials ' If it can, someone please provide me with a "how to" ' NOTE - if using the "local" option, the below are not needed remote_user = "administrador" remote_password = "clave-del-administrador-de-dominio" ' the name and path of the audit script to use script_name = "c:\audit_windows.vbs" ' set the below to your active directory domain ' you can add multiple domains in the array below. 'domain_array = array("LDAP://your.domain.here", "LDAP://domain.number.2", "LDAP://another.domain.org") domain_array = array("LDAP://nombre-de-tu-dominio")

Ahora para iniciar la auditoria de equipos haz doble clic sobre el script "audit-domain.vbs" y listo.


Volver a la Portada de Logo Paperblog