Urgent (OpenAudit 1.2 - Linux)
Hi guys;
I need help to integrate OPEN-AUDIT 1.2 with AD. I know who exist some places where I can insert information about AD but don't work. When I try to do login with a valid user in AD nothing happens. |
Quote:
Also, when asking a question, you should provide complete details. You don't say what version/distro of Linux you're using, what 'places' you put information, what message(s)/error(s) you got when you tried something, along with what you actually DID try, etc. Also, there is a fairly complete set of documentation ont he Open-AudIT site related to Active Directory; did you search for it first???? https://community.opmantek.com/displ...rectory+Domain https://community.opmantek.com/displ...rectory+domain https://community.opmantek.com/display/OA/Home |
Sorry, this wasn't my intention. I'll try to Explain better my problem. My company has about 1000 computer, we were using open-audit version 1.0 for linux/ubuntu 12.04. All was fine. Then, we decided make a update to version 1.2.1 the same system (ubuntu 12.04). I put all information about my AD how suggest https://community.opmantek.com/displ...nd+Description, but doesn't work. I do not got error (user don't exist, password wrong) nothing, only not accesses with AD user. I saw all that links, did search at the internet but I did not have sucess.
|
Quote:
|
Also,.. what version of server are you using? What mode is AD in? Are you using radius authentication or straight AD?
|
The username “teste.openaudit” is a valid user at AD, when I click on login and I go to capture the all packets output to port 389, I get the response below.
# tcpdump -ni eth0 src host 172.16.20.54 and dst host 10.1.1.2 and port 389 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 13:48:54.665458 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [S], seq 3091563126, win 14600, options [mss 1460,sackOK,TS val 88898464 ecr 0,nop,wscale 4], length 0 13:48:54.666310 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [.], ack 3465381985, win 913, options [nop,nop,TS val 88898465 ecr 196324077], length 0 13:48:54.666416 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [P.], seq 0:57, ack 1, win 913, options [nop,nop,TS val 88898465 ecr 196324077], length 57 13:48:54.673770 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [.], ack 111, win 913, options [nop,nop,TS val 88898467 ecr 196324077], length 0 13:48:54.676293 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [P.], seq 57:64, ack 111, win 913, options [nop,nop,TS val 88898467 ecr 196324077], length 7 13:48:54.676396 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [F.], seq 64, ack 111, win 913, options [nop,nop,TS val 88898467 ecr 196324077], length 0 So, I concluded the follow: 1º - Exist communication between OpenAudiT and AD; 2º – The username, password are correct. Nevertheless, I can't login. When I put the same username with wrong password. I get the message “Incorrect credentials”. I do not got error in apache file “error.log for example” or any other file. The open-audit.log displays the following message. # tail -f /usr/local/open-audit/other/open-audit.log Apr 30 16:04:00 vm-openaudith01 13064 C:discovery F:process_subnet SMBClient copy of audit_domain.vbs to 10.1.1.2 has succeeded. Apr 30 16:04:00 vm-openaudith01 13064 C:discovery F:process_subnet SMBClient copy of audit_windows.vbs to 10.1.1.2 has succeeded. Apr 30 16:04:00 vm-openaudith01 13064 C:discovery F:process_subnet Attempt to run audit_domain.vbs on 10.1.1.2 has succeeded. Apr 30 16:06:08 vm-openaudith01 13061 C:discovery F:discover_active_directory U:Administrator Discovery AD submitted for mt.transportes.gov.br. Apr 30 16:06:09 vm-openaudith01 13061 C:discovery F:process_subnet SMBClient copy of audit_domain.vbs to 10.1.1.2 has succeeded. Apr 30 16:06:09 vm-openaudith01 13061 C:discovery F:process_subnet SMBClient copy of audit_windows.vbs to 10.1.1.2 has succeeded. Apr 30 16:06:09 vm-openaudith01 13061 C:discovery F:process_subnet Attempt to run audit_domain.vbs on 10.1.1.2 has succeeded. That version wasn't installed on the same place where was the last one. This machine is completely new. Was created only to comport that application. I still have the last version totally funcional in another place. I do not put error message here because look, I not have that. I saw all logs files but nothing. I followed all step necessary, exactly how described on OpenAudit page. I would like to know if there are something I need do in another config file. This application needs authentication in Windows Active Directory (2008). I installed the OpenAudiT version 1.0 for linux(ubuntu) and do not had this problem, but now with that new version, my god I'm very confused. |
Thanks for all. I resolved the problem. The open-audit support gave me more information about this problem.
|
Quote:
|
All times are GMT -5. The time now is 08:44 PM. |