LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 04-30-2014, 03:31 PM   #1
anjo236
LQ Newbie
 
Registered: Mar 2014
Posts: 9

Rep: Reputation: Disabled
Urgent (OpenAudit 1.2 - Linux)


Hi guys;

I need help to integrate OPEN-AUDIT 1.2 with AD. I know who exist some places where I can insert information about AD but don't work. When I try to do login with a valid user in AD nothing happens.
 
Old 04-30-2014, 04:00 PM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,267

Rep: Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522
Quote:
Originally Posted by anjo236 View Post
Hi guys;
I need help to integrate OPEN-AUDIT 1.2 with AD. I know who exist some places where I can insert information about AD but don't work. When I try to do login with a valid user in AD nothing happens.
Please, refrain from marking your posts 'urgent'. We VOLUNTEER our time; asking for/expecting 'urgent' help is fairly rude.

Also, when asking a question, you should provide complete details. You don't say what version/distro of Linux you're using, what 'places' you put information, what message(s)/error(s) you got when you tried something, along with what you actually DID try, etc. Also, there is a fairly complete set of documentation ont he Open-AudIT site related to Active Directory; did you search for it first????

https://community.opmantek.com/displ...rectory+Domain
https://community.opmantek.com/displ...rectory+domain
https://community.opmantek.com/display/OA/Home
 
1 members found this post helpful.
Old 04-30-2014, 11:40 PM   #3
anjo236
LQ Newbie
 
Registered: Mar 2014
Posts: 9

Original Poster
Rep: Reputation: Disabled
Sorry, this wasn't my intention. I'll try to Explain better my problem. My company has about 1000 computer, we were using open-audit version 1.0 for linux/ubuntu 12.04. All was fine. Then, we decided make a update to version 1.2.1 the same system (ubuntu 12.04). I put all information about my AD how suggest https://community.opmantek.com/displ...nd+Description, but doesn't work. I do not got error (user don't exist, password wrong) nothing, only not accesses with AD user. I saw all that links, did search at the internet but I did not have sucess.
 
Old 05-01-2014, 11:59 AM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,267

Rep: Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522
Quote:
Originally Posted by anjo236 View Post
Sorry, this wasn't my intention. I'll try to Explain better my problem. My company has about 1000 computer, we were using open-audit version 1.0 for linux/ubuntu 12.04. All was fine. Then, we decided make a update to version 1.2.1 the same system (ubuntu 12.04). I put all information about my AD how suggest https://community.opmantek.com/displ...nd+Description, but doesn't work. I do not got error (user don't exist, password wrong) nothing, only not accesses with AD user. I saw all that links, did search at the internet but I did not have sucess.
Ok, but we still have nothing we can tell you. Even with what you posted here, the entire problem description is "I did not have sucess". Without SOME error(s)/message(s)/log(s), there is little we can tell you. Can you run open-audit in verbose mode? How did you upgrade it in ubuntu? Did you remove the old version first?
 
1 members found this post helpful.
Old 05-01-2014, 12:15 PM   #5
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,237

Rep: Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656
Also,.. what version of server are you using? What mode is AD in? Are you using radius authentication or straight AD?
 
1 members found this post helpful.
Old 05-02-2014, 01:24 PM   #6
anjo236
LQ Newbie
 
Registered: Mar 2014
Posts: 9

Original Poster
Rep: Reputation: Disabled
The username “teste.openaudit” is a valid user at AD, when I click on login and I go to capture the all packets output to port 389, I get the response below.

# tcpdump -ni eth0 src host 172.16.20.54 and dst host 10.1.1.2 and port 389
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:48:54.665458 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [S], seq 3091563126, win 14600, options [mss 1460,sackOK,TS val 88898464 ecr 0,nop,wscale 4], length 0
13:48:54.666310 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [.], ack 3465381985, win 913, options [nop,nop,TS val 88898465 ecr 196324077], length 0
13:48:54.666416 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [P.], seq 0:57, ack 1, win 913, options [nop,nop,TS val 88898465 ecr 196324077], length 57
13:48:54.673770 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [.], ack 111, win 913, options [nop,nop,TS val 88898467 ecr 196324077], length 0
13:48:54.676293 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [P.], seq 57:64, ack 111, win 913, options [nop,nop,TS val 88898467 ecr 196324077], length 7
13:48:54.676396 IP 172.16.20.54.57775 > 10.1.1.2.389: Flags [F.], seq 64, ack 111, win 913, options [nop,nop,TS val 88898467 ecr 196324077], length 0

So, I concluded the follow:

1 - Exist communication between OpenAudiT and AD;
2 – The username, password are correct. Nevertheless, I can't login.

When I put the same username with wrong password. I get the message “Incorrect credentials”.

I do not got error in apache file “error.log for example” or any other file.

The open-audit.log displays the following message.

# tail -f /usr/local/open-audit/other/open-audit.log
Apr 30 16:04:00 vm-openaudith01 13064 C:discovery Frocess_subnet SMBClient copy of audit_domain.vbs to 10.1.1.2 has succeeded.
Apr 30 16:04:00 vm-openaudith01 13064 C:discovery Frocess_subnet SMBClient copy of audit_windows.vbs to 10.1.1.2 has succeeded.
Apr 30 16:04:00 vm-openaudith01 13064 C:discovery Frocess_subnet Attempt to run audit_domain.vbs on 10.1.1.2 has succeeded.
Apr 30 16:06:08 vm-openaudith01 13061 C:discovery F:discover_active_directory U:Administrator Discovery AD submitted for mt.transportes.gov.br.
Apr 30 16:06:09 vm-openaudith01 13061 C:discovery Frocess_subnet SMBClient copy of audit_domain.vbs to 10.1.1.2 has succeeded.
Apr 30 16:06:09 vm-openaudith01 13061 C:discovery Frocess_subnet SMBClient copy of audit_windows.vbs to 10.1.1.2 has succeeded.
Apr 30 16:06:09 vm-openaudith01 13061 C:discovery Frocess_subnet Attempt to run audit_domain.vbs on 10.1.1.2 has succeeded.

That version wasn't installed on the same place where was the last one. This machine is completely new. Was created only to comport that application. I still have the last version totally funcional in another place. I do not put error message here because look, I not have that. I saw all logs files but nothing. I followed all step necessary, exactly how described on OpenAudit page. I would like to know if there are something I need do in another config file. This application needs authentication in Windows Active Directory (2008).

I installed the OpenAudiT version 1.0 for linux(ubuntu) and do not had this problem, but now with that new version, my god I'm very confused.
 
Old 05-07-2014, 11:04 AM   #7
anjo236
LQ Newbie
 
Registered: Mar 2014
Posts: 9

Original Poster
Rep: Reputation: Disabled
Thanks for all. I resolved the problem. The open-audit support gave me more information about this problem.
 
Old 05-07-2014, 12:06 PM   #8
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,267

Rep: Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522Reputation: 6522
Quote:
Originally Posted by anjo236 View Post
Thanks for all. I resolved the problem. The open-audit support gave me more information about this problem.
Great...how about posting the solution here, then? You came here looking for assistance, and it would be nice if you contributed.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
boot sector and lilo collapse !!!!! URGENT URGENT URGEN !!!!! frelihm Linux - Software 21 12-02-2009 11:21 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 02:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration