Child pages
  • Running Open-AudIT Apache Service under Windows
Skip to end of metadata
Go to start of metadata

This relates to using our default network address as http://127.0.0.1/open-audit/ and auditing Windows computers using a script from a Windows Open-AudIT server.


If you're running an Open-AudIT server on Linux, this doesn't affect you.


See The Default Network Address for some background.


If you are using the "new" (as at 3.1.0) way of running discoveries (ie, using http://127.0.0.1/open-audit/ as your network address and not setting the configuration item discovery_use_vintage_service to 'y') and you're seeing issues copying the audit script to the target device, you will want to change the service used to run Apache.


This is because the "Local System" account used to run Apache has no access to any "network" resources. IE - We cannot use Apache when running as trhis account to copy the audit script to Windows PCs.


We made this change because in our testing we were able to map a network drive using this account (albeit not using a drive letter). It has come to light that some users can still not do this. We are summising that domain based Windows PCs may have this disabled by policies (be they Windows defaults or implemented by the Domain Administrators).


To work around this we have created a configuration item called discovery_use_vintage_service. Setting this to y results in our not using the new way of auditing. This is very sub-optimal because the audit script runs on the Open_AduIT Server, not the target device. Because of that we cannot retrieve a few items of interest and it will place load on the server.


The best fix for this case is not to implement this configuration change, rather change the account that Apache runs as to a regular user account. This user needs no special domain or local priveleges. It just needs to be a "normal" user. A normal user does have access to network resources and will work as intended.


The change is simple to make, just follow the steps below.


Select the Start menu and type "services". Click the Services icon.



Next, right click the Apache2.4 service and select Properties, then click the Log On tab.


Select the "This Account" checkbox and provide the account name and password.

Next, click OK, then right click the Apache 2.4 service and click Restart. Done.


Performing those steps will enable Discoveries and audits to run as expected.