Versions Compared

Old Version 6

changes.mady.by.user Mark Unwin

Saved on

compared with

New Version 7

changes.mady.by.user Mark Unwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To prevent any output to the command window you can set debugging = "0" and run the script with cscript //nologo audit_windows.vbs .


Options

Not every Windows computer will be a simple domain connected machine. Sometimes you may have a server in a DMZ with no network connectivity to the internal network, a machine not on a domain, a standalone machine not networked at all, etc. There are options to overcome these. 

...

All variables can be passed via the command line at run time. You don't need to create one audit script for each different (say) set of remote user credentials. A couple of examples -

...

details_to_lower [y] (y|n) = Details like domain, hostname, username, etc are usually set to lower case for consistency. If you would like these kept as retrieved, set to "n".

 

...

Unusual Auditing

...

Not every Windows computer will be a simple domain connected machine. Sometimes you may have a server in a DMZ with no network connectivity to the internal network, a machine not on a domain, a standalone machine not networked at all, etc. There are options to overcome these. 

Computer with no network connectivity to the Open-AudIT server.

Copy the audit script to a USB drive, go to the remote computer and insert the USB disk. Open a command prompt and navigate to where you copied the script. Run the script and output to an XML file using the command

...

An XML file named COMPUTERNAME_DATE.xml should be created. Close the terminal window. Remove the USB disk and go to a computer with Open-AudIT connectivity. Open the XML file and copy the XML and paste into http://YOUR_SERVER/index.php/system

 

...

Computer not on the domain.

If you can see the computer on the network and it has it's firewall opened to allow remote WMI/VBscript, you can run the audit script using the remote credentials.

...

You may need to substitute "workgroup" or the remote computer name for REMOTE_DOMAIN above.

 

...

Computer than can see the Open-AudIT server, but the audit host cannot see the computer (unusual).

You can copy the audit script to the target computer and set it to run on a scheduled task and submit the result to the Open-AudIT server.