What are the default credentials to log into the web interface?
For Open-AudIT, the following users are set up by default.
| Username | Password | Level | Used For |
|---|---|---|---|
| admin | password | Administrator | default logon |
| nmis | nm1888 | Administrator | For users matching the nmis default user. |
| open-audit_enterprise | openaudit1234567890 | User | List view access on "All Devices" group only. |
You should use the admin or nmis users to log on to the web interface.
For Open-AudIT Enterprise, the admin and nmis users (as above) exist. The open-audit_enterprise user is used internally by Open-AudIT Enterprise to retrieve data from Open-AudIT. If you change the password for this user in Open-AudIT, you should also insert the updated password in the conf/opCommon.nmis file inside Open-AudIT Enterprise. This file will be in c:\omk for Windows or /usr/local/omk for Linux installations.
My AntiVirus is prompting me to deny/allow things.
If you have Anti Virus software running, allowing the services of Opmantek (omkd), Apache (apache2.2) and MySQL (mysql) to auto start and run is essential. These services are used by Open-AudIT. You should only need to do this once. If your Anti Virus program keeps prompting you about Open-AudIT, please post to the forums or send an email to support with the name and version of your Anti Virus software.
How can I add another user to Open-AudIT?
In the Open-AudIT web interface, as an admin user, select the menu item menu -> Users -> Add a User.
Complete at least the username and password fields and allow access to at least one Group.
Testing the OMKD service/daemon is running
If you call the URL below in a browser, you should receive a logon page. Do NOT use this for logging on, only for testing the OMKD (Opmantek) service/daemon is running.
NOTE - you may need to open port 8042 on your servers firewall (if it's running a firewall). This is not normally required to be open, but testing the service from a remote client does require it be accessible.
http://<YOUR_SERVER>:8042/omk/oae
Running Apache on a different port (to the default port 80)
NOTE - This is specifically for the 1.2 release and later.
Running Apache on a port other than 80 is not recommended, but should be able to be accomplished by modifying the files below.
Open-AudIT is installed to c:\xampplite\open-audit on Windows and /usr/local/open-audit on Linux.
Open-AudIT Enterprise is installed to c:\omk on Windows and /usr/local/omk for Linux.
You will need to update the audit scripts "url" variable in the open-audit/other/ directory (both .sh and .vbs scripts). The files audit_linux.sh, audit_osx.sh, audit_subnet.sh, audit_subnet.vbs, audit_windows.vbs will all need changing.
In the configuration for Open-AudIT Enterprise change the file omk/conf/opCommon.nmis and set the oae_server variable to include the changed port number.
Changing the port Apache runs on is differnet for different installations. Some general guidelines are below.
On Debian/Ubuntu, modify the /etc/apache2/port.conf and the /etc/apache2/sites-enabled/000-default files (change the ports contained in them) then reload and restart apache with "service apache2 reload" and "service apache2 restart".
On RedHat/Centos, modify the /etc/httpd/conf/httpd.conf file (change the port contained in the Listen attribute) then restart apache with "/etc/init.d/httpd restart".
On Windows, modify the file c:\xampplite\apache\conf\httpd.conf (change the port contained in the Listen attribute) then restart apache by stopping and starting the apache2.2 Service in the Windows Services control panel item.
You should now be able to navigate to http://SERVER:81/ in your browser and get a response.
I cannot start the Apache service on Windows.
Have you checked that another program is not already using port 80? If you start a command prompt and type:
netstat -abn
You should get an output similar to:
C:\>netstat -abnp tcp Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:80 0.0.0.0:0 LISTENING [httpd.exe] TCP 0.0.0.0:135 0.0.0.0:0 LISTENING RpcSs [svchost.exe] TCP 0.0.0.0:443 0.0.0.0:0 LISTENING [httpd.exe] TCP 0.0.0.0:445 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:554 0.0.0.0:0 LISTENING [wmpnetwk.exe] TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING [wininit.exe] TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING eventlog [svchost.exe] TCP 0.0.0.0:1027 0.0.0.0:0 LISTENING Schedule [svchost.exe] TCP 0.0.0.0:1028 0.0.0.0:0 LISTENING [lsass.exe] TCP 0.0.0.0:1029 0.0.0.0:0 LISTENING [services.exe] TCP 0.0.0.0:1030 0.0.0.0:0 LISTENING PolicyAgent [svchost.exe] TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING [mysqld.exe] TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING CryptSvc [svchost.exe] TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:8042 0.0.0.0:0 LISTENING [opmantek_server.exe] TCP 0.0.0.0:10243 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 192.168.0.86:139 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 192.168.0.86:2869 192.168.0.1:3115 TIME_WAIT
Look for a program using port 80. In this case, note the output
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING [httpd.exe]
That indicates port 80 is being used by the executable httpd.exe (in this case, apache). You should not see any entries using :80.
If there is another program using port 80 either stop and remove it, change it's port (if possible) or install Open-AudIT on another machine.