1
0
-1

Attempting to do discovery audits after just updating to 1.12.8 was previously on 1.12.6 but this is still a trial installation. So just wiped and re-installed at 1.12.8 for some reason it sometimes worked in 1.12.6 but now in 1.12.8 it will not work at all. 

When attempting to discover a windows device this is the error that I get 

Aug 23 16:06:04 Open-Audit.westallis.loc 11601 5 U:- C:discovery F:process_subnet I:172.16.10.39 M:Linux attempt to copy file to 172.16.10.74 failed in wmi_helper::copy_to_windows. Error:/usr/bin/smbclient

Also constantly seeing this in the log as well unknown if related.

Aug 23 16:02:53 Open-Audit.westallis.loc 16949 5 U:Open-AudIT Enterprise C:main F:get_count I:127.0.0.1 M:open-audit_enterprise Active Directory failed verification (html request)

    CommentAdd your comment...

    3 answers

    1.  
      1
      0
      -1

      The issue appears to be that when I create the credentials with username@domain when it attempts to copy the audit script to the windows target it is only passing along the username with domain of mygroup instead of the domain name that I saved in the credentials. Is there a solution to this?

        CommentAdd your comment...
      1.  
        1
        0
        -1

        What Linux distribution and version are you using?

        Does your password contain any characters that might need escaping (/, ", $, ', etc)?

         

        1. Jonathan Kuzma

          I am running Open-AudIT on Centos 7. No the password on the account doing the discover does not contain any escaping characters.

        2. Mark Unwin

          I just tried this on a CentOS 7 machine discovering a Windows 2008 machine. It worked as intended. The Windows machine is a DC for a domain. No funny characters in the password. I'm not sure what to say. "It works for me" isn't overly helpful. Can you run a discovery using debug and send me the output? marku@opmantek.com

        CommentAdd your comment...
      2.  
        1
        0
        -1

        This is expected with AD authentication. Your Open-AudIT Enterprise user (the actual user named open-audit_enterprise) likely doesn't have an account in AD, so this is fine.

          CommentAdd your comment...