[osiris-devel] monitoring host state

Brian Wotring brian at shmoo.com
Mon Jan 5 17:29:04 EST 2004 

Agreed.  That is easy to add.  This would leave the user fields to:

     name, privs, home, flags, auth_flags, <groups...>

The main problem is with groups, though.  The NetGroupEnum function 
supports the GROUP_INFO_2 structure, which contains useful information. 
  However, this doesn't return a complete list of local groups.  The 
LocalGroupEnum function does, but it only supports the 
LOCALGROUP_ENUM_1 structure, which only has the group name!

On Jan 5, 2004, at 1:05 PM, Alexei_Roudnev wrote:

> For Windows, you need to monitor, at least,
>
>  Users, 'Member Of', with names insted of group SID. I can find a code,
> which allowed to extract such information (I wrote it in past - user, 
> list
> of groups).
>
> It is not excellent, but works.
>
>
> ----- Original Message -----
> From: "Brian Wotring" <brian at shmoo.com>
> To: "Osiris Developers" <osiris-devel at lists.shmoo.com>
> Sent: Monday, January 05, 2004 11:38 AM
> Subject: [osiris-devel] monitoring host state
>
>
>>
>> Here is what we have so far.  I'm mostly concerned with the lack of 
>> any
>> significant attributes on the Windows side.  If anyone knows of any 
>> way
>> to expand this, now is the time.
>>
>> unix users: name,uid,gid,gecos,home,shell
>> windows users: name, privs, home, flags, auth_flags
>>
>> unix groups:  group,gid
>>
>> For Windows, only  the name.  The LOCAL_GROUP_INFO structure contains
>> only the name and the comment field.  Getting the gid and other
>> attributes requires using NetGroupEnum(), which I have found to be
>> unreliable for listing local group information.
>>
>> linux kmods:  same as output from lsmod
>> darwin kexts: same as output from kextstat
>> windows kmods (services):  name, display_name, status  (types
>> SERVICE_WIN32)
>>
>> --
>>      Brian Wotring ( brian at shmoo.com )
>>      PGP KeyID: 0x9674763D
>>
>> _______________________________________________
>> osiris-devel mailing list
>> osiris-devel at lists.shmoo.com
>> https://lists.shmoo.com/mailman/listinfo/osiris-devel
>>
>
> _______________________________________________
> osiris-devel mailing list
> osiris-devel at lists.shmoo.com
> https://lists.shmoo.com/mailman/listinfo/osiris-devel
>
>
--
     Brian Wotring ( brian at shmoo.com )
     PGP KeyID: 0x9674763D

More information about the osiris-devel mailing list