Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

win agent installer 2.8.3 fails to setup permissions on non english systems #846

Closed
ybonnamy opened this issue May 17, 2016 · 6 comments
Closed

win agent installer 2.8.3 fails to setup permissions on non english systems #846

ybonnamy opened this issue May 17, 2016 · 6 comments

Comments

@ybonnamy
Copy link

ybonnamy commented May 17, 2016
edited
Loading

Hi, i'm impacted by the following closed issues :

#626
#616
#303

my system is Windows Server 2012 installed in english but it is an Active Directory migrated from a french version, so everything is around Administrateurs group and not about Administrators group

i've read that there was a need for test with the ossec-hids-2.9.0-beta02 in the past, i have compiled the installer and it failed on my french system. the only way i found to have this running is to introduce the following diff :

_yann@computer ~/ossec/ossec-hids-2.9.0-beta02/src/win-pkg $ diff ./setup/setup-win.c ./setup/setup-win.c.orig
57c57
<         system("echo y|cacls * /T /G Administrateurs:f ");

---
>         system("echo y|cacls * /T /G Administrators:f ");
75c75
<         system("echo y|cacls . /T /G Administrateurs:f ");

---
>         system("echo y|cacls . /T /G Administrators:f ");_

i have also read that some stuff should be OK with ossec-hids-2.9.0beta06 , unfortunatly i have not seen the usual "gen_win.sh" tool delivered in the v2.9.0beta06.tar.gz archive, i do not know how to compile the windows installer without it. i'd like to be a tester of the latest windows installer to verify it correctly handles non-english systems , thanks for your help ,

Regards,

yann.
@ddpbsd
Copy link
Member

ddpbsd commented May 17, 2016

You can build the agent on the newest beta with:

cd src
make TARGET=winagent

@ybonnamy
Copy link
Author

thanks a lot for this instruction, i have not encountered the usual file permission issues with ossec-hids-2.9.0beta06 , unfortunatly this new agent seems stuck not sending anything to the server with this in the logs :

2016/05/17 15:52:47 ossec-agent: WARN: Process locked. Waiting for permission...
2016/05/17 16:06:51 ossec-agentd(4101): WARN: Waiting for server reply (not started). Tried: '172.22.21.1'.
2016/05/17 16:06:53 ossec-agentd: INFO: Trying to connect to server 172.22.21.1, port 1514.

@aremai
Copy link
Contributor

aremai commented May 17, 2016

hi @ybonnamy
check out this link and search for your error message
http://ossec-docs.readthedocs.io/en/latest/faq/unexpected.html

i think you're fine with deleting the rids file /var/ossec/queue/ on the manager and restarting the manager.
if this doesn't solve your problem, then delete the agent that cannot connect and re-add this. this always worked for me.

@ybonnamy
Copy link
Author

thanks a lot @ddpbsd and @aremai , i had to delete / readd the agent to have it operational again. This ossec-hids-2.9.0beta06 seems operational on my french system. Thanks a lot for your support and excellent work,

Regards,

Yann.

@e-alfred
Copy link

I also have this problem on Server 2012 R2. My system is German.

@nbuuck nbuuck mentioned this issue Apr 19, 2018
Closed
@nbuuck
Copy link
Contributor

nbuuck commented Apr 19, 2018

Fixed in #1137

@ddpbsd ddpbsd closed this as completed Oct 23, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@nbuuck @ddpbsd @aremai @e-alfred @ybonnamy