[1]The aim of this project was to produce a stable build suitable for a management viewpoint of an Organisations IT infrastructure. It needed to be able to provide a known assesment of the state of any asset on the network. Essentially it is a collection of open source network and asset reporting tools that perform monitoring on your network and information is stored in MYSQL databases. One primary database is then used to build the expenditure profile of the configuration item (CI). ie: What does it do and what software is running on it, and at what cost to the organisation.
To achieve this it has been nessecary to standardise on opertaing system as well as build priciples in terms of installs for selective software. This build has used UBUNTU, a Debian variant of the Linux operating system. You may already be running some of this other software in your enviornment but it is strongly recommended that you build this server with a fresh install of software for you site.
Some of the key features are:
It should really be stated here that "If your not running a network with at least 30 machines this may not be a good project to under take." The build will most likely take you several days.
Please have a quick review of the Tech Help for anything that is not clear
So choose a piece of hardware of at least 1Ghz CPU, 256 - 512mb Ram and a 20Gb HDD and load up UBUNTU Linix version 6.06. Ubuntu is a Debian variant and is very stable. This build is very minimalistic. That is for the install just load the base server only. Do not select LAMP Server (Linux, Apache, MYSQL, Perl / PHP / Pear). You will need to provide server names, admin accounts, DHCP connectivity or be able to allocate an IP address, proxy details or ADSL internet connectivity, and the first steps of the build require domain administration access.
There is no native graphical desktop for this machine. The initial access to the server is all command line. Once the first packages are installed under apt-get, SSH will enable remote connectivity to your server. Suggested software for your M$ machine is cygwin. It is a linux emulation program to run under M$. Be sure to install with all network options and connect to your server under the following command #>ssh -l root 10.xx.xx.xx and you will then be prompted for your root password. User and admin (Webmin) access is via a web interface. MYSQL DB administration can be performed under the GUI in Webmin or for more intensive DB tasks phpMyAdmin is an excellent piece of software.
Assuming that you have now built your UBUNTU server login with the user name and password you setup during the build process.
Ubuntu loads up with a feature called SUDO. basically it requires a second factor of authentication to execute admin commands. Because most of the build will require root access, we need to bypass SUDO by allocating a password to the root account.
All the command line input required from you will be prefixed by #> for a command that can be run from any location or /usr/local#> to state the location of where a command should be run from.
#>sudo passwd root
#enter password for SUDO:> (type your password)
#Enter new UNIX password:>(type your new root password)
#Retype new UNIX password:>(retype your new root password)
You should get the following message stating that you have successfully updated the root password
#passwd: password updated successfully
#>logout
You should now be presented with the login request. Log back in as root
#>root
#>(your root password)
You are now logged in as full root user. So be a little careful
We now need to configure apt-get which is the Debian based package repository. We will only install selective packages under this method.
#>apt-get update
You get output stating the repository addresses that it contacted and that the packages list has been updated.
Now lets install the first wave of packages. SSH will allow us to connect from a remote machine, Samba will enable us to define a sharepoint accessible to a M$ box, Appache will install the web server, PHP for active server components, etc
#>apt-get install build-essential
#>apt-get install ssh
#>apt-get install samba
#>apt-get install apache2
PHP will be installed shortly, but first you should install MYSQL from the distribution binary. As you need to get the code to the server, you will have to configure samba. Samba enables us to define a M$ share point on the server. The configuration is defined in a file called "smb.conf" To edit this file you will need to use vim, it is in the build already but these text editors can be a bit tricky to the un-initiated. Go to the location of the file we are going to edit. /etc/samba
#>cd /etc/samba
Under Linux you dont need to go the exact location but you should also get familar with what files are in these directories. You could easily run the command vi /etc/samba/smb.conf from any directory and get the file up for editing.
#>ls or ls -l (lists files and gives file atributes and ownership)
#>vi smb.conf
A few hints on the use of vi. Move the cursor to where you need to edit. press the "i" key to enable insert mode and then make your changes. Press "Shift and Escape" to get out of insert mode. Once out of insert mode you can save by pressing "Shift and Colon" which will give you a colon at the bottom left of the editing screen. "q!" and enter will quit without saving or "wq" and enter will write the cahnges to the file. Now lets do some edits, On line 27 you will find the workgroup = setting, modify that to suit your site, its the name of your M$ Domain. Go to line 213 and uncomment that and the next few lines. Uncomment means to delete # or ; from the start of the line and sets the action to be read upon exection of the file. The homes statement will now be activated when samba is restarted. Also uncomment lines 220, and allow valid user = %$, 224 and allow writable = yes, 228 and allow create mask = 664, and 232 and allow directory mask = 755. Okay and thats it for this file so "Shift and Escape" "Shift and Colon" "wq" "enter" and you should be back at /etc/samba
So lets give Samba a restart by executing the following command
#>/etc/init.d/samba restart
So lets setup a user to be the primary user of the box. Not an admin, but you will need to connect to the share under the context of this user. First we will create a group.
#>groupadd dbuser
#>useradd -g dbuser dbuser -p youruserpassword
or
#>adduser dbuser
#>Both these commands have several options so to get further information run the command eg: #>adduser --help Very useful in updating existing accounts group rights etc, When creating the Samba component of your account just reuse the same password.
#>smbpasswd -a dbuser
#>enter your password
#>validate and re-enter your password
So you have now created a group, a user, given it a password as well as giving it a Samba account and password. Now lets create its prime directory.
#>cd
#>cd /home
/home#>mkdir dbuser (By using the adduser command the home directory should created automatically)
/home#>chown -R dbuser /home/dbuser
/home#>chmod -R 775 /home/dbuser
/home#>cd /dbuser
/home/dbuser1#>mkdir code
So lets join the Domain
#>cd
#>net join -w thenameofyourm$domain -U domainadminaccountname
#>enter your domain admin account password
You will most likely get a message stating a kerberos issue, but the machine succesfully joins the domain. So lets give Samba another restart by executing the following command
#>/etc/init.d/samba restart
Go to your M$ box operating in the joined domain and bring up all network devices. Netbios has some limitations in terms of broadcasting outside its own subnet, but most likely you should be able to see your new server in the domain directory otherwise just hit F5 a few times for a refresh. If you cant see it under this method, just get the ip address of your server by running the command #>ifconfig and you will see your ip address on the second line. Map directly to it from your M$ box \\10.xx.xx.xx\dbuser . Check the Tech Help if your still having problems. Click on and provide the user details and password of the samba user you created. You should be presented with the share named "dbuser" with folder "code" sitting underneath. Test that you can write to this by creating a folder and saving a file to it.
Great. This is how we are going to get all of the require code loaded to your Linux box. It has been assumed that most users are going to need this type of connectivity but if you are familar with Linux and feel at ease using another method to get the code to your server, wget or mount a cd drive, etc, I,m sure you'll work through the rest of the build instructutions without too many problems.
Now you will need to download the following install files from the internet. Check the updated software list for some links.
MYSQL Release Client 5.0.13 mysql-standard-5.0.13-rc-linux-i686.tar.gz
MYSQL Client libmysqlclient-lgpl_3.23.56.orig.tar.gz
Nagios by Orion install_nagios2.5_by_oreon-v1.tar.gz can be found at www.oreon-project.org [2]
Oreon Nagios Configuration oreon-1.3-RC3-1.tar.gz can be found at www.oreon-project.org. [3]You may also like to take this opportunity to download the M$ and linux client agents.
nmap-3.75-with-sql-0.0.8.tar.gz
PostNuke-0.762.tar
webmin-1.270.tar.gz
Owl-0.91.tar.gz
PEAR Libraries for Orean Nagios Web Configuration
nbtscan-1.5.1.tar.gz
Well thats basically the full kit. There are also some other perl components that will be install under CPAN and others under "apt-get". PEAR also have a similar installer but it wont get all required packages so check the list. Oreon wont install without all of these PEAR packages. So download the software and put each component in its own seperate directory under the Samba share folder structure.
ie \\yourserver\dbuser\code\ under M$ is the same as /home/dbuser1/code/ under Linux
Lets install the MYSQL DB Server followed up with the WEBMIN Administration interface. Suggested install directory for MYSQL is /usr/local/bin but we are going to use /usr/local as the prime point for our install directories. We will create a logical link from /usr/local/ to the MYSQL install directory
#>cd /usr/local/bin
/usr/local/bin#>mkdir mysqlinstall
/usr/local/bin#>cd ..
/usr/local#>mkdir webmin
/usr/local#>cd
#>cd /home/dbuser/code/mysql
/home/dbuser/code/mysql#>cp * /usr/local/bin/mysqlinstall
/home/dbuser/code/mysql#>cd ..
/home/dbuser/code#>cd webmin
/home/dbuser/code/webmin#>cp * /usr/local/webmin
/home/dbuser/code/webmin#>cd
#>cd /usr/local/bin/mysqlinstall
/usr/local/bin/mysqlinstall#>groupadd mysql
/usr/local/bin/mysqlinstall#>useradd -g mysql mysql
/usr/local/bin/mysqlinstall#>gunzip < * | tar xvf -
/usr/local/bin/mysqlinstall#>ls (You should see the original file as well as the unzipped directory. Now create a logical link to that directory from /usr/local)
/usr/local/bin/mysqlinstall#>cd ..
/usr/local/bin#>cd ..
/usr/local#>ln -s /usr/local/bin/mysqlinstall/mysql-standard-5.0.13-rc-linux-i686 mysql
/usr/local#>cd mysql
/usr/local/mysql#>./scripts/mysql_install_db --user=mysql
/usr/local/mysql#>cd ..
/usr/local/mysql#>chown -R root .
/usr/local/mysql#>chown -R mysql data
/usr/local/mysql#>chgrp -R mysql .
/usr/local/mysql#>cd bin
/usr/local/mysql/bin#>./mysqld_safe --user=mysql &
Refresh by hitting enter. Your Mysql Database Server should now be up and running. Test your login to the server by entering the following
/usr/local/mysql/bin#>./mysql
You should now be at a mysql prompt. This means you have command line access to the database server only. If your not real familar with SQL command line, you may want to back out of this until later. just type "quit" without the excalmation marks. This still leaves the database server running, it just clears your command line session.
mysql#>quit
/usr/local/mysql/bin#>cd
#>cd usr/local/webmin
/usr/local/webmin#>gunzip < * | tar xvf -
/usr/local/webmin#>cd webmin-1.270
/usr/local/webmin/webmin-1.270#>./setup.sh
Now just accept the defaults for the setup for Webmin. Just be ready with an Admin account name and password. And dont worry about the perl ssl error messages. You dont need ssl on this build. Once you have finished you can connect via Webmin by going in under a web browser to //10.xx.xx.xx:10000 Have a good look through and test your config under servers > mysql server. File manager under the Other menu tab is also going to be one of your frequently used tools. You will find the MYSQL configuration under the Servers tab. Click on it and select module configuration. Leave the Administration logon and Administration password blank. Make sure you change the paths listed below to the mysql files eg: /usr/local/mysql/bin/mysqladmin etc, and then save your changes. You should then have GUI access for the updating of accounts and datbase rights.
So now you need to setup some of the supporting code for the web server. Mainly all of the PHP components. So lets get to it
#>apt-get install php5
#>apt-get install php5-mysql
#>apt-get install php5-cli
#>apt-get install php5-cgi
#>apt-get install php-pear
#>apt-get install php5-gd
#>apt-get install php5-snmp
#>apt-get install php5-xmlrpc
#>apt-get install php5-xsl
#>apt-get install libapache2-mod-perl2
This next part is quite tedious. You need to download about 30 PEAR packages. If you download from the PEAR site you find this very time consuming. The required set can be obtained in a single zip file from our download site at SourceforgeXXX. So download it and unpack the contents to a single folder on your samba share. We also need to make a directory under the php install directory to store these files.
#>cd /usr/share/php
/usr/share/php#>mkdir pear
/usr/share/php#>cd
#>cd /home/dbuser/code/pear
/home/dbuser/code/pear#>cp * /usr/share/php/pear
/home/dbuser/code/pear#>cd
#>cd /usr/share/php/pear
#>Some of these packages are dependent upon each other but the following load order should get you through without errors
/usr/share/php/pear#>pear install Date-1[1].4.6.tgz
/usr/share/php/pear#>pear install DB-1[1].7.6.tgz
/usr/share/php/pear#>pear install MDB2-2[1].2.2.tgz
/usr/share/php/pear#>pear install HTML_Common-1[1].2.2.tgz
/usr/share/php/pear#>pear install HTML_Table-1[1].7.2.tgz
/usr/share/php/pear#>pear install DB_DataObject-1[1].8.4.tgz
/usr/share/php/pear#>pear install DB_DataObject_FormBuilder-1[1].0.0RC4.tgz
/usr/share/php/pear#>pear install HTTP-1[1].4.0.tgz
/usr/share/php/pear#>pear install Auth_SASL-1[1].0.2.tgz
/usr/share/php/pear#>pear install HTML_Table-1[1].7.2.tgz
/usr/share/php/pear#>pear install HTML_QuickForm-3[1].2.6.tgz
/usr/share/php/pear#>pear install HTML_QuickForm_advmultiselect-1[1].2.0.tgz
/usr/share/php/pear#>pear install Numbers_Roman-1[1].0.1.tgz
/usr/share/php/pear#>pear install Numbers_Words-0[1].15.0.tgz
/usr/share/php/pear#>pear install PEAR_PackageFileManager-1[1].6.0b4.tgz
/usr/share/php/pear#>pear install Archive_Tar-1[1].3.1.tgz
/usr/share/php/pear#>pear install Cache_Lite-1[1].7.2.tgz
/usr/share/php/pear#>pear install XML_RPC1.5.tgz
/usr/share/php/pear#>pear install XML_Parser-1[1].2.7.tgz
/usr/share/php/pear#>pear install XML_Feed_Parser-1[1].0.0RC1.tgz
/usr/share/php/pear#>pear install Validate-0[1].6.4.tgz
/usr/share/php/pear#>pear install Image_Color-1[1].0.2.tgz
/usr/share/php/pear#>pear install Image_Canvas-0[1].3.0.tgz
/usr/share/php/pear#>pear install Image_Graph-0[1].7.2.tgz
/usr/share/php/pear#>pear install Image_GraphViz-1[1].2.1.tgz
/usr/share/php/pear#>pear install Net_Socket-1[1].0.6.tgz
/usr/share/php/pear#>pear install Net_SMTP-1[1].2.8.tgz
/usr/share/php/pear#>pear install Mail-1[1].1.10.tgz
/usr/share/php/pear#>pear install Mail_Mime-1[1].3.1.tgz
/usr/share/php/pear#>pear install Net_Ping-2[1].4.1.tgz
/usr/share/php/pear#>pear install Net_Traceroute-0[1].21.tgz
Now this is complete you can start the install of Nagios and Orion
Suggested install directory is /usr/local/
#>/usr/share/php#>cd
#>cd /usr/local
/usr/local#>mkdir nagios
/usr/local#>mkdir oreon
/usr/local#>cd
#>cd /home/dbuser/code/nagios
/home/dbuser1/code/nagios#> cp install_nagios2.5_by_oreon-v1.tar.gz /usr/local/nagios
/home/dbuser/code/nagios#> cd ..
/home/dbuser/code/#>cd oreon
/home/dbuser/code/oreon#>cp oreon-1.3-RC3-1.tar.gz /usr/local/oreon
/home/dbuser/code/oreon#>cd
#>cd /usr/local/nagios
/usr/local/nagios#>gunzip < install_nagios2.5_by_oreon-v1.tar.gz | tar xvf -
/usr/local/nagios#>cd install_nagios2.5_by_oreon-v1
/usr/local/nagios/install_nagios2.5_by_oreon-v1#>./install.sh
This is going to setup the pre-requisiute programs required for the graphing of statistics from your systems. These tools include the RRD graphing tool, ZLIB library, SNMP tools, LibPNG, Type Fonts, Nagios and associated plugins, etc
If you have ever setup Nagios manually, you will really appreciate the automation that has gone into this install. Just accept all of the default settings for the install. The guys from Oreon have really done a fantastic job, it has saved about 3 to 5 hours of configure , make and install tasks, not to mention the reduction of the human error factor. There are still a few configuration things that need to be fixed post initial install. So, its assumed the install completed succesfully by finding the apache2 web install and setup the httpd.conf settings. You can check this by opening a web browser from a workstation on your network and directing it towards //10.0.xxx.xxx/nagios The expected result is to be presented with an authentication request and once authenticated as nagiosadmin, you should see the Nagios presentation screen but stating errors that configuration settings could not be read or a similar error. That is all good.
Nagios now needs to be re-configured to take advantage of the RRD tool set. It is also required to get the Status Map working. The status map feature works from a .cgi file that gets generated during the setup process. If the correct parameters are not stated during the configutarion process this file will not be generated, which is the case here. Go to the Nagios install file set and do a bit of fiddling.
/usr/local/nagios/install_nagios2.5_by_oreon-v1#>gunzip < nagios-2.5.tar.gz
/usr/local/nagios/install_nagios2.5_by_oreon-v1#>cd nagios-2.5
/usr/local/nagios/install_nagios2.5_by_oreon-v1/nagios-2.5#>./configure --with-gd-lib=/usr/local/bin --with-gd-inc=/usr/local/include --with-zlib=/usr/local/include --with-libpng=/usr/local/include
Now before you run the MAKE command, there is a small editing job that needs to be done. Go to the cgi directory and edit the file statusmap.c and remove lines 2214 and 2215 that refer to the jpeg format, otherwise the MAKE command wont complete successfully. You will need to do this under the vi editor or use Webmin file manager. I tried a few things to resolve this error but had no luck so I dropped the JPEG reference from the compile statement and made the required edits.
/usr/local/nagios/install_nagios2.5_by_oreon-v1/nagios-2.5#>make
/usr/local/nagios/install_nagios2.5_by_oreon-v1/nagios-2.5#>make install
/usr/local/nagios/install_nagios2.5_by_oreon-v1/nagios-2.5#>make installinit
/usr/local/nagios/install_nagios2.5_by_oreon-v1/nagios-2.5#>make installinit
/usr/local/nagios/install_nagios2.5_by_oreon-v1/nagios-2.5#>make
During this install process do not commit any further information to the apache httpd.conf file otherwise you will need to edit that to ensure there is only one set of entries pertaining to your nagios install. httpd.conf can be found on your system under /etc/apache2/
The next step is to complete the Oreon installation. Firstly unpack the tarball
/usr/local/nagios/install_nagios2.5_by_oreon-v1/nagios-2.5#>cd
#>cd /usr/local/oreon
/usr/local/oreon#> gunzip < oreon-1.3-RC3-1.tar.gz | tar xvf -
/usr/local/oreon#> cd oreon-1.3-RC3-1
/usr/local/oreon/oreon-1.3-RC3-1#>./install.sh
Now you should be able to accept all defaults except for the path to PEAR. So adjust this path to state /usr/share/php
Next step is to ensure that you have sufficient rights within MYSQL to create a database. Go into MYSQL Server under Webmin. Create a new DB user named dbuser. Allocate all rights to this user. Now go into database permissions and ensure that dbuser has rights on all databases. Ongoing security for the server needs to be addressed at a later stage. No build hardening has been considered for this build in this document.
Now open a web browser and reference //10.xx.xx.xx/oreon and commence the setup process. Ensure that the information is correct. eg: Apache user and group www-data, Nagios version is 2.X , Database user "dbuser" , Admin account setup, etc
At the end of this process you should be presented with the Oreon logon screen. Login and check it out. Take note of the configuration tab. You will be doing a lot of work under these screens. The first task is to setup the host and service templates, contacts, and then then the actual hosts and services including the parent and child relationships for the hosts and services. Once this is done go to the Nagios tab under the configuration screens. At the bottom of the page click the export button and select yes to the 3 nagios options eg: debug, write the files, and restart. Any errors will be detailed below. Keep resolving these issues until your notified of a succesful start up of Nagios.
The next step is the setup of Nmap. This install requires a little bit of a more manual setup of the database. You can find a repackaged version at cmdb.sourcforge.
Before installing Nmap you will need to install a MYSQL Clinet version 3.23.
There is quite a bit more explaining to do, and i'm getting to it. If you have got this far you should'nt have too much trouble below
/usr/local/oreon/oreon-1.3-RC3-1#>cd
#>cd /usr/local
/usr/local#>mkdir mysqlclient
/usr/local#>cd
#>cd /home/dbuser/code/mysqlclient
/home/dbuser/code/mysqlclient#>cp * /usr/local/mysqlclient
/home/dbuser/code/mysqlclient#>cd
#>cd /usr/local/mysqlclient
/usr/local/mysqlclient#>gunzip < libmysqlclient-lgpl_3.23.56.orig.tar.gz | tar xvf -
/usr/local/mysqlclient#>cd libmysqlclient-lgpl_3.23.56
/usr/local/mysqlclient/libmysqlclient-lgpl_3.23.56#>./configure
/usr/local/mysqlclient/libmysqlclient-lgpl_3.23.56#>make
/usr/local/mysqlclient/libmysqlclient-lgpl_3.23.56#>make install
/usr/local/mysqlclient/libmysqlclient-lgpl_3.23.56#>cd
#>cd /usr/local
/usr/local#>mkdir nmap
/usr/local#>cd
#>cd /home/dbuser/code/nmap
/home/dbuser/code/nmap#>cp * /usr/local/nmap
/home/dbuser/code/nmap#>cd
#>cd /usr/local/nmap
/usr/local/nmap#>gunzip < nmap.tar.gz | tar xvf -
/usr/local/nmap#>cd nmap-3.75
/usr/local/nmap/nmap-3.75#>./configure
/usr/local/nmap/nmap-3.75#>make
/usr/local/nmap/nmap-3.75#>make install
/usr/local/nmap/nmap-3.75#>cd ..
Create a symbolic link to the nmap executable from the root of the /usr/local/nmap folder.
/usr/local/nmap#>ln -s /usr/local/nmap/nmap-3.75/nmap nmap
The database setup now needs to wait until we have installed OCS inventory. The aim of this is so all data can be collected in a single database. Once OCS is installed we will make some extensions to the OCS DB for both the Nmap data and the data from nbtscan. For the instal of OCS we also need some perl components. these are downloaded from CPAN. Lets set it up now.
/usr/local/nmap#>cd
#>cpan update
#>cpan install Bundle::Cpan
#>cpan install DBI
#>cpan install Apache::DBI
#>cpan install DBD::Mysql
#>cpan install Compress::Zlib
#>cpan install XML::SAX
#>cpan install Net::IP
Another package called XML:Simple is also required but this package has always had some problems installing, and some additional packages also wont install properly. Download this package XML_Simple_2.75 to a folder on your samba share and do a fully manual install.
#>cd /usr/local
/usr/local#>mkdir xmlsimple
/usr/local#>cd
#>cd /home/dbuser/code/xmlsimple
/home/dbuser/code/xmlsimple#>cp * /usr/local/xmlsimple
/home/dbuser/code/xmlsimple#>cd
#>cd /usr/local/xmlsimple
/usr/local/xmlsimple#>gunzip < XML-Simple-2.75.tar.tar | tar xvf -
/usr/local/xmlsimple#>cd XML-Simple-2.75
/usr/local/xmlsimple/XML-Simple-2.75#>./configure
/usr/local/xmlsimple/XML-Simple-2.75#>make
/usr/local/xmlsimple/XML-Simple-2.75#>make install
/usr/local/xmlsimple/XML-Simple-2.75#>cd
#>Now all is prepared for the install of OCS Inventory. OCS requires both some command line and web based configuration and setup.
#>cd /usr/local
/usr/local#>mkdir ocs
/usr/local#>cd
#>cd /home/dbuser/code/ocs
/home/dbuser/code/ocs#>cp * /usr/local/ocs
/home/dbuser/code/ocs#>cd
#>cd /usr/local/ocs
/usr/local/ocs#>gunzip < OCS_NG_LINUX_SERVER_1.0RC3-1.tar.gz | tar xvf -
/usr/local/ocs#>cd OCS_NG_LINUX_SERVER_1.0RC3-1
/usr/local/ocs/OCS_NG_LINUX_SERVER_1.0RC3-1#>./setup.sh
OCS will find most settings automatically so you just need to accept the deafults
/usr/local/ocs/OCS_NG_LINUX_SERVER_1.0RC3-1#>cd
Now to complete the install you need to access OCS via the web browser. Go to //10.0.0.XXX/ocsreports and complete the setup process. You will need to specify database names and a DB access acount. You will most likely get a notification stating the netutils discovery did not find any devices or subnets. I havent quite worked out how this is supposed to work, but iassume somewhere under the covers there is a link to Nmap but I'm yet to work out how to get it functional. To overcome this we will just get the Nmap data into the OCS DB manually. Anyhow Nmap is one of those tools you really want to have strict control over its usage and execution rights.
Just to test the OCS install you may want to install the M$ agent on a few devices. Test the DNS resolution to your CMDB server from one of the workstations, if there is a problem just use the CMDB server's IP address when setting up the agent. Under this mode it can take up to 24 hours for the agent to execute and report back.
Now go back to the nmap instal directory and copy nmaplog.sql to Mysql/bin
cd /usr/local/nmap/nmap-3.75
/usr/local/nmap/nmap-3.75#>cp nmaplog.sql /usr/local/mysql/bin
cd /usr/local/nmap/nmap-3.75#>cd
#> cd /usr/local/mysql/bin
/usr/local/mysql/bin#>./mysql yourocsdbname < nmaplog.sql &
/usr/local/mysql/bin#>cd ..
Due to the fact that this install of Nmap to Mysql is coded with dependencies on the DB name, you will need to setup a symbolic link to allow the program to find a database of the name it expects to find.
/usr/local/mysql#>cd data
/usr/local/mysql/data#>ln -s /usr/local/mysql/data/yourocsdbname nmaplog
/usr/local/mysql/data#>cd
Nmap will go looking for an old libmysqlclient so we also need to fix that with a symbolic link
#>cd /usr/lib
/usr/lib#>ln -s /usr/lib/libmysqlclient.so.15 libmysqlclient.so.10
/usr/lib#>cd
Lets give Nmap a quick test by inspecting a single device on your network
#>cd /usr/local/nmap
/usr/local/nmap#>./nmap -O -sU 10.0.0.xxx
If all appears to run without error your DB should be collecting data without a problem. Otherwise try and resolve the errors, start by verifying your symbolic links
/usr/local/nmap#>cd
Now lets install nbtscan in a similar manner. Copy it to a directory under /usr/local
#>cd /usr/local
/usr/local#>mkdir nbtscan
/usr/local#>cd
#>cd /home/dbuser/code/nbtscan
/home/dbuser/code/nbtscan#>cp * /usr/local/nbtscan
/home/dbuser/code/nbtscan#>cd
#>cd /usr/local/nbtscan
/usr/local/nbtscan#>gunzip < nbtscan-1.5.1.tar.gz | tar xvf -
/usr/local/nbtscan#>cd nbtscan-1.5.1.tar.gz
/usr/local/nbtscan/nbtscan-1.5.1#>./configure
/usr/local/nbtscan/nbtscan-1.5.1#>make
/usr/local/nbtscan/nbtscan-1.5.1#>make install
/usr/local/nbtscan/nbtscan-1.5.1#>cp nbtscan.sql /usr/local/mysql/bin
/usr/local/nbtscan/nbtscan-1.5.1#>cd ..
Create a symbolic link to the nbtscan executable from the root of the /usr/local/nbtscan folder.
/usr/local/nbtscan#>ln -s /usr/local/nbtscan/nbtscan-1.5.1/nbtscan nbtscan
/usr/local/nbtscan#>cd
#>cd usr/local
/usr/local#>mkdir scans
/usr/local#>cd
#> cd /usr/local/mysql/bin
/usr/local/mysql/bin#>./mysql yourocsdbname < nbtscan.sql &
/usr/local/mysql/bin#>cd ..
Lets test your nbtscan data to the OCS database
/usr/local/nbtscan#>./nbtscan -s : 10.0.0.0-255 > /usr/local/scans/nbtscan.txt
/usr/local/nbtscan#>cd ..
/usr/local#>cd scans
Verify that the file has been created nbtscan.txt
/usr/local/scans#>ls
/usr/local/scans#>cd
#>cd /usr/local/mysql/bin
/usr/local/mysql/bin#>./mysqlimport yourocsdbname /usr/local/scans/nbtscan.txt --fields-terminated-by=: --columns=id,hosts1,devicetype,hosts2,macadd
If all appears to run without error your DB should be collecting data from nbtscan.txt without a problem. Otherwise try and resolve the errors, start by verifying your symbolic links. There is a minor error which is stated post the import of the data to the DB, but provided the record number increments and the timestamp is recorded properly just ignore these errors.
/usr/local/mysql/bin#>cd
Now lets install the PostNuke Content Management System. Copy it to a directory under /usr/local
#>cd /usr/local
/usr/local#>mkdir postnuke
/usr/local#>cd
#>cd /home/dbuser/code/postnuke
/home/dbuser/code/postnuke#>cp PostNuke-0.762.tar.gz /usr/local/postnuke
/home/dbuser/code/postnuke#>cd
#>cd /usr/local/postnuke
/usr/local/postnuke#>gunzip < PostNuke-0.762.tar.gz | tar xvf -
/usr/local/postnuke#>cd PostNuke-0.762
Now you need to complete this install from a web browser. to do this you will also need a symbolic link from the www root as well as setting some rights in the PostNuke directory.
/usr/local/postnuke/PostNuke-0.762#>chmod 666 config.php
/usr/local/postnuke/PostNuke-0.762#>chmod 666 config-old.php
/usr/local/postnuke/PostNuke-0.762#>cd
#>cd /var/www
/var/www#>ln -s /usr/local/postnuke/PostNuke-0.762/html ecdb
/var/www#>cd ecdb
Now open up a browser and point it to //10.0.0.xxx/ecdb/install.php
Follow the setup instructions and setup your database and admin accounts for the PostNuke system
/var/www/ecdb#>chmod 644 config.php
/var/www/ecdb#>chmod 644 config-old.php
You will also be promted to delete the original install files under the root of your site
/var/www/ecdb#>rm install.php
/var/www/ecdb#>rm -rf install
/var/www/ecdb#>cd
Now assuming that you have both the ECDB Thme and the PNCalendar in folders under your PostNuke folder on the samba share, lets copy those files into the PostNuke.
#>cd /home/dbuser/code/postnuke/pncalendar
/home/dbuser/code/postnuke/pncalendar#>gunzip < pncalendar-4.03a.tar.gz | tar xvf -
/home/dbuser/code/postnuke/pncalendar/pncalendar-4.03a#>cp -R * /var/www/ecdb/modules
You will need to go into the admin screens under PostNuke and initialise the Calendar module under the modules screen. Just regenerate the list and initialise and activate.
/home/dbuser/code/postnuke/pncalendar/pncalendar-4.03a#>cd ..
/home/dbuser/code/postnuke/pncalendar#>cd ..
/home/dbuser/code/postnuke#>cd themes
/home/dbuser/code/postnuke/themes#>gunzip < ecdbtheme.tar.gz | tar xvf -
/home/dbuser/code/postnuke/themes#>cp -R ecdbtheme /var/www/ecdb/themes
/home/dbuser/code/postnuke/themes#>cd
Go into the PostNuke system and initialise the theme under administration > Settings > And select the new theme as the default theme. you may want to choose the calendar module as the default start page, or ensure that an entry exists under the menu block to access the calendar.
PostNuke is a fairly easy system to get around and understand, but you do need to spend some time to learn how to set things up. The theme contains some graphics for the products that you just installed. You can setup news items complete with graphic to enable easy access to the various toolsets.
The last component of the build at this stage is the Owl Documnet Management System. As with the previous packages, it gets installed under /usr/local
#>cd /usr/local
/usr/local#>mkdir owldms
/usr/local#>cd
#>cd /home/dbuser/code/owldms
/home/dbuser/code/postnuke#>cp Owl-0.91.tar.gz /usr/local/owldms
/home/dbuser/code/owldms#>cd
#>cd /usr/local/owldms
/usr/local/owldms#>gunzip < Owl-0.91.tar.gz.tar.gz | tar xvf -
/usr/local/owldms#>cd Owl-0.91
/usr/local/owldms/Owl-0.91#>cd config
/usr/local/owldms/Owl-0.91/config#>vi owl.php
p>This file needs about 6 changes, most importantly with the following lines, line 21 the owl root. Lets set this to /owldms Next is line 32 to reflect owldms as the filesystem root /var/www/owldms , Next is line 39 to reflect owldms as the filesystem root /var/www/owldms , line 258 needs to be uncommented to enable the Mysql DB , lines 272 to 281 need to be populated with information about the DB user ID, password, host details, DB name (Call the DB owldms, we'll set it up shortly, ldap services / domain, etc. When your finished save the file. "Shift and Escape" "Shift and Colon" "wq" "enter" and you should be back at /usr/local/owldms/Owl-0.91/config#
/usr/local/owldms/Owl-0.91/config#>cd ..
/usr/local/owldms/Owl-0.91/config#>cd DOCS
/usr/local/owldms/Owl-0.91/DOCS#>cd sql
/usr/local/owldms/Owl-0.91/DOCS/sql#>cp mysql-tables.sql /usr/local/mysql/bin
/usr/local/owldms/Owl-0.91/DOCS/sql#>cd
#>cd /usr/local/mysql/bin
/usr/local/mysql/bin#>./mysql
MYSQL#>CREATE DATABASE owldms;
MYSQL#>quit
/usr/local/mysql/bin#>./mysql owldms < mysql-tables.sql &
/usr/local/mysql/bin#>cd
#>cd /var/www
/var/www#>ln -s /usr/local/owldms/Owl-0.91 owldms
/var/www#>cd owldms
/var/www/owldms#>chown -R www-data:www-data Documents
/var/www/owldms#>
Now open up a browser and point it to your server //10.0.0.xxx/owldms You should be presented with a login page. Login with username admin and password admin. Select the browse option to view the user presentation structure and have a play around.
Well thats where the build is at this point in time, OCS are just about to release their final release client which has a few good features for automated software deploment and a few other things. There are a full range of data extensions that are being explored for the next steps and essentially it is around the area of cost models for hardware, software, and services.
Advice on the progress of updates will be posted on the development page of this site. Tech help will be updated for the latest information on support and services. As the products you have just installed are highly configurable, please spend some time checking out their full capabilities by having a look at the web links. Hope you all get some benefits from using these tools.