Overview
The tool is used to audit the Shared Folders, Proxy Access and Archive Path being used by users in a GroupWise System. The tool written in Visual Basic Scripting (VBS). It is safe for quick and easy deployment in mixed Novell/Microsoft environment.
The auditing tool has been designed to only activate when a GroupWise client is active and will sleep until the user has started their client. The tool creates a simple CSV file on the users workstation and copies the audit file to a central/branch location(s) on the network for easy reporting within the enterprise. An example CSV file is attached showing the output type (best viewed in Excel).
Installation
The attached text file should be renamed from ‘gwshaudit.vbs.txt’ to ‘gwshaudit.vbs’ and saved to the public folder on all servers with user network connections. This enables the file to be called from the Novell logon script from the users local ‘F:\public’ drive which should be already mapped to a search drive ‘Z:’. To enable the reporting tool to copy the audit file into a network location, a ‘Black Hole’ permission folder should be created. This allows users to create new file in this location but users are unable to open/view or file list the contents of the directory.
Create a folder(s) required for storing the audit files and only give the ‘[Public]’ eDirectory object ‘Create’ and ‘Write’ rights.
The login script for the OU’s that contain users should have the following added:
WRITE “GroupWise Audit – START”
@%windir\system32\WScript.exe //nologo Z:\gwshaudit.vbs “\\Server\Volume\GWAudit”
WRITE “GroupWise Audit – DONE”
Note: The ‘\\Server\Volume’ should be changed to the location(s) to store a copy of the audit file already setup with the Black Hole permissions. This doesn’t have to be the same location for all users. This may ease any problems with all users making a Netware connection to just one Novell server.
The Novell login script will start the command and continue the running of any other commands. This is accomplished by use of a ‘@’ symbol instead of a ‘#’ allowing the login script to continue processing and not waiting for the script to complete.
The source file can be download from here: gwsaudit._vbs.txt
Reporting
Each audit file is stored on the Users local ‘Debug’ directory contained within their ‘Windows’ directory. The file is named with the login ID and Display Name allowing for multiple users to use the same PC but keeping the audit information unique. The file is then copied to the network location(s). To make sure the information is only recorded once a registry flag is used. The first time the audit tool is used a flag should be set to one with the following command at the tool of the script file:
‘
‘ Groupwise Shared Folder Audit
‘
zVersion = 1
If the audit needs to be restarted on all workstations the flag should be change to ‘2’ or the next number. This will then recreate the files on both the local and network locations used to store the audit files.
Each of the auto files can then viewed with Excel individually. To create a global report copy audit files from all network locations in to one single directory. Then copy all the files into a one file using the following command:
‘Copy *.csv Report.csv’
Opening the ‘Report.csv’ file Excel shows the complete GroupWise Audit information by user.
An example user report here: gwshElena_Irving (Elena Irving).CSV
Error Reporting
The Windows Event Log will show the Start/Audit times of the script. Further information about the audit is also store in the users local registry:
HKCU\Software\CompanyX\GrpWiseAudit\Flag – Shows the Version flag being processed
HKCU\Software\ CompanyX\GrpWiseAudit\LastUpdated – Shows the last time the script completed
HKCU\Software\ CompanyX\GrpWiseAudit\ErrorInfo – Shows any Error information
HKCU\Software\ CompanyX\GrpWiseAudit\OutputFile – Shows the location of the audit file being copied to a network location
