CN109257213A - Judge the method and apparatus of terminal access authentication failed - Google Patents

Judge the method and apparatus of terminal access authentication failed Download PDF

Info

Publication number
CN109257213A
CN109257213A CN201811050181.3A CN201811050181A CN109257213A CN 109257213 A CN109257213 A CN 109257213A CN 201811050181 A CN201811050181 A CN 201811050181A CN 109257213 A CN109257213 A CN 109257213A
Authority
CN
China
Prior art keywords
log
management system
recording table
log recording
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811050181.3A
Other languages
Chinese (zh)
Other versions
CN109257213B (en
Inventor
王振达
许卓伟
彭锴
吴福疆
陈光文
黄小奇
姚冰纯
纪炜灿
林资川
金文娴
郭济端
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Power Grid Co Ltd
Shantou Power Supply Bureau of Guangdong Power Grid Co Ltd
Original Assignee
Guangdong Power Grid Co Ltd
Shantou Power Supply Bureau of Guangdong Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Power Grid Co Ltd, Shantou Power Supply Bureau of Guangdong Power Grid Co Ltd filed Critical Guangdong Power Grid Co Ltd
Priority to CN201811050181.3A priority Critical patent/CN109257213B/en
Publication of CN109257213A publication Critical patent/CN109257213A/en
Application granted granted Critical
Publication of CN109257213B publication Critical patent/CN109257213B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0246Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/08Protocols specially adapted for terminal emulation, e.g. Telnet

Abstract

The present invention provides a kind of method and apparatus for judging terminal access authentication failed, it is related to the technical field of terminal access verifying, the described method includes: obtaining the corresponding log information of AD domain management system, desktop security management system and anti-virus management system respectively, corresponding log recording table is generated according to corresponding log information, recording respectively in corresponding log recording table has log feature code;Three log recording tables are subjected to integration and generate access validation check table, log feature code in access validation check table is matched into verifying with preset failure condition code data step by step, determines that fault type is short trouble or field failure according to matching verification result.The present invention can after accurate judgement terminal access validation fault whether can selfreparing, judge whether that two wires operation maintenance personnel must be assigned and arrive at scene and carry out Breakdown Maintenance, improve the working efficiency of operation maintenance personnel.

Description

Judge the method and apparatus of terminal access authentication failed
Technical field
The present invention relates to terminal access verification technique field, more particularly, to judging that terminal access verifies The method and apparatus of failure.
Background technique
For the management of the computer information safe of large enterprise, the verifying of computer access is one primary and necessary Secure authentication mechanisms.
When accessing its internal network to terminal, the network admittance verifying of use is basic for present many large enterprises It is upper to pass through the certification of (Active Directory, the Active Directory) domain AD, desktop security management registration and anti-virus module integrality Three kinds of fundamentals are differentiated.Under normal and smooth situation, computer user passes through CA (Certificate Authority, e-business certification authorized organization) certification login, pass through the certification of first layer AD domain management system, has then led to Terminal desktop management system client itself is crossed to be registered and return the online information of registration, third step terminal anti-virus Client self-test carries out anti-virus component integrity checking, finally carries out domain name matching and desktop security management system by access module The matching of system process, obtains Internet resources after all passing through.There are several possible mistakes to differentiate situation, packet for such authentication mechanism Include: (1) port access not enabled is not authenticated by domain and carries out the login of computer administrator's permission;(2) user uses cache entries Information registration computer is not verified with domain management system normal communication;(3) desktop security management system client process does not open It is dynamic, registration information is not obtained;(4) anti-virus module does not update completion, and component verification sequence number is matched with server-side before the update It is inconsistent;(5) anti-virus component faults can not be repaired voluntarily, need to reinstall.
Above several fault types will lead to the verifying of terminal access in short-term or persistently can not be normal through, but For operation management personnel, domain verifying communication is abnormal in short-term, desktop security management system client is inactive, anti-virus Component unfinished updates etc. verify unsanctioned problem, can be by terminal restarting or verify again by the short time Self-healing afterwards carries out Breakdown Maintenance without assigning operation maintenance personnel to scene.And for class such as anti-virus component faults or desktop The problems such as safety management system client failure, must then assign two wires operation maintenance personnel in time and arrive at scene progress Breakdown Maintenance. But for the user of terminal, which usual situation, which can not differentiate, which verifies unsanctioned problem, voluntarily to repair Multiple, which is verified unsanctioned problem and two wires operation maintenance personnel is needed to arrive at scene, once occur verifying unsanctioned problem, user Will Advise By Wire two wires operation maintenance personnel arrive at scene, cause the waste of human cost and time cost, working efficiency is low.
Summary of the invention
In view of this, the purpose of the present invention is to provide the method and device for judging terminal access authentication failed, Can after accurate judgement terminal access validation fault whether can selfreparing, judge whether that two wires O&M people must be assigned Member arrives at scene and carries out Breakdown Maintenance, improves the working efficiency of operation maintenance personnel.
In a first aspect, the embodiment of the invention provides a kind of method for judging terminal access authentication failed, it is described AD domain management system, desktop security management system, anti-virus management system are deployed on the network server of terminal access System and shared server, which comprises
The first log information of the AD domain management system is obtained, and the first log is generated according to first log information Record sheet, wherein first log recording table includes the first log feature code;
The second log information of the desktop security management system is obtained, and generates second according to second log information Log recording table, wherein second log recording table includes the second log condition code;
The third log information of the anti-virus management system is obtained, and third day is generated according to the third log information Will record sheet, wherein the third log recording table includes third log feature code;
First log recording table, second log recording table and the third log recording table are integrated simultaneously Generate access validation check table;
By the first log feature code in the access validation check table, the second log condition code and described Three log feature codes are matched verifying with the preset failure condition code data being stored in the shared server step by step, according to It matches verification result and determines that fault type is short trouble or field failure.
With reference to first aspect, the embodiment of the invention provides the first possible embodiments of first aspect, wherein institute The step of stating the second log information for obtaining the desktop security management system include:
The database log file of the desktop security management system is decrypted;
Journal file after decryption is stored to interim table space, and obtains the second day from the interim table space Will information;
The step of third log information for obtaining the anti-virus management system includes:
The database log file of the anti-virus management system is decrypted;
Journal file after decryption is stored to interim table space, and obtains the third day from the interim table space Will information.
With reference to first aspect, the embodiment of the invention provides second of possible embodiments of first aspect, wherein institute It states the first log feature code, the second log condition code and the third log feature in access validation check table Code is matched verifying with the preset failure condition code data being stored in the shared server step by step, according to matching verifying knot Fruit determines the step of fault type is short trouble or field failure, comprising:
The first log feature code and the preset failure condition code data are subjected to matching verifying, judge described first Whether log feature code is fault signature code, if it is, being determined as field failure;
Otherwise, the second log condition code and the preset failure condition code data are subjected to matching verifying, judge institute State whether the second log condition code is fault signature code, if it is, being determined as field failure;
Otherwise, the third log feature code and the preset failure condition code data are subjected to matching verifying, judge institute State whether third log feature code is fault signature code, if it is, being determined as field failure, otherwise, it is determined that being short trouble.
With reference to first aspect or second of possible embodiment of first aspect, the embodiment of the invention provides first party The third possible embodiment in face, wherein the method also includes:
When being determined as field failure, initiates work order and distribute process;
When being determined as short trouble, initiates information desk and put on record process.
With reference to first aspect, the embodiment of the invention provides second of possible embodiments of first aspect, wherein institute The first log recording table, second log recording table and the third log recording table is stated also to ask including at least terminal Ask login time, user name, computer name and verifying login result.
With reference to first aspect, the embodiment of the invention provides the third possible embodiments of first aspect, wherein Generates once first log recording table, second log recording table and described respectively every preset time in predetermined period Third log recording table, and accordingly generate the primary access validation check table and verifying primary fault type.
Second aspect, the embodiment of the present invention also provides a kind of device for judging terminal access authentication failed, described AD domain management system, desktop security management system, anti-virus management system are deployed on the network server of terminal access System and file-sharing server, described device include: AD domain management system timing script module, desktop security management system timing Script module, anti-virus management system timing script module and file-sharing server timing script module;
The AD domain management system timing script module, for obtaining the first log information of the AD domain management system, And the first log recording table is generated according to first log information, wherein first log recording table includes the first log Condition code;
The desktop security management system timing script module, for obtaining the second day of the desktop security management system Will information, and the second log recording table is generated according to second log information, wherein second log recording table includes the Two log feature codes;
The anti-virus management system timing script module, the third log for obtaining the anti-virus management system are believed Breath, and third log recording table is generated according to the third log information, wherein the third log recording table includes third day Will condition code;
File-sharing server timing script module is used for the first log recording table, the second log recording table and third Access validation check table is integrated and generated to log recording table, by access validation check table log feature code be stored in Preset failure condition code data in the file-sharing server carry out matching verifying step by step, are determined according to matching verification result Fault type is short trouble or field failure.
In conjunction with second aspect, the embodiment of the invention provides the first possible embodiments of second aspect, wherein also Including the first log deciphering module and the second log deciphering module;
The second log deciphering module, for the database log file of desktop security management system to be decrypted, And the journal file after decryption is stored to interim table space, wherein the journal file after the decryption is supplied to desktop security Management system timing script module is used to extract the second log information;
The third log deciphering module, for the database log file of anti-virus management system to be decrypted, and Journal file after decryption is stored to interim table space, wherein the journal file after the decryption is supplied to anti-virus management Timing script module is used to extract third log information.
In conjunction with second aspect, the embodiment of the invention provides second of possible embodiments of second aspect, wherein institute The first log recording table, second log recording table and the third log recording table is stated also to ask including at least terminal Ask login time, user name, computer name and verifying login result.
In conjunction with second aspect, the embodiment of the invention provides the third possible embodiments of second aspect, wherein institute AD domain management system timing script module, the desktop security management system timing script module, anti-virus management system timing stated Script module once mentions table every preset time progress in predetermined period, and generates corresponding first log recording table, the Two log recording tables and third log recording table;The file-sharing server timing script module is in predetermined period every pre- If the time accordingly generates the primary access validation check table and verifying primary fault type.
The embodiment of the present invention brings following the utility model has the advantages that the present invention is by extracting terminal and managing in the domain AD The login log information of system, desktop security management system and anti-virus management system, and three log recording tables are generated respectively, often A log recording table includes corresponding log feature code, three log recording tables is generated terminal access validation check table, and lead to It crosses the method for matching log step by step and corresponding log feature code is matched into verifying with preset failure condition code data step by step, it is real The accurate judgement for having showed the concrete reason to the failure of terminal access, effectively helps operation maintenance personnel to sentence fault type It is disconnected, O&M cost of labor is reduced, the working efficiency of operation maintenance personnel is substantially increased, while improving O&M quality.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification It obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention are in specification, claims And specifically noted structure is achieved and obtained in attached drawing.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate Appended attached drawing, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is the method flow diagram for judging terminal access authentication failed that the embodiment of the present invention one provides;
Fig. 2 is the step S200's for the method for judging terminal access authentication failed that the embodiment of the present invention one provides Flow chart;
Fig. 3 is the step S300's for the method for judging terminal access authentication failed that the embodiment of the present invention one provides Flow chart;
Fig. 4 is the step S500's for the method for judging terminal access authentication failed that the embodiment of the present invention one provides Flow chart;
Fig. 5 is the structural representation of the device of judgement terminal access authentication failed provided by Embodiment 2 of the present invention Figure.
Icon:
101-AD domain management system timing script module;102-AD domain management system;201- desktop security management system is fixed When script module;202- desktop security management system;203- the first log deciphering module;The management module timing of 301- anti-virus Script module;302- anti-virus management system;303- the second log deciphering module;401- file-sharing server timing script mould Block;402- file-sharing server.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present invention Technical solution be clearly and completely described, it is clear that described embodiments are some of the embodiments of the present invention, rather than Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise Under every other embodiment obtained, shall fall within the protection scope of the present invention.
Currently, it is unsanctioned which access verifying is usual situation can not differentiate for the user of terminal Problem can be with self-healing, which is verified unsanctioned problem and two wires operation maintenance personnel is needed to arrive at scene, once occur verifying not By the problem of, user will Advise By Wire two wires operation maintenance personnel arrive at scene, in fact, the case where frequently encountering is often two Line operation maintenance personnel does not arrive at scene also, and access is verified with regard to self-healing, thus causes human cost and time cost Waste, so that two wires operation maintenance personnel working efficiency is low.
Based on this, a kind of method and apparatus judging terminal access authentication failed provided in an embodiment of the present invention, The foot of matching verifying three elements (AD domain management system, desktop management system, anti-virus management system) log feature code can be passed through This tool, so produce matching table, be supplied to helpdesk service personnel to the terminal that user ensures carry out match look into It askes, judges that user malfunction reports whether problem needs to assign two wires O&M to in-situ processing for repairment.
Terminal herein refers to the terminal of access Intranet server.It needs to illustrate It is, wherein AD domain management system is regional computer and the subscriber policy management system disposed on the server;Desktop security pipe Reason system is the regional computer desktop security management system disposed on the server;Anti-virus management system is to be deployed in service Anti-virus security management system on device, file-sharing server are also the file-sharing server of deployment on the server.
For convenient for understanding the present embodiment, first to a kind of judgement terminal disclosed in the embodiment of the present invention The method of access authentication failed describes in detail.
Embodiment one:
Fig. 1 is the method flow diagram for judging terminal access authentication failed that the embodiment of the present invention one provides.
Referring to Fig.1, described method includes following steps:
S100, obtains the first log information of the AD domain management system, and the first log information is terminal access The data information of login is recorded information by established form taxonomic revision, generates the first log recording table, and the first log is believed Breath is stored to designated position.Wherein, the first log information includes the user name for requesting the domain AD login authentication, login time, calculating Machine name, verifying login result and the first log feature code.
S200 obtains the second log information of the desktop security management system, and raw according to second log information At the second log recording table, wherein the second log information is that the registration of desktop security management system client feedback logs in log, By in log request login time, user name, computer name, verifying login result and corresponding second log condition code into Row taxonomic revision record, generates the second log recording table, and the second log recording table is stored to designated position.
Further, as shown in Fig. 2, S200 includes:
The database log file of the desktop security management system is decrypted S201;
S202 stores the journal file after decryption to interim table space, and from the interim table space described in acquisition Second log information.
S300 obtains the third log information of the anti-virus management system, and generates the according to the third log information Three log recording tables, wherein third log information is that terminal anti-virus client component selftest module inspection result is anti- The system log of feedback, by rank request time therein, user name, computer name, self-detection result and corresponding log feature code into Row record, generates third log recording table, and third log recording table is stored to designated position.
Further, as shown in figure 3, S300 includes:
The database log file of the anti-virus management system is decrypted S301;
S302 stores the journal file after decryption to interim table space, and from the interim table space described in acquisition Third log information.
It should be noted that the execution sequence of above-mentioned steps S100-S300 is without particular order, for example, the can first be generated Two log recording tables regenerate the first log recording table, ultimately produce third log recording table.Moreover, above-mentioned three kinds of logs note Record table can extract simultaneously, generate simultaneously.
S400, by first log recording table, second log recording table and the third log recording table by both Fixed condition is integrated and generates access validation check table;
S500, by the access validation check table the first log feature code, the second log condition code and The third log feature code is matched step by step with the preset failure condition code data being stored in the shared server and is tested Card determines that fault type is short trouble or field failure according to matching verification result.
Further, as shown in figure 4, step S500, comprising:
The first log feature code and the preset failure condition code data are carried out matching verifying, judge institute by S501 State whether the first log feature code is fault signature code, if it is, being determined as field failure;
Otherwise the second log condition code and the preset failure condition code data are carried out matching verifying, sentenced by S502 Whether the second log condition code of breaking is fault signature code, if it is, being determined as field failure;
Otherwise the third log feature code and the preset failure condition code data are carried out matching verifying, sentenced by S503 Whether the third log feature code that breaks is fault signature code;
S504 is then determined as field failure if it is fault signature code;Field failure is the failure that can not be automatically repaired;
The terminal for the authentication failed that can not be automatically repaired is transferred to O&M when being determined as field failure by S505 Work order distributes process, i.e. initiation work order distributes process;
S506, otherwise, it is determined that being short trouble, short trouble is the failure that can be automatically repaired;
S507 initiates information desk and puts on record process, for the long-range of user malfunction counsel requests when being determined as short trouble Respond foundation.
Primary first log recording table, second log note are generated respectively every preset time in predetermined period Table and the third log recording table are recorded, and accordingly generates the primary access validation check table and verifying primary fault class Type.
It should be noted that 15 45 dividing when dividing to afternoon 17 when predetermined period can be set to the working day morning 8;And it is pre- If the time can be 15 minutes.And the preset time for generating access validation check table can be set to slightly longer than above three record The preset time of table, such as can be set to generate every 16 minutes primary.It refers in current time within 15 minutes described above The computer access logon data information being pushed forward in 15 minutes, 16 minutes described above, refers to that current time is pushed forward 16 minutes The access validation check table of interior generation.The access validation check table of generation can also be named as " in such a month, and on such a day terminal access verifying Check table ", in addition, stopping operation manually to be arranged in the specific implementation or starting operation manually.User can be according to practical feelings Condition selection is set as the period and executes or manually perform automatically.
Embodiment two:
As shown in figure 5, a kind of device for judging terminal access authentication failed, it should be noted that in the present invention Terminal AD domain management system 102, desktop security management system 202 and anti-virus management system 302 be installed, and count Calculation machine terminal is connected with shared server 402.Described device includes: AD domain management system timing script module 101, desktop security Management system timing script module 201, anti-virus management system timing script module 301, file-sharing server timing script Module 401, the first log deciphering module 203 and the second log deciphering module 303.
The AD domain management system timing script module 101, the first log for obtaining the AD domain management system are believed Breath, and the first log recording table is generated according to first log information, wherein first log recording table includes first Will condition code.
The desktop security management system timing script module 201, for obtaining the of the desktop security management system Two log informations, and the second log recording table is generated according to second log information, wherein the second log recording table packet Include the second log condition code;The second log deciphering module 203, for the database journal of desktop security management system is literary Part is decrypted, and the journal file after decryption is stored to interim table space, wherein the journal file after the decryption provides To desktop security management system timing script module 201 using to extract the second log information.
The anti-virus management system timing script module 301, for obtaining the third day of the anti-virus management system Will information, and third log recording table is generated according to the third log information, wherein the third log recording table includes the Three log feature codes.Third log deciphering module 303, for solving the database log file of anti-virus management system It is close, and the journal file after decryption is stored to interim table space, wherein the journal file after the decryption is supplied to anti-virus Management system timing script module 301 is used to extract third log information.
File-sharing server timing script module 401, for by the first log recording table, the second log recording table and the Access validation check table is integrated and generated to three log recording tables, by the log feature code in access validation check table and is stored Preset failure condition code data progress matching verifying step by step in the shared server, determines event according to matching verification result Hindering type is short trouble or field failure.
Further, first log recording table, second log recording table and the third log recording table be also Including at least terminal request login time, user name, computer name and verifying login result.
Further, the AD domain management system timing script module 101, desktop security management system timing script mould Block 201, anti-virus management system timing script module 301 carry out once mentioning table every preset time in predetermined period, and raw At corresponding first log recording table, the second log recording table and third log recording table;The file-sharing server is fixed When script module 401 accordingly generate the primary access validation check table and verifying one every preset time in predetermined period Secondary fault type.
The technical effect and preceding method embodiment phase of device provided by the embodiment of the present invention, realization principle and generation Together, to briefly describe, Installation practice part does not refer to place, can refer to corresponding contents in preceding method embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description It with the specific work process of device, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
The flow chart and block diagram in the drawings show the system of multiple embodiments according to the present invention, method and computer journeys The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation A part of one module, section or code of table, a part of the module, section or code include one or more use The executable instruction of the logic function as defined in realizing.It should also be noted that in some implementations as replacements, being marked in box The function of note can also occur in a different order than that indicated in the drawings.For example, two continuous boxes can actually base Originally it is performed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.It is also noted that It is the combination of each box in block diagram and or flow chart and the box in block diagram and or flow chart, execution can be used Defined function or the dedicated hardware based system of movement realize, or can use specialized hardware and computer instruction Combination is to realize.
The method of judgement terminal access authentication failed provided in an embodiment of the present invention, and it is provided by the above embodiment The device technical characteristic having the same for judging terminal access authentication failed, is asked so also can solve identical technology Topic, reaches identical technical effect.
In the description of the present invention, it should be noted that term " first ", " second ", " third " are used for description purposes only, It is not understood to indicate or imply relative importance.
Carry out judging the computer program of the method for terminal access authentication failed provided by the embodiment of the present invention Product, the computer readable storage medium including storing the executable non-volatile program code of processor, described program generation The instruction that code includes can be used for executing previous methods method as described in the examples, and specific implementation can be found in embodiment of the method, This is repeated no more.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed is device and method, can be passed through Other modes are realized.The apparatus embodiments described above are merely exemplary, for example, the division of the unit, only For a kind of logical function partition, there may be another division manner in actual implementation, in another example, multiple units or components can be tied Another system is closed or is desirably integrated into, or some features can be ignored or not executed.Another point, it is shown or discussed Mutual coupling, direct-coupling or communication connection can be the INDIRECT COUPLING by some communication interfaces, device or unit Or communication connection, it can be electrical property, mechanical or other forms.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in the executable non-volatile computer-readable storage medium of a processor.Based on this understanding, of the invention Technical solution substantially the part of the part that contributes to existing technology or the technical solution can be with software in other words The form of product embodies, which is stored in a storage medium, including some instructions use so that One computer equipment (can be personal computer, server or the network equipment etc.) executes each embodiment institute of the present invention State all or part of the steps of method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read- Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. are various can be with Store the medium of program code.
Finally, it should be noted that embodiment described above, only a specific embodiment of the invention, to illustrate the present invention Technical solution, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair It is bright to be described in detail, those skilled in the art should understand that: anyone skilled in the art In the technical scope disclosed by the present invention, it can still modify to technical solution documented by previous embodiment or can be light It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make The essence of corresponding technical solution is detached from the spirit and scope of technical solution of the embodiment of the present invention, should all cover in protection of the invention Within the scope of.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. a kind of method for judging terminal access authentication failed, the network server top of the terminal access There are AD domain management system, desktop security management system, anti-virus management system and file-sharing server in administration, which is characterized in that The described method includes:
The first log information of the AD domain management system is obtained, and the first log recording is generated according to first log information Table, wherein first log recording table includes the first log feature code;
The second log information of the desktop security management system is obtained, and the second log is generated according to second log information Record sheet, wherein second log recording table includes the second log condition code;
The third log information of the anti-virus management system is obtained, and third log note is generated according to the third log information Record table, wherein the third log recording table includes third log feature code;
First log recording table, second log recording table and the third log recording table are integrated and generated Access validation check table;
By the first log feature code, the second log condition code and the third day in the access validation check table Will condition code is matched verifying with the preset failure condition code data being stored in the file-sharing server step by step, according to It matches verification result and determines that fault type is short trouble or field failure.
2. the method for judgement terminal access authentication failed according to claim 1, which is characterized in that the acquisition The step of second log information of the desktop security management system includes:
The database log file of the desktop security management system is decrypted;
Journal file after decryption is stored to interim table space, and obtains the second log letter from the interim table space Breath;
The step of third log information for obtaining the anti-virus management system includes:
The database log file of the anti-virus management system is decrypted;
Journal file after decryption is stored to interim table space, and obtains the third log letter from the interim table space Breath.
3. it is according to claim 1 judgement terminal access authentication failed method, which is characterized in that it is described will be quasi- Enter the first log feature code, the second log condition code and the third log feature code in validation check table and deposits The preset failure condition code data being placed in the file-sharing server carry out matching verifying step by step, according to matching verification result Determine the step of fault type is short trouble or field failure, comprising:
The first log feature code and the preset failure condition code data are subjected to matching verifying, judge first log Whether condition code is fault signature code, if it is, being determined as field failure;
Otherwise, the second log condition code and the preset failure condition code data are subjected to matching verifying, judge described the Whether two log feature codes are fault signature code, if it is, being determined as field failure;
Otherwise, the third log feature code and the preset failure condition code data are subjected to matching verifying, judge described the Whether three log feature codes are fault signature code, if it is, being determined as field failure, otherwise, it is determined that being short trouble.
4. the method for judgement terminal access authentication failed according to claim 1 or 3, which is characterized in that described Method further include:
When being determined as field failure, initiates work order and distribute process;
When being determined as short trouble, initiates information desk and put on record process.
5. the method for judgement terminal access authentication failed according to claim 1, which is characterized in that described first Log recording table, second log recording table and the third log recording table also include at least terminal request and log in Time, user name, computer name and verifying login result.
6. the method for judgement terminal access authentication failed according to claim 1, which is characterized in that in default week Primary first log recording table, second log recording table and the third day are generated respectively every preset time in phase Will record sheet, and accordingly generate the primary access validation check table and verifying primary fault type.
7. a kind of device for judging terminal access authentication failed, the network server top of the terminal access There are AD domain management system, desktop security management system, anti-virus management system and file-sharing server in administration, which is characterized in that Described device includes: AD domain management system timing script module, desktop security management system timing script module, anti-virus management Timing script module and file-sharing server timing script module;
The AD domain management system timing script module, for obtaining the first log information of the AD domain management system, and root The first log recording table is generated according to first log information, wherein first log recording table includes the first log feature Code;
The desktop security management system timing script module, the second log for obtaining the desktop security management system are believed Breath, and the second log recording table is generated according to second log information, wherein second log recording table includes second day Will condition code;
The anti-virus management system timing script module, for obtaining the third log information of the anti-virus management system, And third log recording table is generated according to the third log information, wherein the third log recording table includes third log Condition code;
File-sharing server timing script module is used for the first log recording table, the second log recording table and third log Access validation check table is integrated and generated to record sheet, by the log feature code in access validation check table and is stored in described Preset failure condition code data in file-sharing server carry out matching verifying step by step, determine failure according to matching verification result Type is short trouble or field failure.
8. the device of judgement terminal access authentication failed according to claim 7, which is characterized in that further include the One log deciphering module and the second log deciphering module;
The second log deciphering module, for the database log file of desktop security management system to be decrypted, and will Journal file after decryption is stored to interim table space, wherein the journal file after the decryption is supplied to desktop security management Timing script module is used to extract the second log information;
The third log deciphering module, for the database log file of anti-virus management system to be decrypted, and will solution Journal file after close is stored to interim table space, wherein the journal file after the decryption is supplied to anti-virus management system Timing script module is used to extract third log information.
9. the device of judgement terminal access authentication failed according to claim 7, which is characterized in that described first Log recording table, second log recording table and the third log recording table also include at least terminal request and log in Time, user name, computer name and verifying login result.
10. the device of judgement terminal access authentication failed according to claim 7, which is characterized in that described AD domain management system timing script module, desktop security management system timing script module, anti-virus management system timing script Module once mentions table every preset time progress in predetermined period, and generates corresponding first log recording table, second day Will record sheet and third log recording table;The file-sharing server timing script module is in predetermined period when default Between accordingly generate the primary access validation check table and verifying primary fault type.
CN201811050181.3A 2018-09-07 2018-09-07 Method and device for judging computer terminal access verification failure Active CN109257213B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811050181.3A CN109257213B (en) 2018-09-07 2018-09-07 Method and device for judging computer terminal access verification failure

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811050181.3A CN109257213B (en) 2018-09-07 2018-09-07 Method and device for judging computer terminal access verification failure

Publications (2)

Publication Number Publication Date
CN109257213A true CN109257213A (en) 2019-01-22
CN109257213B CN109257213B (en) 2021-06-29

Family

ID=65047155

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811050181.3A Active CN109257213B (en) 2018-09-07 2018-09-07 Method and device for judging computer terminal access verification failure

Country Status (1)

Country Link
CN (1) CN109257213B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110781143A (en) * 2019-11-05 2020-02-11 北纬通信科技南京有限责任公司 Method and device for querying and extracting server logs

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104618384A (en) * 2015-02-13 2015-05-13 成都中科合迅科技有限公司 Single authentication method based on AD (Access Device) server
CN104618313A (en) * 2013-11-05 2015-05-13 华为技术有限公司 System and method for security management
CN104734881A (en) * 2014-12-11 2015-06-24 天津中兴智联科技有限公司 Log and abnormity probe implementation method
CN104753887A (en) * 2013-12-31 2015-07-01 中国移动通信集团黑龙江有限公司 Safety control implementation method and system and cloud desktop system
CN105653444A (en) * 2015-12-23 2016-06-08 北京大学 Internet log data-based software defect failure recognition method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104618313A (en) * 2013-11-05 2015-05-13 华为技术有限公司 System and method for security management
CN104753887A (en) * 2013-12-31 2015-07-01 中国移动通信集团黑龙江有限公司 Safety control implementation method and system and cloud desktop system
CN104734881A (en) * 2014-12-11 2015-06-24 天津中兴智联科技有限公司 Log and abnormity probe implementation method
CN104618384A (en) * 2015-02-13 2015-05-13 成都中科合迅科技有限公司 Single authentication method based on AD (Access Device) server
CN105653444A (en) * 2015-12-23 2016-06-08 北京大学 Internet log data-based software defect failure recognition method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110781143A (en) * 2019-11-05 2020-02-11 北纬通信科技南京有限责任公司 Method and device for querying and extracting server logs
CN110781143B (en) * 2019-11-05 2022-03-15 北纬通信科技南京有限责任公司 Method and device for querying and extracting server logs

Also Published As

Publication number Publication date
CN109257213B (en) 2021-06-29

Similar Documents

Publication Publication Date Title
CN106936817B (en) Operation execution method, board jump machine, cluster authentication server and bastion machine system
AU2013204797B2 (en) Cloud based virtual environment authentication
US8667096B2 (en) Automatically generating system restoration order for network recovery
US9940208B2 (en) Generating reverse installation file for network restoration
CN107196951B (en) A kind of implementation method and firewall system of HDFS system firewall
US9462081B2 (en) Cloud based virtual environment validation
CN109309683A (en) The method and system of client identity verifying based on token
CN112632575A (en) Authority management method and device of business system, computer equipment and storage medium
CN111314340B (en) Authentication method and authentication platform
CN110602125B (en) Data processing method, device, terminal and storage medium
US8818906B1 (en) Systems and methods for performing authentication of a customer interacting with a banking platform
US20070271593A1 (en) Method and apparatus for establishing a security policy, and method and apparatus for supporting establishment of security policy
CN110175466B (en) Security management method and device for open platform, computer equipment and storage medium
CN110221949A (en) Automate operation management method, apparatus, equipment and readable storage medium storing program for executing
CN105611089B (en) Proxy server and its control method and call center's login system
US20220244932A1 (en) Multi-signature validation of deployment artifacts
CN110175439A (en) User management method, device, equipment and computer readable storage medium
CN110909346B (en) Management method and system for manufacturing execution system
CN109257213A (en) Judge the method and apparatus of terminal access authentication failed
CN102801687A (en) Single sign-on system and method
CN109885790A (en) The method and apparatus for obtaining satisfaction evaluation data
CN101924794B (en) Internet based method for monitoring total software operation quantity in real time
CN106603567B (en) A kind of login management method and device of WEB administrator
CN106209751A (en) Service-oriented interface authentication method based on the operating system certificate of authority
CN109861982A (en) A kind of implementation method and device of authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant