[squid-users] Re: Réf. : [squid-users] NTLM username logging problem

From: <lukas.fuchs@dont-contact.us>
Date: Tue, 11 May 2004 13:46:17 +0200

hi
the client can connect to the internet, there is no popup, but there is
also no username in the access.log!
And I still don't know how I can make this working...

I think with the acl authorizedusers proxy_auth REQUIRED it should work...
But it doesn't....

Lukas

                                                                           
             sdavy@bics.fr
                                                                           
             11.05.2004 14:37 To
                                                                           
                                       lukas.fuchs@rieter.com
                                                                        cc
                                       squid-users@squid-cache.org
                                                                           
                                                                           
                                                                           
                                                                           
                                                                   Subject
                                       Réf. : [squid-users] NTLM username
                                       logging problem
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           

Hello,

what do you see exactly? Any authentication popups on the client side? No
user login in your squid logs? Can you please describe what happens?

---
Stéphane Davy - Consultant Alcôve
                      lukas.fuchs@rieter.com
                                                Pour :
squid-users@squid-cache.org
                      11/05/2004 10:30          cc :
                                                Objet :  [squid-users] NTLM
username logging problem
hi!
I've Squid 2.5 with NTLM, Samba 3 with Winbind, and Mandrake 9.2 running.
My problem is, that I want to log the usernames and their visited websites.
I want to do this with NTLM / Winbind. The user ID's are stored on a
WinNT-PDC.
And I don't want that the user must enter his key everytime, he connects to
the interet.
I think my Winbind works properly, so it must be something wrong with my
squid.conf...
squid.conf:
...
log_ip_on_direct off # off=hostname, on=ip ?
debug_options ALL,1
client_db on
auth_param ntlm program /usr/bin/ntlm_auth3 \
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program /usr/bin/ntlm_auth3 \
--helper-protocol=squid-2.5-basic
auth_param basic realm basic-squid-cache
auth_param basic children 5
auth_param basic credentialsttl 2 hours
acl authorizedusers proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl our_networks src 82.29.1.0/24
acl localhost src 82.29.1.26/255.255.255.255
acl safe_ports port 80              # http
acl safe_ports port 21              # ftp
acl safe_ports port 443             # https
acl safe_ports port 563             # https
acl safe_ports port 1025-65535      # unregistered ports
acl CONNECT method CONNECT
acl allowed_hosts src 82.29.1.0/255.255.255.0
http_access allow localhost
http_access deny !safe_ports
http_access deny CONNECT !safe_ports
http_access allow allowed_hosts
http_access allow our_networks
http_access allow all authorizedusers
http_access deny all
http_reply_access allow all
I think its probably something with the ACL's... Can you help me please?
Tanks!!!
Lukas
Received on Tue May 11 2004 - 05:46:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT