RE: [squid-users] Hacking ntlm_auth to allow squidGuard ACLs

>
> Hi All,
>
> First post here!
>
> In the following article the author describes how to get Samba 3 and
> Squid working.
>
> http://www.informatikserver.at/modules.php?name=News&file=print&sid=2710
>
> However towards the end the author has a topic called "Hacking ntlm_auth
> to allow squidGuard ACLs" He describes making the following changes to
> the source of the ntlm_auth.c:
>
> In source/utils/ntlm_auth.c locate the line:
> x_fprintf(x_stdout, "AF %s\%s ", ntlmssp_state->domain,
> ntlmssp_state->user);
>
> And modify it to:
> x_fprintf(x_stdout, "AF %s ", ntlmssp_state->user);
>
> I came across this page because I was looking for a way to get
> squidGuard to recognize NT users so that I can create exceptions for
> certain ones. This way I can still proxy, and log the user's actions,
> but they won't have their content filtered. Will what this person is
> describing above accomplish that? Has anyone done this? If not can
> anyone think of any negative consequences? Also, if this does work the
> way I think it will, would I not specify the username in squidGuard as
> "domain\user", or just "user." "domain\user" crashes squidguard
> (probably because of the "\" I am guessing. Any ideas?
>

I have successfully done this with Squid2.5, Samba3 & SquidGuard 1.2.0
without making any changes to any source.
I just setup a number of squidguard userlists which I reference in my
squidguard.conf file.

Each file contains users in the following format:

user1
user2
user3

That's all that was required for me and I can now filter users depending on
their ADS user name via SquidGuard.

I'm not sure why the article you reference states you need to make changes.
I'm sure there is a good reason, I just know that I made no changes.

Regards
Jay
Received on Fri Sep 03 2004 - 03:24:06 MDT