RE: [squid-users] Hacking ntlm_auth to allow squidGuard ACLs from Discussion Lists on 2004-09-04 (squid-users)

From: Discussion Lists <discussions@dont-contact.us>
Date: Sat, 4 Sep 2004 21:01:30 -0700

Thanks Jay,
I have a test environment, so I can just try uninstalling Samba2.x, and
just install Samba3 instead. I will give it a try.

Thanks again!
Mark

> -----Original Message-----
> From: Jay Turner [mailto:jturner@bsis.com.au]
> Sent: Friday, September 03, 2004 2:25 AM
> To: squid-users@squid-cache.org
> Subject: RE: [squid-users] Hacking ntlm_auth to allow squidGuard ACLs
>
>
> >
> > Hi All,
> >
> > First post here!
> >
> > In the following article the author describes how to get
> Samba 3 and
> > Squid working.
> >
> >
> http://www.informatikserver.at/modules.php?name=News&file=print&sid=27
> > 10
> >
> > However towards the end the author has a topic called "Hacking
> > ntlm_auth to allow squidGuard ACLs" He describes making
> the following
> > changes to the source of the ntlm_auth.c:
> >
> > In source/utils/ntlm_auth.c locate the line:
> x_fprintf(x_stdout, "AF
> > %s\%s ", ntlmssp_state->domain, ntlmssp_state->user);
> >
> > And modify it to:
> > x_fprintf(x_stdout, "AF %s ", ntlmssp_state->user);
> >
> > I came across this page because I was looking for a way to get
> > squidGuard to recognize NT users so that I can create
> exceptions for
> > certain ones. This way I can still proxy, and log the
> user's actions,
> > but they won't have their content filtered. Will what this
> person is
> > describing above accomplish that? Has anyone done this?
> If not can
> > anyone think of any negative consequences? Also, if this does work
> > the way I think it will, would I not specify the username in
> > squidGuard as "domain\user", or just "user." "domain\user" crashes
> > squidguard (probably because of the "\" I am guessing. Any ideas?
> >
>
> I have successfully done this with Squid2.5, Samba3 &
> SquidGuard 1.2.0 without making any changes to any source. I
> just setup a number of squidguard userlists which I reference
> in my squidguard.conf file.
>
> Each file contains users in the following format:
>
> user1
> user2
> user3
>
> That's all that was required for me and I can now filter
> users depending on their ADS user name via SquidGuard.
>
> I'm not sure why the article you reference states you need to
> make changes. I'm sure there is a good reason, I just know
> that I made no changes.
>
> Regards
> Jay
>
>
>
Received on Sat Sep 04 2004 - 22:01:40 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT