RE: [squid-users] Authenticating with Samba for logging usernamein Squid access log from Leach, Shane

From: Leach, Shane - MIS Laptop <mis@dont-contact.us>
Date: Mon, 26 Nov 2007 10:47:04 -0600

Henrik,

Below is some sections of squid.conf as requested:

logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A
%mt #logformat squid %ru %ul %un %ea #logformat squidmime %ts.%03tu
%6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h] logformat
common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh logformat
combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h"
"%{User-Agent}>h" %Ss:%Sh

auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b
"dc=domain,dc=com" -D "cn=Administrator,dc=domain,dc=com" -w "password"
-f sAMAccountName=%s -h 10.1.0.207 auth_param basic children 5
auth_param basic realm DOMAIN.COM auth_param basic credentialsttl 5
minute

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst
127.0.0.0/8 acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

# Only allow cachemgr access from localhost http_access allow manager
localhost http_access deny manager # Deny requests to unknown ports
http_access deny !Safe_ports # Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports acl MyNetwork src
10.1.0.0/255.255.0.0 http_access allow MyNetwork

Thank you for your assistance.

Shane

-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Sent: Wednesday, November 21, 2007 2:54 PM
To: Leach, Shane - MIS Laptop
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Authenticating with Samba for logging
usernamein Squid access log

On ons, 2007-11-21 at 09:28 -0600, Leach, Shane - MIS Laptop wrote:
> Good morning.
>
> I have successfully followed the steps in the walk-through
> http://mkeadle.org/?p=13 <http://mkeadle.org/?p=13>
>
> However, now, I am interested in how to get the username to appear in
> the access log. I have been unable to find any information on this.

If you followed the above you should already have the username in
access.log..

So what do your squid.conf look like now? In particular auth_param and
http_access directives..

Regards
Henrik
Received on Mon Nov 26 2007 - 09:47:00 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST