Hi I have Squid running, and was wondering if its possible to get the access.log files to rather than log the machine name, log the NT user name? I have Squid running on Linux at work, but am also testing it on NT at home... Any ideas Gary _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
I am told that the module smb-auth will do this for you. I don't use NT at all myself so I haven't tried it. An alternative is the ncsa-auth module which does the same thing using a username database in a file on the squid proxy. That does work well, and has the advantage that you can control a users internet acess independently to their access to the NT server. The only problem is that it means you have two separate user databases to maintain. ____________________________________ Giles Nunn - Network Manager Carms Schools ICT Development Centre Tel: +44 01239 710662 Fax: 710985 ____________________________________ On Sat, 9 Jun 2001, Gary Parr wrote:
Hi
I have Squid running, and was wondering if its possible to get the access.log files to rather than log the machine name, log the NT user name?
I have Squid running on Linux at work, but am also testing it on NT at home...
Any ideas
Gary _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
----- Original Message -----
I am told that the module smb-auth will do this for you. I don't use NT at all myself so I haven't tried it.
An alternative is the ncsa-auth module which does the same thing using a username database in a file on the squid proxy. That does work well, and has the advantage that you can control a users internet acess independently to their access to the NT server. The only problem is that it means you have two separate user databases to maintain.
No, it's a matter of identifying the little devils not authorising them. You need an identd server on the NT/Windoze side and squid needs to have an identd ACL to make it look up the name. This e-mail is intended for the addressee shown. It contains information that is confidential and protected from disclosure. Any review, dissemination or use of this transmission or its contents by persons or unauthorized employees of the intended organisations is strictly prohibited. The contents of this email do not necessarily represent the views or policies of East Norfolk Sixth Form College, it's employees or students.
Gary We've set up squid to use smb-auth (small and free) to authenticate users against a (RM)NT server. Seems to work fine. I think this is all it does though, i.e no record of login attempts etc. We also run an ident server (small and free) as a service on our (Win 95, 98) workstations which will allow identification of the user. You can then set up squid with an acl to carry out an ident lookup for requests. This will allow you to allow/disallow certain users eg. disallow guest1, naughty_pupil, guest2 etc. I think a side effect of this is that the user name is logged in access.log for each request. Depending on the number of users you might notice a performance hit because squid will do an ident lookup for each request it receives. Nobody's moaned yet! The only problem we've had is that some pupils had certain characters in their passwords which smb_auth didn't like. Hope this helps Mike Rees Ysgol Glanymor School
participants (4)
-
Gary Parr -
Giles Nunn -
manager -
SuSE