In my squid proxy user authenticate is done via Microsoft Active Directory LDAP. Lately, I have been seeing a user called "registration" trying to access the net via proxy. This user doesn't belong to any LDAP group. I guess someone has registered an application with that username and it's trying to go to the net. Is there any way to find out who is using this? This is what I get in my cache log:
user filter 'samaccountname=registration', searchbase 'dc=domain,dc=com'
