Dustin Hane wrote:
Hello all!
I'm trying to get around having to do the LDAP or NTLM authentication schemas.
It may be a lot easier, but I'm just not exactly sure how..So what I have done
is this..
I pushed out via a GPO a script that will report the username to a text file. I then use windows IDent server (installed on all local boxes) to listen for when Squid makes an RFC 931 lookup request. The service responds with the username from the text file.
Using Squid 3Stable7 on Unix..Exporting logs in default squid format..
I wouldn't have a problem using an LDAP server as I do have it set up..I just
don't understand it and for some reason I can't wrap my head around the wiki
for it and I have a few questions that aren't listed there..If someone has a
few minutes that I could email my test config for it to, I would be eternally
greatful! I just don't want to bog down the maillist with my stupidity.
Works absolutely awesome 94% of the time..But occasionally I get the following.
(usernames have been retracted for obvious reasons)
A few things crop into y head reading your post:
1) you mention having questions but don't ask any.
2) logging of authenticated username (LDAP) and loging of identity
name (IDENT) are two separate things sometimes in Squid. Check the log
format is showing what you want.
3) Ident is a rarely used (due to being insecure) method of
identification. The re-write of auth for Squid-3 left a few problems in
the way it works. Many of which are being resolved so recently the
patches have not yet made it to 3.0 and some still waiting testing in
bugzilla. If you need this kind of fix, please test the latest snapshots
then get check bugzilla for any remaining issues.
Amos
---Begin Logs---
1240514814.201 289 icm1512.postalproducts.com TCP_MISS/200 2347 GET
http://www.bassind.com/images/bg_03.gif username DIRECT/65.198.197.121 image/gif
1240514814.578 404 icm1512.postalproducts.com TCP_MISS/200 544 GET
http://www.bassind.com/images/top_nav_bg.gif - DIRECT/65.198.197.121 image/gif
1240514814.613 1106 icm1512.postalproducts.com TCP_MISS/404 1561 GET
http://www.bassind.com/images/main_top.gif - DIRECT/65.198.197.121 text/html
1240514814.673 417 icm1512.postalproducts.com TCP_MISS/200 3994 GET
http://www.bassind.com/prodimg/hometheatrehp.jpg username DIRECT/65.198.197.121
image/jpeg
1240514824.037 356 icm1512.postalproducts.com TCP_MISS/404 1561 GET
http://www.bassind.com/favicon.ico username DIRECT/65.198.197.121 text/html
1240514829.944 0 icm1338.postalproducts.com TCP_IMS_HIT/304 375 GET
http://vendornet.americanhotel.com/colors/styles.css username NONE/- text/css
1240514829.946 0 icm1338.postalproducts.com TCP_IMS_HIT/304 391 GET
http://vendornet.americanhotel.com/inc/main.js - NONE/- application/x-javascript
1240514829.969 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/topB.gif username NONE/- image/gif
1240514830.000 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/Logo/AHLogo.gif - NONE/- image/gif
1240514830.004 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/liteteal1x1.gif username NONE/-
image/gif
1240514830.009 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/exit.gif - NONE/- image/gif
1240514830.011 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/topA.gif username NONE/- image/gif
1240514830.015 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/leftReduce.gif - NONE/- image/gif
1240514830.021 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/leftExpand.gif username NONE/-
image/gif
1240514830.025 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/Colors/liteteal1x1.gif - NONE/- image/gif
1240514830.029 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/arrow.gif username NONE/- image/gif
1240514830.034 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/leftDiv.gif - NONE/- image/gif
1240514830.040 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/arrowbl.gif username NONE/- image/gif
1240514830.049 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/tealleft.gif - NONE/- image/gif
1240514830.050 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/leftSpace.gif username NONE/-
image/gif
1240514830.070 327 icm1338.postalproducts.com TCP_MISS/200 23941 POST
http://vendornet.americanhotel.com/Index.asp jurgitad DIRECT/72.35.92.212
text/html
1240514830.080 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/images/powered.gif - NONE/- image/gif
1240514830.083 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/teal1x1.gif username NONE/- image/gif
1240514830.093 0 icm1338.postalproducts.com TCP_IMS_HIT/304 376 GET
http://vendornet.americanhotel.com/colors/recapright.gif username NONE/-
image/gif
1240514832.457 107 icm1512.postalproducts.com TCP_MISS/200 1903 GET
http://www.freightquote.com/images/qb_nav_account_on.gif username
DIRECT/207.218.147.11 image/gif
---END LOGS----
Dustin Hane
IT Support
Ph: 414-290-1128
Fx: 414-290-1515
500 W Oklahoma Ave
Milwaukee, WI 53207
[email protected]
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7
