Solved

How configure Squid to log Windows username in access.log

Posted on 2007-11-15
4
9,518 Views
Last Modified: 2013-12-06
Hello,

I'm running Squid 3.0 on a linux Gentoo 2007.0 and it runs well, but I would like to have Active Directory users log into access.log. ./ntlm_auth on bash is working, server is added to the domain and wbinfo -g & wbinfo -u works well....

What did I wrong? Below is my squid.conf file.

Many thanks in advance. Kindly Regards.
http_port 8080

cache_mgr some@address.com

cache_effective_user squid

cache_effective_group squid

ftp_user anonymous@address.com

visible_hostname server.domain.local

logfile_rotate 1
 

cache_mem 256 MB

cache_access_log /var/log/squid/access.log

cache_dir ufs /var/cache/squid/ncache 1024 16 256

log_ip_on_direct off

access_log /var/log/squid/access.log squid
 

debug_options ALL,1

hosts_file /etc/hosts
 

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp

auth_param ntlm children 30
 

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 2 hours
 

acl all src 0.0.0.0/0.0.0.0

acl lcl_network src 192.168.1.0/24 127.0.0.1/32

http_access allow lcl_network
 

acl SSL_ports port 443 563

acl Safe_ports port 21 70 80 210 280 443 488 563 591 777 1025-65535

acl CONNECT method CONNECT

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports
 

acl AuthorizedUsers proxy_auth REQUIRED

http_access deny !AuthorizedUsers

http_access allow all

Open in new window

0
Comment
Question by:David_Pazos
  • 2
4 Comments
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 20294697
Hi,

Please folow the steps in this document and then you must see usernames along with the addresses in our logs:
http://www.squid-cache.org/mail-archive/squid-dev/200207/att-0066/winbind.txt

Cheers,
K.
0
 

Accepted Solution

by:
David_Pazos earned 0 total points
ID: 20298800
Hello KeremE and thanks for the answer,

I'm sorry but this doc wasn't helpful... I used this one... It's in russian but I could read the english commands and it worked.

http://www.linux.ru/forum/index.php?t=msg&goto=325509&rid=0&S=cf92c2b30c9036089a17ddc5c5bdc47a&srch=into+seperate+domain%2Fname+parts%21#msg_325509

Here Below you can see what I've changed and I hope it could help someone.

Kindly Regards.

PS Winbind separator in /etc/samba/smb.conf is = +
http_port 8080

cache_mgr some@address.com

cache_effective_user squid

cache_effective_group squid

ftp_user anonymous@address.com

visible_hostname server.domain.local

logfile_rotate 1
 

cache_mem 256 MB

cache_access_log /var/log/squid/access.log

cache_dir ufs /var/cache/squid/ncache 1024 16 256

log_ip_on_direct off

access_log /var/log/squid/access.log squid
 

refresh_pattern ^ftp:           1440    20%     10080

refresh_pattern ^gopher:        1440    0%      1440

refresh_pattern .               0       20%     4320
 

debug_options ALL,1 33

hosts_file /etc/hosts

dns_nameservers 192.168.1.1
 

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=DOMAIN+internetuser

auth_param ntlm children 5

auth_param ntlm keep_alive on
 

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=DOMAIN+internetuser

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 2 hours

auth_param basic casesensitive off
 

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl DOMAIN proxy_auth REQUIRED

acl SSL_ports port 443 563

acl purge method PURGE

acl CONNECT method CONNECT
 

acl Safe_ports port 21 70 80 210 280 443 488 563 591 777 1025-65535

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports
 

icp_access allow all

http_access allow manager localhost DOMAIN

http_access deny manager

http_access allow purge localhost

http_access deny purge

http_access allow DOMAIN

http_access allow localhost

http_access deny all

http_reply_access allow all

Open in new window

0
 

Expert Comment

by:rchack
ID: 21905245
hello David Pazos,

i use your config file at my CentOS 5.0 box ...
i install squid using yum -y install squid

but i get this error
service squid start

init_cache_dir /var/cache/squid/ncache... Starting squid: /etc/init.d/squid: line 53:  7187 Aborted                 $SQUID $SQUID_OPTS >>/var/log/squid/squid.out 2>&1

                                                           [FAILED]

Open in new window

0
 

Author Comment

by:David_Pazos
ID: 21906243
Hi rchack,
are you using squid 3.0? what can you see in the logs? Can you please post your logs and config file? what do you have in line 53 in your config file?
I suggest you to open a new question so everybody can help you.
Kindly Regards
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now