Solved

How configure Squid to log Windows username in access.log

Posted on 2007-11-15
4
9,458 Views
Last Modified: 2013-12-06
Hello,

I'm running Squid 3.0 on a linux Gentoo 2007.0 and it runs well, but I would like to have Active Directory users log into access.log. ./ntlm_auth on bash is working, server is added to the domain and wbinfo -g & wbinfo -u works well....

What did I wrong? Below is my squid.conf file.

Many thanks in advance. Kindly Regards.
http_port 8080

cache_mgr some@address.com

cache_effective_user squid

cache_effective_group squid

ftp_user anonymous@address.com

visible_hostname server.domain.local

logfile_rotate 1
 

cache_mem 256 MB

cache_access_log /var/log/squid/access.log

cache_dir ufs /var/cache/squid/ncache 1024 16 256

log_ip_on_direct off

access_log /var/log/squid/access.log squid
 

debug_options ALL,1

hosts_file /etc/hosts
 

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp

auth_param ntlm children 30
 

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 2 hours
 

acl all src 0.0.0.0/0.0.0.0

acl lcl_network src 192.168.1.0/24 127.0.0.1/32

http_access allow lcl_network
 

acl SSL_ports port 443 563

acl Safe_ports port 21 70 80 210 280 443 488 563 591 777 1025-65535

acl CONNECT method CONNECT

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports
 

acl AuthorizedUsers proxy_auth REQUIRED

http_access deny !AuthorizedUsers

http_access allow all

Open in new window

0
Comment
Question by:David_Pazos
  • 2
4 Comments
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 20294697
Hi,

Please folow the steps in this document and then you must see usernames along with the addresses in our logs:
http://www.squid-cache.org/mail-archive/squid-dev/200207/att-0066/winbind.txt

Cheers,
K.
0
 

Accepted Solution

by:
David_Pazos earned 0 total points
ID: 20298800
Hello KeremE and thanks for the answer,

I'm sorry but this doc wasn't helpful... I used this one... It's in russian but I could read the english commands and it worked.

http://www.linux.ru/forum/index.php?t=msg&goto=325509&rid=0&S=cf92c2b30c9036089a17ddc5c5bdc47a&srch=into+seperate+domain%2Fname+parts%21#msg_325509

Here Below you can see what I've changed and I hope it could help someone.

Kindly Regards.

PS Winbind separator in /etc/samba/smb.conf is = +
http_port 8080

cache_mgr some@address.com

cache_effective_user squid

cache_effective_group squid

ftp_user anonymous@address.com

visible_hostname server.domain.local

logfile_rotate 1
 

cache_mem 256 MB

cache_access_log /var/log/squid/access.log

cache_dir ufs /var/cache/squid/ncache 1024 16 256

log_ip_on_direct off

access_log /var/log/squid/access.log squid
 

refresh_pattern ^ftp:           1440    20%     10080

refresh_pattern ^gopher:        1440    0%      1440

refresh_pattern .               0       20%     4320
 

debug_options ALL,1 33

hosts_file /etc/hosts

dns_nameservers 192.168.1.1
 

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=DOMAIN+internetuser

auth_param ntlm children 5

auth_param ntlm keep_alive on
 

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=DOMAIN+internetuser

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 2 hours

auth_param basic casesensitive off
 

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl DOMAIN proxy_auth REQUIRED

acl SSL_ports port 443 563

acl purge method PURGE

acl CONNECT method CONNECT
 

acl Safe_ports port 21 70 80 210 280 443 488 563 591 777 1025-65535

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports
 

icp_access allow all

http_access allow manager localhost DOMAIN

http_access deny manager

http_access allow purge localhost

http_access deny purge

http_access allow DOMAIN

http_access allow localhost

http_access deny all

http_reply_access allow all

Open in new window

0
 

Expert Comment

by:rchack
ID: 21905245
hello David Pazos,

i use your config file at my CentOS 5.0 box ...
i install squid using yum -y install squid

but i get this error
service squid start

init_cache_dir /var/cache/squid/ncache... Starting squid: /etc/init.d/squid: line 53:  7187 Aborted                 $SQUID $SQUID_OPTS >>/var/log/squid/squid.out 2>&1

                                                           [FAILED]

Open in new window

0
 

Author Comment

by:David_Pazos
ID: 21906243
Hi rchack,
are you using squid 3.0? what can you see in the logs? Can you please post your logs and config file? what do you have in line 53 in your config file?
I suggest you to open a new question so everybody can help you.
Kindly Regards
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now