RD Services on 2008 R2 - need per user identd authentication

Hi experts!

We use a windows TS to surf the web. To see who surfed where, we need some service at the server side that tells squid the username. This works with identd which one can obtain in different editions as a freeware.
However, no edition so far worked on terminal servers. They install alright, but don't submit the correct name but the name of the user who started the service instead.

Has anyone succesfully implemented this? Can anyone recommend a workaround, maybe?
LVL 59
McKnifeAsked:
Who is Participating?
 
McKnifeConnect With a Mentor Author Commented:
We solved the matter. We now use NTLM(v2)-authentication with SQUID. Just had to edit squid.conf and update samba in order to work with server 2008 DCs.
0
 
Felix LevenSenior System and DatabaseadministratorCommented:
nope and i am glad about this ( i don't thing the win32 implementations of this service work without problems).! But i am pretty sure there will is a workaround.

it's much more efficient for a company to do a global lockdown of all the pretty pages on the internet by using services like opendns. restricting single users or workstations takes to much administrative effort.
0
 
McKnifeAuthor Commented:
Hi.

Given the fact that we must record who visits which sites - what would you recommend?
0
 
Felix LevenSenior System and DatabaseadministratorCommented:
I would try Microsoft Forefront Threat Management Gateway 2010 (TMG) it has a web proxy and can disable website on per user basis. I don't know how rich the reporting features are:
http://www.webspy.com.au/blogs/index.php/8-reasons-not-to-use-microsoft-forefront-tmgs-reporting/ 

Of cause it's not free or opensource.

http://www.microsoft.com/forefront/threat-management-gateway/en/us/features.aspx

0
 
McKnifeAuthor Commented:
Obviously, identd is not possible on terminal servers, there could not a single person be googled that found a way.
Using forefront would cost a lot of money, so we looked for squid's own abilities: NTLM is the cure.

Whoever wants to use it: don't forget to update samba.

Thanks for suggestions.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.