[squid-users] Fwd: NTLM LDAP authentication problem

Amos Jeffries squid3 at treenet.co.nz
Mon Nov 16 20:52:15 UTC 2015


On 16/11/2015 10:29 p.m., Matej Kotras wrote:
> Hi guys
> 
> I've managed squid to work with AD, and authorize users based on what AD
> group they are in. I use Squid-Analyzer for doing reports from access.log.
> I've found 2 anomalies with authorization so far. In access log, I see that
> user is authorized based on his PC name(not desired) and not on the user
> account name. I've just enabled debugging on negotiate wrapper, so I will
> monitor these logs also.
> 
> But in the meantime, have you got any idea why could this happen ?

Not everything is about users. Machines use the network too.

This is why we are very careful to use the term "client" to describe the
entity making an HTTP request of Squid.

Sometimes a client is a user, sometimes it is a machine acting on a
users instructions, sometimes it is a machine acting for itself.

Amos



More information about the squid-users mailing list