RE: [squid-users] Hacking ntlm_auth to allow squidGuard ACLs
Thanks Jay, I have a test environment, so I can just try uninstalling Samba2.x, and just install Samba3 instead. I will give it a try. Thanks again! Mark -Original Message- From: Jay Turner [mailto:[EMAIL PROTECTED] Sent: Friday, September 03, 2004 2:25 AM To: [EMAIL PROTECTED] Subject: RE: [squid-users] Hacking ntlm_auth to allow squidGuard ACLs Hi All, First post here! In the following article the author describes how to get Samba 3 and Squid working. http://www.informatikserver.at/modules.php?name=Newsfile=printsid=27 10 However towards the end the author has a topic called Hacking ntlm_auth to allow squidGuard ACLs He describes making the following changes to the source of the ntlm_auth.c: In source/utils/ntlm_auth.c locate the line: x_fprintf(x_stdout, AF %s\%s , ntlmssp_state-domain, ntlmssp_state-user); And modify it to: x_fprintf(x_stdout, AF %s , ntlmssp_state-user); I came across this page because I was looking for a way to get squidGuard to recognize NT users so that I can create exceptions for certain ones. This way I can still proxy, and log the user's actions, but they won't have their content filtered. Will what this person is describing above accomplish that? Has anyone done this? If not can anyone think of any negative consequences? Also, if this does work the way I think it will, would I not specify the username in squidGuard as domain\user, or just user. domain\user crashes squidguard (probably because of the \ I am guessing. Any ideas? I have successfully done this with Squid2.5, Samba3 SquidGuard 1.2.0 without making any changes to any source. I just setup a number of squidguard userlists which I reference in my squidguard.conf file. Each file contains users in the following format: user1 user2 user3 That's all that was required for me and I can now filter users depending on their ADS user name via SquidGuard. I'm not sure why the article you reference states you need to make changes. I'm sure there is a good reason, I just know that I made no changes. Regards Jay
RE: [squid-users] Hacking ntlm_auth to allow squidGuard ACLs
Hi All, First post here! In the following article the author describes how to get Samba 3 and Squid working. http://www.informatikserver.at/modules.php?name=Newsfile=printsid=2710 However towards the end the author has a topic called Hacking ntlm_auth to allow squidGuard ACLs He describes making the following changes to the source of the ntlm_auth.c: In source/utils/ntlm_auth.c locate the line: x_fprintf(x_stdout, AF %s\%s , ntlmssp_state-domain, ntlmssp_state-user); And modify it to: x_fprintf(x_stdout, AF %s , ntlmssp_state-user); I came across this page because I was looking for a way to get squidGuard to recognize NT users so that I can create exceptions for certain ones. This way I can still proxy, and log the user's actions, but they won't have their content filtered. Will what this person is describing above accomplish that? Has anyone done this? If not can anyone think of any negative consequences? Also, if this does work the way I think it will, would I not specify the username in squidGuard as domain\user, or just user. domain\user crashes squidguard (probably because of the \ I am guessing. Any ideas? I have successfully done this with Squid2.5, Samba3 SquidGuard 1.2.0 without making any changes to any source. I just setup a number of squidguard userlists which I reference in my squidguard.conf file. Each file contains users in the following format: user1 user2 user3 That's all that was required for me and I can now filter users depending on their ADS user name via SquidGuard. I'm not sure why the article you reference states you need to make changes. I'm sure there is a good reason, I just know that I made no changes. Regards Jay
[squid-users] Hacking ntlm_auth to allow squidGuard ACLs
Hi All, First post here! In the following article the author describes how to get Samba 3 and Squid working. http://www.informatikserver.at/modules.php?name=Newsfile=printsid=2710 However towards the end the author has a topic called Hacking ntlm_auth to allow squidGuard ACLs He describes making the following changes to the source of the ntlm_auth.c: In source/utils/ntlm_auth.c locate the line: x_fprintf(x_stdout, AF %s\%s , ntlmssp_state-domain, ntlmssp_state-user); And modify it to: x_fprintf(x_stdout, AF %s , ntlmssp_state-user); I came across this page because I was looking for a way to get squidGuard to recognize NT users so that I can create exceptions for certain ones. This way I can still proxy, and log the user's actions, but they won't have their content filtered. Will what this person is describing above accomplish that? Has anyone done this? If not can anyone think of any negative consequences? Also, if this does work the way I think it will, would I not specify the username in squidGuard as domain\user, or just user. domain\user crashes squidguard (probably because of the \ I am guessing. Any ideas? Thanks, Mark