Khawar Nehal wrote:
If you have DDNS in place then log-fqdn might be an option. I haven't messed with it much.How about asking the users to save their password in their browser.
Then they shall not have to reenter or remember it.
Elsen Marc wrote:
Our company has just made it policy for everyone to have internet
access, but they need to know who goes to what sites. I am running
squid and users are using Windows desktop machines, our network uses
DHCP for IP assigning. What I was wondering is, is there a way that
I could track website access from the IP that is logged by
Squid "asking" the DHCP or WINS server who had or has this IP at a
particular time. I know it is much easier by just using SARG and
usernames, but what management does not want is to burden users with
another password and username to remember and also have to
type it in
everytime they request a webpage.
You can use the MAC address of every machine to give the access to them.
But you to recompile the squid with --enable-arp-acl option.
Check more at http://www.squid-cache.org/Doc/FAQ/FAQ-10.html#ss10.20
The disadvantage about that is that SQUID can only know MAC addresses from clients on the same subnet. NTLM authentication could be used which does not require users to enter their password (again) when using SQUID.
M.
Another option is on Windows DNS there is an option I think to forward unresolved addresses to WINS. Combined with the log-fqdn this may work as well.
And as a final option I would add that if you are using Internet Explorer NTLM authentication is a possibility. That is passed automatically from the browser to the proxy without user input. This is our solution where I work.
Billy
