Hello Amos,
You helped me very much.
Kind regards
Ankor
вт, 31 янв. 2023 г. в 12:37, Amos Jeffries :
> On 31/01/2023 9:16 pm, Andrey K wrote:
> > Hello Amos,
> >
> > Thank you for the idea to write a wrapper script.
> >
> > As NTLM-helper returns "NA NT_STATUS_LOGON_FAILURE" during
> > auth
On 31/01/2023 9:16 pm, Andrey K wrote:
Hello Amos,
Thank you for the idea to write a wrapper script.
As NTLM-helper returns "NA NT_STATUS_LOGON_FAILURE" during
authentication failed,
Oh. Your script should convert that old syntax to the current one:
ERR token=NT_STATUS_LOGON_FAILURE user=
Hello Amos,
Thank you for the idea to write a wrapper script.
As NTLM-helper returns "NA NT_STATUS_LOGON_FAILURE" during authentication
failed, I think it is also required to patch the squid sources to copy the
value of the user attribute, returned by the wrapper,
to auth_user_request->user()->us
On 31/01/2023 6:13 pm, Andrey K wrote:
Amos,
I understood: the helper.cc does not parse the KK-request and does not
know about the username. He can only get the username information from
the reply of the external helper. But since the external helper
returns only an error without a username,
Amos,
I understood: the helper.cc does not parse the KK-request and does not know
about the username. He can only get the username information from the reply
of the external helper. But since the external helper returns only an error
without a username, this information is missing from the logs.
Hello Amos,
Thank you for the information.
I turned on squid debug_options 84,9 and see in the cashe.log that in the
first NTLM_NEGOTIATE request (YR) there is no username:
TlRMTVNTUAABBoIIAAA=
4e 54 4c 4d 53 53 50 00 01 00 00 00 06 82 08 00
|NTLMSSP.|
On 31/01/2023 4:55 pm, Andrey K wrote:
Hello,
I need to log failed Proxy-authentication attempts. The log
information should contain timestamp, username and client IP address.
407-records in the access.log file do not contain username if
NTLM-authentication is used.
I was wondering if it is p
