RE: [squid-users] Question on NTLM

From: Miles Roper <mroper_at_westcoastdhb.org.nz>
Date: Mon, 1 Mar 2010 17:27:01 +1300

Hi Brett,

Thanks for your response.

That's a disappointment, sigh.

We also use sarg to get reports on which users are the "bad" ones. ie
visiting ebay/facebook/utube for hours at a time while at work. Hence
why we don't allow the generic "radiology" account internet access, but
we do allow individual users access (so we can go and "have a word" with
them). However getting these users to log off/on every time is not
reasonable given they are using shared machines to view X-rays etc...

Any ideas if this is a planned enhancement?

Regards

Miles

 

-----Original Message-----
From: Brett Lymn [mailto:blymn_at_baesystems.com.au]
Sent: Monday, 1 March 2010 5:08 p.m.
To: Miles Roper
Cc: squid-users_at_squid-cache.org
Subject: Re: [squid-users] Question on NTLM

On Mon, Mar 01, 2010 at 04:33:56PM +1300, Miles Roper wrote:
>
> So, my question is, given we are using smb_auth, if we were to change
> to NTLM, would squid prompt the user to change there password if they
> successfully entered in there old credentials when there password had
> expired? (as windows does).
>

In a word, no. You will get no warning.

If the machine has a static IP address, why not just allow that machine
unauthenticated access to the internet? given that it is a shared
account you pretty much are doing that already. Just put in an acl that
checks the source IP and allows http access.

--
Brett Lymn
"Warning:
The information contained in this email and any attached files is
confidential to BAE Systems Australia. If you are not the intended
recipient, any use, disclosure or copying of this email or any
attachments is expressly prohibited.  If you have received this email in
error, please notify us immediately. VIRUS: Every care has been taken to
ensure this email and its attachments are virus free, however, any loss
or damage incurred in using this email is not the sender's
responsibility.  It is your responsibility to ensure virus checks are
completed before installing any data sent in this email to your
computer."
This message has been scanned and found to be free of known security risks.The Information contained in this message and/or
attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material.
Any review, retransmission, dissemination or other use of, or taking
of any action in reliance upon, this information by person or entities
other than the intended recipient is prohibitied. If you receive this in error, please contact the sender and delete the material from your 
system and destroy any copies.
Received on Mon Mar 01 2010 - 04:27:10 MST

This archive was generated by hypermail 2.2.0 : Mon Mar 01 2010 - 12:00:07 MST