11-03-2003 10:52 PM
This topic is out of my experience, unfortunately the docs I've read about was not clear to me.
Using LDAP auth. on a CE with acns5.x can I have user activity logged with username instead of ip address of the user in the output?
Tnx,
Max.
11-07-2003 11:32 AM
You can find some information here:
http://www.cisco.com/en/US/products/sw/conntsw/ps491/index.html
11-07-2003 12:12 PM
Try looking at the transaction-logs format "extended-squid" command. This will give you the userid in the log files. There are several other ways, but this seemed to be the simplest for us.
Good luck!
Bryan
11-08-2003 01:30 AM
Tnx Brian,
I'm referring to the following statements in the Acns5.1 manual:
"After a user has been authenticated through LDAP, all transaction logs generated by the Content Engine for that user contain user information. If the Content Engine is acting in proxy mode, the user ID is included in the transaction logs. If the Content Engine is acting in transparent mode, the user IP address is included instead."
and
"The Extended Squid format logs the associated username for each record in the log file in addition to the fields logged by the Squid-style format, and is used for billing purposes. In this format the Rfc931 field associated with the Squid format (Table 16-4) is used to log the authorized user. This field always contains a "-" (dash) if no user information is available."
Now, I sure need to use tranparent caching and I'd like to use ldap auth. too, but following the manual it seems that I'm not going to have userid logging this way.
Since it seems pretty silly that I've got username logging using ntlm auth. but not with ldap one, I was wondering about an error in the manual.
Upon your experience, is my guess any right or (badly) is the manual to be the right one?
Thanks,
Max.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide