ons 2006-05-24 klockan 10:18 -0400 skrev Steve Wilson Jr:
> I'm using NTLM authentication to track user browsing. Is there a way to
> make the logs give the ident on TCP_DENIED?
It is, on TCP_DENIED due to access being denied.
But not on the TCP_DENIED/407 messages seen during the NTLM handshake as
the username is not known until the handshake have completed (up to 2
such messages per new TCP connection.. NTLM is a very chatty protocol)
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT