Le vendredi 25 septembre 2009 19:02:41, Amos Jeffries a écrit : > Luis Daniel Lucio Quiroz wrote: > > Hi there, it's me again > > Well as many of you knows, I have a squid+ldap+digest_auth > > implementation. However I've realize that there are an excess of this > > logs: > > > > digest_pw_auth(LDAP_backend) WARNING, LDAP error 'No such object' > > digest_pw_auth(LDAP_backend) WARNING, LDAP error 'No such object' > > digest_pw_auth(LDAP_backend) WARNING, LDAP error 'No such object' > > digest_pw_auth(LDAP_backend) WARNING, LDAP error 'No such object' > > digest_pw_auth(LDAP_backend) WARNING, LDAP error 'No such object' > > digest_pw_auth(LDAP_backend) WARNING, LDAP error 'No such object' > > > > I know that this means that someone is trying to authenticate with an > > user that it does not exists in ldap. However they are so many and I > > afraid that this could be a cause that slows internet surfering because > > squid wates its time looking for something it does not exists. > > > > I dont know usernames users try. I just wonder if there is a way to tell > > squid to ignore usernames that they doesnt exists. > > > > Maybe an external ACL with 2 days cache? > > > > LD > > Not sure if it will help. You probably want to find out where all these > bad requests are coming from and handle the problem. Adding a TTL is > just a bandaid. > > If you are using external_acl_type directive as part of your ath you can > add some efficiency with the ttl= and negative_ttl= options (the number > of seconds to cache the results). > > Amos > Thanx Amos
