# Squid with Kerberos user authentication



## dougs (Jun 29, 2011)

I'm running squid on a proxy server for several years and now my boss wants usage reports organized by users' login names instead of IP addresses. We're in an Active Directory environment and use Kerberos authentication. I googled around and used this link:

http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos#Squid_Configuration_File

I made all the changes according to the instructions contained in the link. I ran into a problem with setting the KRB5_KTNAME variable. I'm using the csh shell and apparently the export command isn't part of the csh shell.

After some searching around, I came across this link: http://www.cyberciti.biz/faq/freebsd-how-to-export-shell-variable/

Tried this:

```
# setenv KRB5_KTNAME /usr/local/etc/squid/krbcron_squid.keytab
```

and it appears to have worked.

On top of that, the instructions require that the establishment of the KRB5_KTNAME variable be done in the squid startup script. In the FreeBSD OS, would that be the /usr/local/etc/rc.d/squid file?

I know I am almost there but I need a nudge here! :f

~Doug


----------

