I have an Active Directory domain (DOMAIN.local) with a Windows Server 2003 domain controller (SRV1). I need a means of silently monitoring the web access of some of my users. I must be able to generate a report which will display sites visited by user. Within the domain is a terminal server, so we cannot simply track sites visited by IP. The users visit several sites which use SSL or scripting, so these things would need to be able to work through the proxy. Caching is not necessary.

My initial plan was to create a web proxy with Debian Lenny, Squid, and SARG to collect browsing information and generate reports. I was able to get this working to the point where traffic would go through Squid successfully and SARG could report on sites visited by user's IP.

I tried to piece together information from guides online in order to join the Debian box to my domain and invisibly authenticate against Active Directory, but this was not successful and ended up causing the proxy to no longer pass requests. The guides I found suggested using Samba, Kerberos, and winbind to join the domain and enable authentication.

Can someone point me to a guide on how to accomplish this successfully, or perhaps suggest a more elegant means of accomplishing my goals? I am more comfortable with Debian than other distributions but am not married to Squid or SARG if there's another combination that would be easier.

*The users do not necessarily have to authenticate against Active Directory, i just need the reporting utility to collect their previously-authed usernames or some other unique ID that the reporting utility can use.

Thank you for your help.