Colleagues- I am working on re-building a network for a k-12 institution, and am trying to put in some security features that are sorely needed. One of the most glaringly obvious omission for this environment is that there is no mechanism in place to authenticate users for internet access. It is a mixed environment of Linux and Windows 9x workstations and Linux and NT servers. I would very much like to have centralized user management. The scenario goals we are trying to achieve are:
1- Unrestricted user logs in. Has access to file / app servers and Internet 2- Semi-restricted user logs in. Has access to file / app servers, but not internet. 3- restricted user logs in. Has access only to local files and programs. 4- Unauthorized user cannot login. I imagine a combination of policy files for the 9x clients, samba, pam, and squid could achieve this, but I would like your feedback on the best way to proceed to complete this project. Am I on the right track at all? -Regards- -Quentin Hartman-