Colleagues-
I am working on re-building a network for a k-12 institution, and am
trying to put in some security features that are sorely needed. One of the
most glaringly obvious omission for this environment is that there is no
mechanism in place to authenticate users for internet access. It is a mixed
environment of Linux and Windows 9x workstations and Linux and NT servers.
I would very much like to have centralized user management. The scenario
goals we are trying to achieve are:
1- Unrestricted user logs in. Has access to file / app servers and Internet
2- Semi-restricted user logs in. Has access to file / app servers, but not
internet.
3- restricted user logs in. Has access only to local files and programs.
4- Unauthorized user cannot login.
I imagine a combination of policy files for the 9x clients, samba, pam, and
squid could achieve this, but I would like your feedback on the best way to
proceed to complete this project. Am I on the right track at all?
-Regards-
-Quentin Hartman-
