[Samba] Wierd Configuration

[Rob Watkin]

Hi Everyone,

I have a strange network design problem and I suspect that Samba may be
part of the solution. Any suggestions welcome. :-) Here goes:

Two organisations are sharing a single network of 30 Win95/98 clients
with a few XP workstations. The network is owned and managed by a third
organisation and the Internet connection is not too hot. So far so
good :-). Org-1 wants to pay for their own Internet connection and have
asked me to help. I hope to do this using a Linux box running Samba
supporting roving profiles (which they need anyway) and Squid.

Whats more Org-3 probably wont want me changing the default gateways on
the PC's oh and worse there is _no_ DNS whatsoever!

So far I have everything working as follows. When a new user is created
her roving profile is copied from a template which already has Firefox
setup with the necessary proxy settings. When she logs in if she uses
Firefox then she will get the new fast connection but IE will deliver
the old. (By the way, this works for Firefox but not IE because the
latter saves it's configuration settings under HKEY_LOCAL_MACHINE or
similar). I guess I will be able to handle email with Thunderbird in the
same way.

If your still with, thanks for reading so far! :-)

So if a user is a member of the Samba domain then they will
automatically get access to the new fast connection via the proxy
server.

My problem is to block access to Squid for users who have not been
authenticated into the domain(Org-2). I could get the users to log into
Squid manually but that would mean losing centralised user management.

Thanks
Rob