July 10th, 2002, 07:01 PM
User Authentication with Win 2000 Clients
We are upgrading our network and moving all of our business with our primary supplier to internet connections. We also are moving from Dumb Terminals to PC's with W2000 as the clients.
We are installing a Cisco PIX Firewall to protect us from the outside. But we want more internal control, since will have a proprietary server on the network with our accounting.
Could we configure a Linux server just as a logon device that everyone has to go through and if so how?
July 12th, 2002, 02:23 AM
Do you mean in order to get onto the internet, your local net or to get to your accounting server??
July 12th, 2002, 07:10 AM
July 12th, 2002, 07:41 AM
Well... Access to your accounting server are regulated with password on that server (I assume).
To regulate access to your local net I would say first passwords for your client machines. If you then want to share stuff between the workstations you set who are allowed to use a specific rescource on the machine that shares it. In 2000 right klick on the catalogue you want to share and choose you use "sharing" (I assume you use NTFS filesystem, if you use FAT32, change to NTFS).
In other words, so far you do not need another machine at all.
Things change if you want a specific fileserver. If you do you can use whatever you want (W2K Server, *BSD, Linux). If you use W2K Server you use it in the same way as you would do on a workstation (use "Sharing") On BSD and Linux you setup a Samba server. Samba use the SMB protocol, which is the one used by Windows. Setting up Samba is a little bit more complicated than a W2K Server, but on the other hand BSD and Linux are very stable, and if you like *nix systems, there is no reason not to use that. Oh, and it's free, where Windows isn't
If you want to stop users from using the internet except for pre-decided sites and functions you could try a proxy of some sort.
I've never had the need to limit users from using the internet for just browsing so I don't have many valuble insights into that. If you mean that you want to limit users from using (for example filesharing) programs and stuff (this I have done) you regulate access to ports and protocols in the firewall and maybe limit users ability to install stuff on their computers.
July 15th, 2002, 02:54 PM
you might want to play around with linux or bsd before you make it your company's single point of failure. a poorly configured linux box is an incident waiting to happen.