I inherited two computer labs in a school (adult ed) with 28 desktops
running Windows XP SP2 which are part of the same network
All 28 computers use the same group account to login and authenticate
via NTLM to a proxy server
Now, company offering us Internet access is relatively large
corporation trying to venture in the grant-based business and doesn't
have experience running schools
My network is fenced by pretty nasty firewall rules which appear to
apply to the actual workers of the company (not only youtube and
myspace are obviously blocked for employees, but also sites such as
web-based email ones and craigslist.org)
My supervisor told me to do whatever I could "without messing with
things" (which we don't own) so that students/teachers could use the
I was basically thinking of:
1) making all computers use one of the computers as a proxy
2) this computer (1) would have installed squid and would carry of
its ntlm proxy negotiation with the proxy facing the Internet
Should I use squid for win32 or Linux? I think squid for win32 should
be better because it could be using win32 NTLM from the OS itself, but
I don't really know
What other issues should I consider?
FW rules I am dealing with don't even the kind of syndicated content
driven by AJAX requests (apparently because they don't send much of
the Headers?) , so if teachers took the time to put their lessons of
the web, say at yahoo's geocities, then students can not access it
Can I play with squid caching rules so that I make sure that content
is local before teachers get to the lab?
Any tips, links or white papers with insights into these kinds of
The kind of info I have found online seems a bit spotty to me and I
don't have much time to mess around with this network. I need step-by-
step types of instructions