LDAP + Proxy + Browser

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

I would like to restrict the network access for some people to certain
hours. However, the problem is that the network is "unmanaged", in the
sense that I cannot know who the people are, which computers they use
and how they are setup. This makes the only possibility for the
solution just to make a centralized user/password database which would
allow the users to access the system only if they know the username/
password that is allowed to use the network resources at the given

I was thinking about using squid proxy server, which would allow me to
control the users using e.g. LDAP as the authentication method. There
are at least two problems with this. The first one is that I don't
know how to configure the browsers to supply the username/password
that I need. I cannot tell the users to make the actual users on their
machines, that is not an option. Can e.g. Mozilla be somehow told to
give the specified username/password to squid so it can pass it to
LDAP for the final check?

Another thing is that I would like to allow only one usage of the
password. I wouldn't like to give one password and 10 people to use
it. Is this possible in squid?

The last thing is that I made a lot of assumptions about what I would
like - maybe there is a much better/easier solution. If you have any
other thoughts about this or other ways this could/should be done,
please let me know.

Site Timeline