What: How can I maintain centralized control over a large system?

Explained: I need all system and user environment configurations to be controlled by a single point. Including the installation of trusted packages by normal users, screen resolutions, application paths, and login hours (controlling when users can access various resources) with automatic logout after a predefined idle term.

Why: Because frequently terminals do not have their access physically restricted and it is important that the same applications be made available to every system (ERP clients on engineering systems for example) and that every system be equally accessible… with the exception of restricted systems that may have additional resources or unrestricted access for select users.

Windows: In Windows this can all be done using a domain hierarchy and various group policies.

My Understanding: My understanding is that a NIS lacks the capability to push homogenous desktops based on the system class, lacks the granularity of security to allow and control package installation for users that are normally not able to install packages without creating serious security concerns. NISes are also unable to control user access times based on the system class, nor do they support automatic logout dependant on user activity.
Replies included (in order of popularity):
[list=1][*]There is no way to do this[*]There is no way to do this in Linux or Windows[*]KIOSK framework[*]LDAP[*]YAST[*]PAM[/list=1]

Most of these answers are incomplete... but I wonder if they can address all the points:

A single point of configuration for all systems covering:
- packages management
- application paths
- desktop environments
- session controls
- accountability across systems

I am leaning toward Linux can do this... but it requires a hell of a lot of work to set up... and even them I am not sure that it can handled package mangement or accountability in a manner that I'd be comfortable with.

This needs to be discussed more, because despite all my reading on this subject everything is still pretty blurry. I feel like Linux is capable, I just don't know how still.

cheers,

catch