Our proxies at work all have the ability to block users, groups, classrooms, etc. at certain times of the day, so a cron job runs every hour based on the timing of the school bells. It's all PHP, but you didn't say what language your cron scripts had to be
The script queries a MySQL database to work out what it needs to ban / unban for the following period, queries an LDAP server to retireve associated groups and their members if required or parses the output of a load of nslookup queries to find IP addresses of workstations set to be banned. It then updates relevant Squid or DansGuardian files, updates the MySQL database so the web front-end displays the correct status for users/groups/rooms banned, and then restarts the appropriate services.
I knocked it up during my lunch hour (spread out over about 2 weeks...).