For computer sciences we'd like to give students access to sandboxed VDIs as they'll need to be local admins for some of the exercises. The hypervisor itself would be connected to the domain, but the virtual machines running on it would only be talking to each other (or if we were to allow them internet connectivity there would be a an ACL on the sandbox vlan only allowing connectivity to the proxy box).
I've found tons of articles about providing access to domain pools or domain personal desktops, but not what I'm trying to achieve.
I haven't got a dedicated lab room, so I can't let them have a load of old PCs to play with. We've successfully used locally installed virtualisation software, but that limits the teaching to rooms it's installed in.
The user would log onto the domain PC as normal.
They'd have a connection to the VDI, but ideally not RDP as we're trying to emulate physical/console access.
On the Virtual Desktop they've got local admin rights.
However, they can't access the underlying hypervisor settings (e.g. can't create a new virtual switch).
Has anyone done anything similar or could you point me in the direction of a guide/whitepaper.
What did you end up doing in the end?
I'm currently logging into running local VMs with shared access to there documents to save work then on reboot the VM is wiped ready for the next user.
We have to let students use visual basic and they compile and create .exe . Our gpo's dont let students run exe. We therefore use the same as Rob Fuller I think using local virtual machine (win7) made into non-persistant drive (changes lost on restart) with no networking. This is run by using VMplayer vers 5.
Student logs on to outside physical machine... then starts up virtual windows 7 , they are full admin over this VM, they use visual basic , run the .exe or any other .exe they choose to copy inside this VM , but is safe as no network and if it destroys the virtual machine , just stop and start it and its back as new.
The visual basic projects can be drag dropped from VM to physical (their my documents) for safe keeping.
But its time consuming to create the VM, copy to each physical machine and setup.
What I want is a server solution ( i have failed here, cant drag drop files without network being on) or sand box to run the .exe in.
Ideas please ?