[-=X.L.O.R.D=-] wrote:1guys, I think it can be done via power management feature if PC idle a period of time, sleep it.
Access is exclusively via RDP-sessions. I don´t know if I can get a VM to hibernatewhen idle and to wake up when someone tries to connect; and delying logins as mmightoccur when the VM needs to wake up first is not an option. Besides, internet accesswould not be denied at all and only not used when the VM is hibernating.
X—> Yup and just make sure the power-save is set-to never, so RDP session should be ready for RDP call-in request from remote. For your message, to disallow an user to have internet access that can be done via his account profile at local security from Microsoft product itself. Alternatively GPO policy at the AD. When he logs on to the username and password, his profile will also download to that PC.
Thanks, that´s something I need to look into. It would still be better than norestiction at all.The intention is to quarantaine windoze machines as much as possible for securityreasons. Hibernating doesn´t really help with that unless they´re never used …X —> One thing you can append is once user logged off, use a reborn-software to revert to the clean status or previous backup snapshot point.
Hope that help!
Xlord
-----Original Message----- From: CentOS-virt [mailto:centos-virt-bounces@xxxxxxxxxx] On Behalf Of hw Sent: Saturday, September 2, 2017 7:50 PM To: centos-virt@xxxxxxxxxx Subject: Re: change network settings of VM depending on logged in user(s)?
PJ Welsh wrote:
I'm not a M$ expert, but I've seen enough GPO's to believe there is a way to do it through Windows. PJWelsh
For the whole machine?
So far, I´ve only found information regarding blocking access for particular users. I want it the other way round, i. e. the whole maching usually not having access and allowing access to only a particular user.
Allowing access to only a particular user can (should ideally) involve the whole machine still not having access.
Perhaps it seems like an unusual request --- yet the more I think about it, it seems like it should become the default. Why should a machine have internet access all the time rather than only when it´s needed, and when it´s needed, why not restrict it to exactly what is needed and nothing else.
On Fri, Sep 1, 2017 at 11:43 AM, hw <hw@xxxxxxxx <mailto:hw@xxxxxxxx>> wrote:
Hi,
is there a way to disable internet access for a windoze 7 VM depending on which user(s) is/are logged in?
It seems windoze 7 doesn´t really support this, especially when you want to disable internet access for the whole machine, so I´m wondering if there is a way to do this when the machine is a KVM-VM running on Centos.
The whole VM should only have internet access when a particular user logs in, and preferably for only this particular user. _______________________________________________ CentOS-virt mailing list CentOS-virt@xxxxxxxxxx <mailto:CentOS-virt@xxxxxxxxxx> https://lists.centos.org/mailman/listinfo/centos-virt <https://lists.centos.org/mailman/listinfo/centos-virt>
_______________________________________________ CentOS-virt mailing list CentOS-virt@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos-virt
_______________________________________________ CentOS-virt mailing list CentOS-virt@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos-virt
_______________________________________________ CentOS-virt mailing list CentOS-virt@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos-virt
_______________________________________________CentOS-virt mailing listCentOS-virt@xxxxxxxxxxhttps://lists.centos.org/mailman/listinfo/centos-virt
|
_______________________________________________
CentOS-virt mailing list
CentOS-virt@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos-virt