Disallowing multiple vm console sessions

Currently I’m involved in a high-secure virtual infrastructure design and we are required to reduce the number of entry points to the virtual infrastructure. One of the requirements is to allow only a single session to the virtual machine console. Due to the increasing awareness \ demand of security in virtual infrastructure more organizations might want to apply this security setting.

1. Turn of the virtual machine.
2. Open Configuration parameters of the VM to edit the advanced configuration settings
3. Add Remote.Display.maxConnections with a value of 1
4. Power on virtual machine

Update: Arne Fokkema created a Power-CLI function to automate configuring this setting throughout your virtual infrastructure. You can find the power-cli function on ICT-freak.nl.

Comments

  1. says

    Hi Frank,

    First off great blog, I always have to set aside some time to re-read your longer posts to get and understand all the information.

    A correction for this post, the advanced setting is “RemoteDisplay.maxConnections”
    You have a dot between Remote and Display which doesn’t work on my 4.1 environment and might cause me issues when I redo my VCAP-DCA exam.

  2. Kiwi says

    Thanks Alastair, without the point between “Remote” and “Display” it also works in our 4.1 environment.