You're trying to give them the ability to logon to the VM's console using the Hyper-V client, right? In other words, their connection is really to the host? Anything RDP directly to the VM will fail one the VPN tunnel starts? On Dec 29, 2015 5:01 PM, "Kurt Buff" <[email protected]> wrote:
> All, > > We're mostly a VMware environment, so I'm struggling a bit with this > configuration. > > We have a Hyper-V (2012 R2) host in our DMZ with its own AD infrastructure. > > We're trying to stand up some VMs to which a few of our support staff > can log in, and support some of our customers. > > The catch is that they use the VMs to start a VPN client, and many of > our customers turn off split tunneling, which means that merely > logging into the VM with RDP won't cut it, because once a > dedicated/non-split tunnel is connected, the RDP connectiion to the VM > fails. > > In vSphere, I can assign access permissions to a VM, and the user can > only get console access to that VM, and can't touch, or even see, the > other VMs in the cluster. > > Is there any similar facility in Hyper-V? I don't want our support > staff to have access to all of the VMs on the host, nor be able to do > any real management of the host. At most, they should have standard > user rights on the VM, but they need the equivalent of the VMware > console access. > > Help and pointers much appreciated. > > Kurt > > >
