Locked down Virtualbox for a school environment

This is for discussing general topics about how to use VirtualBox.
mansin
Posts: 8
Joined: 17. Feb 2018, 17:31

Locked down Virtualbox for a school environment

Post by mansin »

Hi. First time user of VirtualBox and posting on here. I hope I'm the correct place.

So, I'm trying to build a Windows 7 (Guest) VM with various programming tools for computing students, so that it's sandboxed and unconnected to the main school network. The VM has been built and all ready as I need it to be. I want the VM to just be a shortcut for student's, so that they don't need to launch VirtualBox, only the VM. The vdi has been made Immutable, so the students can mess all they want, it resets on shutdown. I have changed the Default machine folder to C:\ProgramData\VirtualBox VMs. Here is a list of things I've tried and the problems encountered.

1) So, the VM has been created on a Windows 10 host, using a domain admin login account. I then right clicked the VM and chose Create shortcut on Desktop. For local testing, I put that shortcut in C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lin.lnk (Lin being the name of the VM. I then on the same Windows 10 host, I logged on as a Student domain account, found the shortcut (Lin.lnk) and clicked on it to run the VM. It returned the following error message "there is no virtual machine with the identifier". Also in the VBoxSVC log file it had the following:
00:00:00.194957          VirtualBox: object created
00:00:00.222532          ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine with UUID {dd9979b9-60af-4966-9e66-7c80ff5ca46a}}, preserve=false aResultDetail=0"
2) The second thing I tried was put the following commands in a vbscript and put a shortcut to the vbscript, same as I did with the first step. The vbscript looks like this:

Code: Select all

Dim objShell
Set objShell = CreateObject("WScript.Shell")

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" registervm ""C:\ProgramData\VirtualBox VMs\XP\XP.vbox""", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" setextradata global GUI/SuppressMessages remindAboutAutoCapture,remindAboutMouseIntegration On,showRuntimeError.warning.HostAudioNotResponding ,remindAboutGoingSeamless,remindAboutInputCapture, remindAboutGoingFullscreen", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" setextradata global GUI/RestrictedGlobalSettingsPages General,Input,Update,Language,Display,Network,Exte nsions,Proxy", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" setextradata global GUI/Customizations noSelector", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" setextradata Windows7 GUI/RestrictedRuntimeMenus Machine,View,Devices,Help,Debug", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" setextradata Windows7 GUI/RestrictedStatusBarIndicators HardDisks,OpticalDisks,FloppyDisks,Network,USB,Sha redFolders,Features,Mouse,Keyboard", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" setextradata Windows7 GUI/RestrictedCloseActions SaveState,PowerOff,Restore", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" startvm C:\ProgramData\VirtualBox VMs\XP\XP.vdi""", 1
For this step, the windows flashes for a second and then nothing. Looking at the VBoxSVC it said the following:

Code: Select all

VirtualBox COM Server 5.2.6 r120293 win.amd64 (Jan 15 2018 14:58:38) release log
00:00:00.002001 main     Log opened 2018-02-17T15:52:49.908419200Z
00:00:00.002001 main     Build Type: release
00:00:00.002001 main     OS Product: Windows 8.1
00:00:00.002001 main     OS Release: 6.3.9600
00:00:00.002001 main     OS Service Pack: 
00:00:00.010009 main     DMI Product Name: MS-7817
00:00:00.016015 main     DMI Product Version: 1.0
00:00:00.016015 main     Host RAM: 8069MB (7.8GB) total, 6342MB (6.1GB) available
00:00:00.016015 main     Executable: C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
00:00:00.016015 main     Process ID: 4348
00:00:00.016015 main     Package type: WINDOWS_64BITS_GENERIC
00:00:00.018016          VirtualBox: object creation starts
00:00:00.018016          Home directory: 'C:\Users\wmbtest\.VirtualBox'
00:00:00.018016          Installed Drivers:
00:00:00.019018            C:\windows\system32\DRIVERS\VBoxNetLwf.sys (Version: 5.2.6.20293)
00:00:00.020021            C:\windows\system32\DRIVERS\VBoxUSBMon.sys (Version: 5.2.6.20293)
00:00:00.020021            C:\windows\system32\DRIVERS\VBoxDrv.sys (Version: 5.2.6.20293)
00:00:00.020021            C:\windows\system32\DRIVERS\VBoxNetAdp6.sys (Version: 5.2.6.20293)
00:00:00.159431          HostDnsMonitor: old information
00:00:00.159431            no server entries
00:00:00.159431            no domain set
00:00:00.159431            no search string entries
00:00:00.159431          HostDnsMonitor: new information
00:00:00.159431            server 1: 10.88.160.21
00:00:00.159431            server 2: 10.88.0.21
00:00:00.159431            domain: school
00:00:00.159431            no search string entries
00:00:00.159431          HostDnsMonitorProxy::notify
00:00:00.213709          VD: VDInit finished with VINF_SUCCESS
00:00:00.214709          VirtualBox: object created
00:00:00.218213          ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'C:\ProgramData\VirtualBox'}, preserve=false aResultDetail=0
00:00:00.218213          ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'Windows7'}, preserve=false aResultDetail=0
00:00:00.218213          ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'Windows7'}, preserve=false aResultDetail=0
00:00:00.219714          Saving settings file "C:\Users\wmbtest\.VirtualBox\VirtualBox.xml" with version "1.12-windows"
00:00:00.220214          ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'Windows7'}, preserve=false aResultDetail=0
00:00:00.221716          ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'VMs\XP\XP.vdi'}, preserve=false aResultDetail=0
00:00:00.224218          Loading settings file "C:\ProgramData\VirtualBox VMs\XP\XP.vbox" with version "1.15-windows"
00:00:00.232227          Saving settings file "C:\Users\wmbtest\.VirtualBox\VirtualBox.xml" with version "1.12-windows"
00:00:05.241019 main     VirtualBox: object deletion starts
00:00:05.241019 main     ERROR [COM]: aRC=VBOX_E_OBJECT_IN_USE (0x80bb000c) aIID={4afe423b-43e0-e9d0-82e8-ceb307940dda} aComponent={MediumWrap} aText={Medium 'C:\ProgramData\VirtualBox VMs\XP\Snapshots/{cfa17718-3029-4256-b718-b18b600d099f}.vdi' cannot be closed because it is still attached to 1 virtual machines}, preserve=false aResultDetail=0
00:00:05.241019 main     ERROR [COM]: aRC=VBOX_E_OBJECT_IN_USE (0x80bb000c) aIID={4afe423b-43e0-e9d0-82e8-ceb307940dda} aComponent={MediumWrap} aText={Cannot close medium 'C:\ProgramData\VirtualBox VMs\XP\XP.vdi' because it has 1 child media}, preserve=false aResultDetail=0
00:00:05.247732 Watcher  ERROR [COM]: aRC=E_ACCESSDENIED (0x80070005) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={The object is not ready}, preserve=false aResultDetail=0
00:00:05.247732 main     VirtualBox: object deleted
The idea is to copy the entire VM & it's associated files/folders and distribute to a IT Suite of 20 computers. I feel I'm so close to achieving this but really don't know what I need to do to over the errors. Any assistance from you would be greatly appreciated.

Thank you
Manny
Last edited by socratis on 19. Feb 2018, 21:15, edited 1 time in total.
Reason: Enclosed the information in [code] tag for better readability
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Locked down Virtualbox for a school environment

Post by socratis »

First of all, you've got to understand that the shortcut won't work for one reason; the VMs and the settings are "per user". You can have a shortcut to the VM, but only after the VM has been registered for each user that wants to run it.

So, your second idea of registering the VM, was closer to the goal. However, your script is not correct. I don't know how you're supposed to escape <space> in a command line in a script, but you're not doing it:
mansin wrote:Could not find a registered machine named 'C:\ProgramData\VirtualBox'}
That tells me that the space is taken as a separator and not as part of the path. You'll need to address that.

So, I would start simple. Do not start with the script, start with the command line. Troubleshoot it one layer at a time...

However, something that I hadn't realized is that the "registervm" has some restrictions. From the manual:
The registervm command allows you to import a virtual machine definition in an XML file into VirtualBox. The machine must not conflict with one already registered in VirtualBox and it may not have any hard or removable disks attached.
I haven't tried that part to see if it fails and why. It doesn't make too much sense to tell you the truth...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Locked down Virtualbox for a school environment

Post by socratis »

The manual is not right, it needs to be updated; you can register a VM with its disks, there's no such restriction any more. Previous post edited and corrected.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
mansin
Posts: 8
Joined: 17. Feb 2018, 17:31

Re: Locked down Virtualbox for a school environment

Post by mansin »

First of all thank you for taking time out to respond to my query. As you suggested, I have tried each command one at a time using cmd prompt. There are the only 3 commands I've ran:

This one ran without an issue (as in no errors)
c:\Program Files\Oracle\VirtualBox>vboxmanage.exe setproperty machinefolder "C:\ProgramData\VirtualBox VMs"
This one ran without an issue (as in no errors)
c:\Program Files\Oracle\VirtualBox>vboxmanage.exe registervm "C:\ProgramData\VirtualBox VMs\XP\XP.vbox"
This one errored with the following message:
c:\Program Files\Oracle\VirtualBox>vboxmanage.exe startvm "C:\ProgramData\VirtualBox VMs\XP\XP.vdi"

VBoxManage.exe: error: Could not find a registered machine named 'C:\ProgramData\VirtualBox VMs\XP\XP.vdi'
VBoxManage.exe: error: Details: code VBOX_E_OBJECT_NOT_FOUND (0x80bb0001), component VirtualBoxWrap, interface IVirtualBox, callee IUnknown
VBoxManage.exe: error: Context: "FindMachine(Bstr(pszVM).raw(), machine.asOutParam())" at line 595 of file VBoxManageMisc.cpp
The The VBoxSVC log file reports the following, being consistent with the above mentioned commands that I ran.

Code: Select all

VirtualBox COM Server 5.2.6 r120293 win.amd64 (Jan 15 2018 14:58:38) release log
00:00:00.000000 main     Log opened 2018-02-20T13:35:43.561618300Z
00:00:00.000000 main     Build Type: release
00:00:00.000000 main     OS Product: Windows 8.1
00:00:00.000000 main     OS Release: 6.3.9600
00:00:00.000000 main     OS Service Pack: 
00:00:00.000000 main     DMI Product Name: MS-7817
00:00:00.015626 main     DMI Product Version: 1.0
00:00:00.015626 main     Host RAM: 8069MB (7.8GB) total, 6622MB (6.4GB) available
00:00:00.015626 main     Executable: c:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
00:00:00.015626 main     Process ID: 3104
00:00:00.015626 main     Package type: WINDOWS_64BITS_GENERIC
00:00:00.015626          VirtualBox: object creation starts
00:00:00.015626          Home directory: 'C:\Users\msingh\.VirtualBox'
00:00:00.015626          Installed Drivers:
00:00:00.015626            C:\windows\system32\DRIVERS\VBoxNetLwf.sys (Version: 5.2.6.20293)
00:00:00.015626            C:\windows\system32\DRIVERS\VBoxUSBMon.sys (Version: 5.2.6.20293)
00:00:00.015626            C:\windows\system32\DRIVERS\VBoxDrv.sys (Version: 5.2.6.20293)
00:00:00.015626            C:\windows\system32\DRIVERS\VBoxNetAdp6.sys (Version: 5.2.6.20293)
00:00:00.015626          Loading settings file "C:\Users\msingh\.VirtualBox\VirtualBox.xml" with version "1.12-windows"
00:00:00.188313          HostDnsMonitor: old information
00:00:00.188313            no server entries
00:00:00.188313            no domain set
00:00:00.188313            no search string entries
00:00:00.188313          HostDnsMonitor: new information
00:00:00.188313            server 1: 10.88.160.21
00:00:00.188313            server 2: 10.88.0.21
00:00:00.188313            domain: school
00:00:00.188313            no search string entries
00:00:00.188313          HostDnsMonitorProxy::notify
00:00:00.236018          VD: VDInit finished with VINF_SUCCESS
00:00:00.237017          Loading settings file "C:\ProgramData\VirtualBox VMs\XP\XP.vbox" with version "1.15-windows"
00:00:00.237518          VirtualBox: object created
00:00:00.239009          ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'C:\ProgramData\VirtualBox VMs\XP\XP.vdi'}, preserve=false aResultDetail=0
00:00:05.254991 main     VirtualBox: object deletion starts
00:00:05.254991 Watcher  ERROR [COM]: aRC=E_ACCESSDENIED (0x80070005) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={The object is not ready}, preserve=false aResultDetail=0
00:00:05.254991 main     VirtualBox: object deleted
I think I'm getting a little closer now. Is it that it's not registering the VM, despite the fact I have ran the registervm command successfully?

Any further assistance greatly appreciated.

Thank you
Manny
Last edited by socratis on 20. Feb 2018, 23:54, edited 1 time in total.
Reason: Enclosed the information in [code] tag for better readability
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Locked down Virtualbox for a school environment

Post by socratis »

mansin wrote:This one errored...
vboxmanage.exe startvm "C:\ProgramData\VirtualBox VMs\XP\XP.vdi"
Do you mind reading the syntax for the "startvm" sub-command from ch. 8.2. Commands overview of the User Manual? Here's what you get if you type it with no arguments:
$ VBoxManage startvm
Usage:

VBoxManage startvm          <uuid|vmname>...
                            [--type gui|headless|separate]
                            [-E|--putenv <NAME>[=<VALUE>]]
You see the <uuid|vmname> argument? You do not put the full path to the hard drive of the VM as an argument, you put the VM name (guessing "XP"), or the UUID. So, please try with:
  • VBoxManage startvm "XP"
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
mansin
Posts: 8
Joined: 17. Feb 2018, 17:31

Re: Locked down Virtualbox for a school environment

Post by mansin »

Hi, thank you again for your guidance.

The following commands, when ran manually, one by one, work just fine. The VM launches and runs fine.
c:\Program Files\Oracle\VirtualBox>vboxmanage.exe setproperty machinefolder
ProgramData\VirtualBox VMs"

c:\Program Files\Oracle\VirtualBox>vboxmanage.exe registervm "C:\ProgramData
tualBox VMs\XP\XP.vbox"

c:\Program Files\Oracle\VirtualBox>vboxmanage.exe startvm "C:\ProgramData\Vi
lBox VMs\XP\XP.vbox"
Waiting for VM "C:\ProgramData\VirtualBox VMs\XP\XP.vbox" to power on...
VM "C:\ProgramData\VirtualBox VMs\XP\XP.vbox" has been successfully started.
The same commands, when ran through a vbscript, errors.

This is the vbscript:
Dim objShell
Set objShell = CreateObject("WScript.Shell")

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" setproperty machinefolder C:\ProgramData\VirtualBox VMs""", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" registervm ""C:\ProgramData\VirtualBox VMs\XP\XP.vbox""", 0

objShell.Run """C:\Program Files\Oracle\VirtualBox\vboxmanage.exe"" startvm C:\ProgramData\VirtualBox VMs\XP\XP.vbox""", 1
The error is:
00:00:00.252191 ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'C:\ProgramData\VirtualBox'}, preserve=false aResultDetail=0
00:00:00.252691 Loading settings file "C:\ProgramData\VirtualBox VMs\XP\XP.vbox" with version "1.15-windows"
00:00:00.253210 Saving settings file "C:\Users\msingh\.VirtualBox\VirtualBox.xml" with version "1.12-windows"
00:00:00.255473 ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'VMs\XP\XP.vbox'}, preserve=false aResultDetail=0
Thank you
Manny.
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Locked down Virtualbox for a school environment

Post by socratis »

You didn't have to quote the whole thing again anew. Just look at your error:
mansin wrote:{Could not find a registered machine named 'C:\ProgramData\VirtualBox'}
Which means that you do NOT escape your script correctly, and the path is not sent as a complete path, but the <space> is considered as a... space, e.g. a separator of commands/arguments. You need to check the VBscript sites for help on how to do that. I have mostly experience with AppleScript and bash scripting, but I'm sure a 5 minute search (I'm exaggerating here) will guide you to the solution...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
mansin
Posts: 8
Joined: 17. Feb 2018, 17:31

Re: Locked down Virtualbox for a school environment

Post by mansin »

Hi.

I have discarded the vbscript method and now trying batch file. Again I am getting this error. It's now clearly picking up the full path to the vbox file but can't find the registered machine named...
00:00:00.186806 ERROR [COM]: aRC=VBOX_E_OBJECT_NOT_FOUND (0x80bb0001) aIID={9570b9d5-f1a1-448a-10c5-e12f5285adad} aComponent={VirtualBoxWrap} aText={Could not find a registered machine named 'c:\programdata\virtualbox vms\xp\xp.vbox'}, preserve=false aResultDetail=0
But as you can see it's perfectly happy with the startvm command being run manually:
c:\Program Files\Oracle\VirtualBox>vboxmanage.exe startvm "c:\programdata\virtua
lbox vms\xp\xp.vbox"
Waiting for VM "c:\programdata\virtualbox vms\xp\xp.vbox" to power on...
VM "c:\programdata\virtualbox vms\xp\xp.vbox" has been successfully started.
I'm starting to think VirtualBox doesn't like commands run from a script/batch file?

Thanks
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Locked down Virtualbox for a school environment

Post by socratis »

Again, you're not escaping the filename in your batch file correctly. VBoxManage has no problem if it's run from a script or not. Your script may have a problem.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
andyp73
Volunteer
Posts: 1631
Joined: 25. May 2010, 23:48
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Assorted Linux, Windows Server 2012, DOS, Windows 10, BIOS/UEFI emulation

Re: Locked down Virtualbox for a school environment

Post by andyp73 »

Do you want to post the relevant parts from the batch file and we can give some guidance. Probably just needs some " " around paths somewhere.

-Andy.
My crystal ball is currently broken. If you want assistance you are going to have to give me all of the necessary information.
Please don't ask me to do your homework for you, I have more than enough of my own things to do.
mansin
Posts: 8
Joined: 17. Feb 2018, 17:31

Re: Locked down Virtualbox for a school environment

Post by mansin »

Hi again. Thank you for your replies. I have managed to get around the issue of the script. I came across the following script/batch file and it runs perfectly.

I have even managed to set a Shared Folders to students home drive, using the VirtualBox manager and it retains the setting when running the VM for any user. Here is the script:

Code: Select all

@echo off
rem #Global Settings
"C:\Program Files\Oracle\VirtualBox\vboxmanage.exe" setproperty machinefolder "C:\VM"
"C:\Program Files\Oracle\VirtualBox\vboxmanage.exe" registervm "C:\VM\XP1\XP1.vbox"
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata global GUI/Customizations noSelector,noMenuBar,noStatusBar
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata global GUI/PreventSnapshotOperations true
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata global GUI/Input/MachineShortcuts "TakeSnapshot=none,TakeScreenshot=none,MouseIntegration=none,Pause=none,SaveState=none,Close=none,SeamlessMode=none,ScaleMode=none,PopupMenu=none,SettingsDialog=none,InformationDialog=none,NetworkAdaptersDialog=none,SharedFoldersDialog=none,InstallGuestAdditions=none"
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata global GUI/RestrictedGlobalSettingsPages "General,Input,Update,Language,Display,Network,Extensions,Proxy"

@echo off
rem #Machines Specific Settings
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata "XP1" GUI/RestrictedCloseActions "SaveState,Restore"
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata "XP1" GUI/RestrictedVisualStates "Seamless,scale"
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata "XP1" GUI/PreventReconfiguration true
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata "XP1" GUI/PreventSnapshotOperations true
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata "XP1" GUI/HideFromManager true
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata "XP1" GUI/PreventApplicationUpdate true
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata "XP1" GUI/RestrictedRuntimeMenus "All,Machine,View,Help,Debug"
"C:\Program Files\Oracle\VirtualBox\VBoxManage" setextradata "XP1" GUI/RestrictedStatusBarIndicators "HardDisks,OpticalDisks,FloppyDisks,Network,USB,SharedFolders,VideoCapture,Features,Mouse,Keyboard"
"C:\Program Files\Oracle\VirtualBox\VBoxManage" guestproperty set "XP1" "/VirtualBox/GuestAdd/CheckHostVersion" 0
"C:\Program Files\Oracle\VirtualBox\vboxmanage.exe" startvm "C:\VM\XP1\XP1.vbox"
As I said it works great, the only final thing I need to make it work, is the USB. How can I make sure that USB storage attached to Host is also accessible to Guest? At the moment when Guest is running, it picks non of the Host attached USB storage. Is it something in the script that's stopping from this happening?

Many Thanks
Manny.
Last edited by socratis on 28. Feb 2018, 10:58, edited 1 time in total.
Reason: Enclosed the information in [code] tag for better readability
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Locked down Virtualbox for a school environment

Post by socratis »

mansin wrote:I have managed to get around the issue of the script
...by using a VM folder with no spaces. ;)
mansin wrote:How can I make sure that USB storage attached to Host is also accessible to Guest?
Shared folders or network (SMB) folders. That's the only way you can "share" a USB device, as they're not shareable as a device. But I didn't see any mention of any shared folders in your script as you say you have enabled.

BTW, you *do* realize that anyone could bypass these "locks" that you've put in place, right? It's not like you're getting them in a sandboxed environment, it's a security through obscurity approach...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
mansin
Posts: 8
Joined: 17. Feb 2018, 17:31

Re: Locked down Virtualbox for a school environment

Post by mansin »

Hi Socratis.

I am not after a shared USB device/location. All I need to happen is that when a USB memory stick is plugged into the Host, it also gets picked up inside the Guest. Now it's straight forward to do this when using VirtualBox Manager, simply clicking on Devices > USB > and choosing the plugged in USB device to show up in Guest. My need is for this to happen, whilst the locks are in place.

You also mention the locks can be bypassed, could you please explain how? How else can a sandbox environment be provided for a educational institute?

Thanks
Manny
Martin
Volunteer
Posts: 2560
Joined: 30. May 2007, 18:05
Primary OS: Fedora other
VBox Version: PUEL
Guest OSses: XP, Win7, Win10, Linux, OS/2

Re: Locked down Virtualbox for a school environment

Post by Martin »

VirtualBox is not designed for such an environment, so you cannot really lock it down against users who know how to do it.
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Locked down Virtualbox for a school environment

Post by socratis »

mansin wrote:My need is for this to happen, whilst the locks are in place.
There are no "locks", I've already explained that, more later. What you most probably mean are the obscured GUI tools. That's all...

What you're changing with these locks are configuration files. User configuration files. User read-write configuration files. You see where I'm going with this? What you're doing is "suggestions"/"defaults". A savvy user can bypass all of this and make your efforts moot. I could go and change each and everyone of these files, and get a fresh, virgin VirtualBox configuration.

And as for the USB, you can't "suggest" a device that you don't know what it's going to be a priori.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Post Reply