I apologize if this is answered somewhere in the FAQ, but I could not find answer.
Is there a way to have the guest operating system do the user authentication? ie: I have a W2008 svr virtualized and would like to use the user management built into that system to manage users.
Open to any reliable method; just want the authentication to be handled by the guest operating system. The 'guest' option suggests that it may be the correct option, but the manual states no support yet. Does someone know of another way that can pass through authentication to the underlying guest system or of an unsupported method that works?
LDAP/?????/OTHER ?
Authentication through the guest op/sys
-
BillG
- Volunteer
- Posts: 5106
- Joined: 19. Sep 2009, 04:44
- Primary OS: MS Windows 10
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows 10,7 and earlier
- Location: Sydney, Australia
Re: Authentication through the guest op/sys
I don't see that this has much to do with VirtualBox, apart from the network settings.
Where are the users located? If they are on the physical LAN, I would think that all you need to do is run the vm with its NIC in bridged mode. The server in the vm would then work just like an additional server on the LAN. You do not need to pass anything between the host and guest. The vm is effectively on the LAN. The traffic between the server and its clients is not seen by the host OS.
Where are the users located? If they are on the physical LAN, I would think that all you need to do is run the vm with its NIC in bridged mode. The server in the vm would then work just like an additional server on the LAN. You do not need to pass anything between the host and guest. The vm is effectively on the LAN. The traffic between the server and its clients is not seen by the host OS.
Bill
-
rlr_leon
- Posts: 11
- Joined: 2. Jul 2011, 22:25
- Primary OS: Ubuntu other
- VBox Version: OSE Debian
- Guest OSses: W7/2008svr
Re: Authentication through the guest op/sys
BillG,
Thanks for the answer. My goal is to set it up as the front end for a Terminal Server login. I have the AD domain running behind it and the licensing server set up. Have verified that licenses are issued correctly and If I am on the local LAN, I can log into the main Term nonvb Server with multiple isolated logins. (I have tried up to 10 simultaneous userids so far.) The TS logins are working on other machines. Of course, file storage is directed elsewhere.
I want to make this the front-end for remote user login and therefore the login/authentication needs to be handled by the TS login. Currently, I can login to the domain from the Virtualbox, but the second user simple gets the screen from the first user. When multiple users are enabled, I want the second user to get another screen than the logged in user. This is not secure since users have to share the same session and the 2nd user gets the login access of the first user.
When I set my router to send users into the Windows front end; that login allows multiple users in different isolated sessions. When I try the same thing into the Virtual through Ubuntu, there is no multiple session. I want to make the Virtualbox the front end system so that I can quickly reset when users make errors. I want to have a quick recovery mechanism such as virtualbox and allow the login into AD.
I need real AD (non-wine) or something that looks like it since the users will not be very savvy. Need to present a familiar surface to them at least until I can guide them into a more enlightened way. [linux]
Thanks for the answer. My goal is to set it up as the front end for a Terminal Server login. I have the AD domain running behind it and the licensing server set up. Have verified that licenses are issued correctly and If I am on the local LAN, I can log into the main Term nonvb Server with multiple isolated logins. (I have tried up to 10 simultaneous userids so far.) The TS logins are working on other machines. Of course, file storage is directed elsewhere.
I want to make this the front-end for remote user login and therefore the login/authentication needs to be handled by the TS login. Currently, I can login to the domain from the Virtualbox, but the second user simple gets the screen from the first user. When multiple users are enabled, I want the second user to get another screen than the logged in user. This is not secure since users have to share the same session and the 2nd user gets the login access of the first user.
When I set my router to send users into the Windows front end; that login allows multiple users in different isolated sessions. When I try the same thing into the Virtual through Ubuntu, there is no multiple session. I want to make the Virtualbox the front end system so that I can quickly reset when users make errors. I want to have a quick recovery mechanism such as virtualbox and allow the login into AD.
I need real AD (non-wine) or something that looks like it since the users will not be very savvy. Need to present a familiar surface to them at least until I can guide them into a more enlightened way. [linux]
-
BillG
- Volunteer
- Posts: 5106
- Joined: 19. Sep 2009, 04:44
- Primary OS: MS Windows 10
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows 10,7 and earlier
- Location: Sydney, Australia
Re: Authentication through the guest op/sys
I still don't see how VirtualBox fits into this. Once the OS in the virtual machine is up and running it works just like the same OS running on a physical machine. If your Windows server is not doing what you expect I doubt that it has anything to do with VirtualBox. (VirtualBox is the name of the program. The virtual machine is called simply a virtual machine or a guest. It is not called a VirtualBox).
Have you configured the vm to use bridged networking? Does it get its network config from DHCP? Is it joined to the domain?
Your network design should be quite independent from the machine hosting your vms. The vm should look just like another machine on your LAN. If you cannot sort out your problem for yourself I would post (with a bit more detail about the network setup) in a Windows networking forum like http://social.technet.microsoft.com/For ... PN/threads .
Have you configured the vm to use bridged networking? Does it get its network config from DHCP? Is it joined to the domain?
Your network design should be quite independent from the machine hosting your vms. The vm should look just like another machine on your LAN. If you cannot sort out your problem for yourself I would post (with a bit more detail about the network setup) in a Windows networking forum like http://social.technet.microsoft.com/For ... PN/threads .
Bill
-
rlr_leon
- Posts: 11
- Joined: 2. Jul 2011, 22:25
- Primary OS: Ubuntu other
- VBox Version: OSE Debian
- Guest OSses: W7/2008svr
Re: Authentication through the guest op/sys
Thanks for the reply BillG:
Here it is:
The Virtualized machine is to be the the "frontline" for a terminal server installation running on AD Domain ==
This machine has been joined to the domain and authenticates the first user into the AD Domain. That much already currently works for a single user.
HOWEVER: when the second user connects via the virtualized machine [running in the virtualbox program] that second user and any subsequent users are given the same desktop that the first user has. ie: The desktop is SHARED and not separated as is the case on a real terminal server RDP machine. The real terminal server will present the second user into a separate memory space and they will get there own ISOLATED login/user session. I want this type of behavior to occur in VB if possible. ie: The second user [and subsequent users] will log into the AD using the virtualbox and receive their own separate desktop and their own assigned Active Directory settings.
I want the frontline to act the same whether it is on the virtual machine or if it is on the real machine. I hope that this is possible in VB.
Hopefully it is possible to have a multi-user login frontend that can offer the separate SESSIONS of the terminal server and also the recoverability benefit of being virtualized.
Separate sessions instead of shared sessions
Here it is:
The Virtualized machine is to be the the "frontline" for a terminal server installation running on AD Domain ==
This machine has been joined to the domain and authenticates the first user into the AD Domain. That much already currently works for a single user.
HOWEVER: when the second user connects via the virtualized machine [running in the virtualbox program] that second user and any subsequent users are given the same desktop that the first user has. ie: The desktop is SHARED and not separated as is the case on a real terminal server RDP machine. The real terminal server will present the second user into a separate memory space and they will get there own ISOLATED login/user session. I want this type of behavior to occur in VB if possible. ie: The second user [and subsequent users] will log into the AD using the virtualbox and receive their own separate desktop and their own assigned Active Directory settings.
I want the frontline to act the same whether it is on the virtual machine or if it is on the real machine. I hope that this is possible in VB.
Hopefully it is possible to have a multi-user login frontend that can offer the separate SESSIONS of the terminal server and also the recoverability benefit of being virtualized.
Separate sessions instead of shared sessions