This project is not something that I will be starting now, but it represents ongoing work for several months now. Since we have lots of professors, freelance and internal MCTs that work here (VŠPR and Algebra), we had to devise a plan on how to give them all access to MOC virtual machines and our internal virtual machines without compromising security and license agreements. Then needed secure and fast access from wherever they may be to go through labs and practices or to test some new software implementations and their own projects.
First idea was to use SCVMM 2012 beta, but since this is going to be on production servers, we decided to go with SCVMM 2008 R2 SP1 version instead. We already have several Hyper-V enabled hosts that we use for infrastructure purposes so we added them to a SCVMM console in a separate host group. Two new Hyper-V host where added to VŠPR host group to be uses for educational and testing purposes. As you can see, currently there is only one Hyper-V host server in VŠPR group and on it we have lots of MOC virtual machines (these are developer MOC machines).
As you can see in Owner column, each virtual machine has an owner. In this case, we created AD security group that will contain all developers that have access to these machines through portal. Next step is to create Self Service Portal Users group that gives them access to portal itself. We did that in Administration pane of SCVMM console. They where given access only to virtual machines that are in VŠPR host group and they where given permissions for everything except to remove virtual machines and local admin rights. We did not give them permissions to create virtual machines for now.
After installing the SCVMM portal itself, we decided not to publish it to the Internet, but rather to create VPN accounts for all intended users and allow them access only to those computers in network that are needed to start and use virtual machines. After completing all the necessary steps, we tested internal and external access and released the project to production.
Now, whenever some of the professors or MCTs has a need to test something out or evaluate MOC practices and LABS, he can do so by accessing the SCVMM portal prom wherever he or she is.
Next step will be migration of all data and virtual machines to SCVMM 2012 production machine as soon as it goes RTM. We will then implement several private cloud scenarios that will utilize current Hyper-V hosts and allow our users to create their own virtual machines for testing purposes and software evaluation.