Methods and systems for provisioning a virtual resource in a mixed-use server
First Claim
1. A method for provisioning a virtualized resource in a mixed-use virtualization environment, the method comprising:
- directing, by a provisioning machine, a hypervisor executing on a server, to provision a virtual machine on the server;
directing, by the provisioning machine, a directory service management component executing on a directory server to generate a first organizational unit within a multi-tenant directory service associated with a first entity and separated from a second organizational unity in the multi-tenant directory service by a firewall;
associating, by the provisioning machine, the virtual machine with the first organizational unit;
directing, by the provisioning machine, the directory service management component to establish a firewall policy preventing a user authorized to access the second organizational unit in the multi-tenant directory service from accessing the first organizational unit, the second organizational unit associated with a second entity, wherein establishing the firewall policy further comprises;
modifying, by the directory service management component, a policy object defining at least one attribute of the first organizational unity to include the firewall policy;
receiving, by the provisioning machine, from a management component, a request to provision a virtualized resource for at least one user within an organization, the request received after the provisioning of the virtual machine and generation of the first organizational unit; and
establishing, by the server, a connection between a client machine of the at least one user and the at least one virtual machine providing the at least one virtual resource.
6 Assignments
0 Petitions
Accused Products
Abstract
A method for provisioning a virtualized resource includes directing, by a provisioning machine, a server-executed hypervisor to provision a virtual machine. The provisioning machine directs generation of an organizational unit within a first organizational unit within a multi-tenant directory service separated from a second organizational unit in the multi-tenant directory service by a firewall. The provisioning machine associates the virtual machine with the first organizational unit. The provisioning machine establishes a firewall policy on the virtual machine restricting communications to the virtual machine and excluding a user associated with the second organizational unit. The provisioning machine receives a request to provision a virtualized resource for at least one user. The server establishes a connection between a client machine of the at least one user and the at least one virtual machine providing the at least one virtual resource.
-
Citations
9 Claims
-
1. A method for provisioning a virtualized resource in a mixed-use virtualization environment, the method comprising:
-
directing, by a provisioning machine, a hypervisor executing on a server, to provision a virtual machine on the server; directing, by the provisioning machine, a directory service management component executing on a directory server to generate a first organizational unit within a multi-tenant directory service associated with a first entity and separated from a second organizational unity in the multi-tenant directory service by a firewall; associating, by the provisioning machine, the virtual machine with the first organizational unit; directing, by the provisioning machine, the directory service management component to establish a firewall policy preventing a user authorized to access the second organizational unit in the multi-tenant directory service from accessing the first organizational unit, the second organizational unit associated with a second entity, wherein establishing the firewall policy further comprises; modifying, by the directory service management component, a policy object defining at least one attribute of the first organizational unity to include the firewall policy; receiving, by the provisioning machine, from a management component, a request to provision a virtualized resource for at least one user within an organization, the request received after the provisioning of the virtual machine and generation of the first organizational unit; and establishing, by the server, a connection between a client machine of the at least one user and the at least one virtual machine providing the at least one virtual resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification