We have an application with a strange and bad design that requires the virtual machines console to be unlocked, and a browser windows with probably sensitive information will be available to vCenter users opening this virtual machines console.
Thats my reason for preventing all vCenter users access to this VM's console, and there might be other good reasons for limiting the number of simultaniously VM console sessions to a number lower that the default which is 40.
After some googling I found the advanced setting RemoteDisplay.maxConnections which I tested with values set to both 0 and 1, but it didn't work. After a support session with VMware support there is a option in edit settings in the GUI where we can limit the number of simultaniously sessions. To do this with PowerCli, which is my preferred way, you can do something like this:
PS> get-vm werner-test01 | Get-AdvancedSetting -Name RemoteDisplay.maxConnections PS> (get-vm werner-test01).ExtensionData.Config.MaxMksConnections 40 PS> $spec = New-Object VMware.Vim.VirtualMachineConfigSPec PS> $spec.MaxMksConnections=0 PS> $spec.GuestAutoLockEnabled=$false PS> (get-vm werner-test01).ExtensionData.ReconfigVM_Task($spec) Type Value ---- ----- Task task-10578949 PS> (get-vm werner-test01).ExtensionData.Config.MaxMksConnections 0 PS> Get-VM werner-test01 | Get-AdvancedSetting -Name RemoteDisplay.maxConnections Name Value Type Description ---- ----- ---- ----------- RemoteDisplay.max... 0 VM
Notice that changing the default here also adds the advanced setting RemoteDisplay.maxConnections.