Andrew Morgan – Sr. Developer Advocate for NICE DCV – created a guide how to dynamically set NICE DCV session permissions at Windows logon:
When using system authentication, Windows-based NICE DCV servers delegate client authentication to the underlying operating system. Upon authentication, DCV validates the DCV permissions, which specify the users that are allowed to access the session stream and the features they can use. Dynamically setting DCV session permissions allows administrators to automate session permissions based on specific events. This is especially beneficial when the DCV servers are joined to Active Directory, since the domain users and policies are known to the operating system. A similar method can be applied to non-domain joined machines; however, the end users will require local user accounts on the operating system. For this walkthrough, you will focus on domain-joined environments.
In this blog, you will deploy Windows scheduled tasks via Group Policy that will be invoked based on user login and logoff events. At logon, a task invokes a local PowerShell script to dynamically set the DCV session permissions. These permissions only allow the initial user access to the DCV session. Upon logout, a local logout script is invoked to reset the permissions allowing all domain users to access the server. The provided permissions can be further modified to fit your exact use case.
Continue reading the blog post: Dynamically set NICE DCV session permissions at Windows logon. Any questions about NICE DCV just let us know.