Managing Shortlived Student Virtual Machines with PowerShell Automation: A Practical Engineering Walkthrough

Posted on by lando

I made this solution up as I went along so please feel free to critique!

In educational environments with heavy lab requirements, managing short lived student virtual machines (VMs) at scale can be complex, error-prone, and time-consuming. To address these challenges, I’ve developed a PowerShell-based automation framework that orchestrates the lifecycle of Hyper-V virtual machines for students at my organisation.

The goal of this tooling is to deliver a robust, repeatable, and maintainable process for creating, monitoring, and maintaining short lived VMs derived from a readonly base image, enabling a consistent lab environment while segmenting risk and greatly reducing administrative overhead. It’s also $free!$

My boss came to me and asked if we can set up virtual machines to segment risky student behaviour, he first recommended I take a look at the new windows temporary/emepherial VM tools. After a short amount of fiddling with it, I realised we could not enable it for a number of reasons, lack of clearly finegrained control, various unknowns and a habit for it to fail to boot with no extractable stack report or error message. In the end I realised that Hyper-V is free, comes with our volume licence for Windows 11 and can be managed with basic Powershell utils & some scheduled tasks.

So, here’s a high-level breakdown of the architecture and capabilities.

Overview

The script provides a command-driven interface to manage the full lifecycle of a student virtual machine. The core functionality supports:

  • Session management: logon, logoff, connect, disconnect
  • State transitions: build, reset, and assert correct configurations
  • Disk handling: managing base images, system differencing disks, and user-specific differencing disks
  • Network share: It connects the signed in hosts data folder via a SMB network share to the consuming VM, thanks to the nature of Microsofts relatively clever SMB it seems to be completely fine as it consumes the SMB as any other client server device, no funny weirdness! Makes sense!
  • Monitoring and housekeeping: proactively identifying and stopping orphaned or stale VMs to save compute resources, operates on a scheduled timer that checks to see who’s session is *probably* dead and boots them off.
  • Logging: consistent operational logging to the Windows event log and file-based transcripts for traceability

How It Works

At its heart, the script supports a set of discrete actions defined through a PowerShell parameter, such as monitor, buildvm, resetvm, and resetdiffdisk. These operations allow an administrator or an automated delivery system to drive the VM environment programmatically.

Key Features:

  • Per-user VMs: Each student gets their own VM named using a pattern that uniquely includes their account. This isolates their environment and avoids collisions.
  • Base images and differencing disks: A parent VHDX image acts as the golden template, while differencing disks (per student) store user-specific changes. This greatly reduces storage consumption compared to full clones.
  • Dynamic provisioning: If a student’s VM does not exist, the automation will build it on the fly, connect the correct differencing disk, and apply strict VM configuration settings.
  • System image layering: A separate system-level differencing disk can be used to efficiently deploy updates or application binaries across all student VMs.
  • Interaction is simple, the user has a shortcut on their desktop to start their named VM on this dev machine, the rest is done by the script building a diff and logging them into it.
  • Resource cleanup: The tooling includes routines to identify and decommission abandoned VMs, remove stale differencing disks, and clear network shares that are no longer in use.

Technical Design Highlights

  • Uses PowerShell’s Get-WmiObject and query user to identify interactive sessions
  • Leverages Hyper-V PowerShell modules to manage VM instances
  • Automates disk mounting/dismounting using Mount-VHD and Set-Partition
  • Creates virtual hard disks (VHDX) on demand with New-VHD in differencing mode
  • Integrates with Windows Event Log for persistent, centralized logging
  • Enforces robust VM startup configurations (dynamic memory, processor count, no auto-checkpoints) to keep labs consistent
  • Handles user-specific SMB shares for file-based delivery tied to each VM, cleaning up resources if the VM is stopped

Why It Matters

Virtual lab environments are critical for modern computing education. However, managing them by hand is painful and a TOTAL waste of time, as far as I’m concerned if something exists on a computer and user interaction can be defined, it can be automated.

By using PowerShell to fully automate the lifecycle of these Hyper-V VMs, I have built a repeatable, testable, and scalable solution that can be adapted to other educational or enterprise lab environments.

Don’t bother paying for vmware! It’s basically free to make! It’s only a few hundred lines of powershell.

Related Posts