Remote Desktop Connection

RemoteApp for Hyper-V (VDI) Deployment

9 mar

Pubblicato da admin in Remote Desktop Connection

Nessun commento

Similar to RemoteApp, the RemoteApp for Hyper-V feature allows users to access a specific hosted application remotely, as opposed to the entire desktop. When using RemoteApp, the application runs in the context of a server session; however, RemoteApp for Hyper-V enables remote access to an application running on a Hyper-V virtual machine (VM). That is, this feature allows you to launch applications that are hosted on VMs as remote applications.

Here I outline setup steps and common troubleshooting tricks for deploying RemoteApp for Hyper-V.

Supported Operating Systems

The supported SKUs for this feature are as follows:

  • Guest operating systems on the Hyper-V server (all client operating systems):
  1. Windows® 7 Enterprise, 32-bit edition; Windows 7 Ultimate, 32-bit edition
  2. Windows Vista® Enterprise with Service Pack 1 (SP1), 32-bit edition; Windows Vista Ultimate with SP1, 32-bit edition
  3. Windows® XP Professional with SP3, 32-bit edition
  • Client operating system
  1. Windows 7 64-bit / 32-bit

This feature can be deployed in either of the following two ways:

1. Stand-alone scenario

The administrator completes the following steps:

a. Set up the Hyper-V computer and install a supported guest operating system as outlined above in the “Supported Operating Systems” section.

For more information, see http://technet.microsoft.com/en-us/library/cc753637(WS.10).aspx.

b. Install the applications on the guest operating system and create RemoteApp RDP files specific to each application that would be launched as RemoteApp programs. How to create RemoteApp RDP files is explained in detail below.

c. Share these RDP files with the end user to launch this application as a RemoteApp program.

d. The user then launches these RDP files and enters their credentials to get access to the RemoteApp programs hosted on the guest operating system on the Hyper-V computer.

2. Virtual Desktop Infrastructure (VDI) scenario

The administrator completes the following steps:

a. Set up the entire VDI solution, which would involve deploying RD Connection Broker, farms, and personal desktops.

b. Install the applications on the guest operating systems in the farm or personal desktop, and create RDP files according to the farm or personal desktop deployment.

c. Share these RDP files with the end user so that they can launch these applications as RemoteApp programs.

d. The user then launches these RDP files and enters their credentials to get access to the RemoteApp programs hosted on the guest operating system on the Hyper-V computer.

To set up guest operating systems on which we can enable RemoteApp for Hyper-V:

1. Windows XP SP3 32-bit guest operating system

a. Setting up the guest operating system

1. Install Windows XP Professional SP3, 32-bit edition, on the Hyper-V computer as a virtual machine.

2. Enable Remote Desktop on this VM.

3. Install the Windows XP SP3 RemoteApp for Hyper-V package on this VM.

Note: The update package for Windows XP SP3 can be found here:

http://www.microsoft.com/downloads/details.aspx?FamilyID=2f376f53-83cf-4e5b-9515-2cb70662a81b&displaylang=en

4. Restart this VM after the package is installed.

5. Change the following regkey on this VM:

    • Go to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\TsAppAllowList.
    • Set the value of fDisabledAllowList to 1.

b. Creating the RDP file

1. Launch Remote Desktop Connection (MSTSC) and click Save As to save the RDP file that the administrator can use for the RemoteApp for Hyper-V feature.

clip_image002

2. Here is a sample RDP file for the stand-alone scenario described above:

clip_image004

The RDP file launches Notepad from the Windows XP SP3 guest operating system. The administrator can follow the steps below to create the RDP file.

As can be seen from the sample RDP file, the administrator would do the following:

1. Change the parameters

    • “remoteapplicationmode:i:1”
    • Alternate shell:s:rdpinit.exe

2. Add the parameters

    • RemoteApplicationName:s:<user friendly name>
    • RemoteApplicationProgram:s:<path to the application>
    • DisableRemoteAppCapsCheck:i:1
    • Prompt for Credentials on Client:i:1

After modifying the RDP file, the administrator saves the RDP file. For each application that he wants to publish as a RemoteApp program, the administrator creates an RDP file in a similar way as described above.

2. Windows Vista with SP1 32-bit guest operating system

a. Setting up the guest operating system

1. Install Windows Vista SP1 Enterprise or Ultimate, 32-bit edition on the Hyper-V computer as a VM.

2. Enable Remote Desktop on this VM.

3. Install the Windows Vista SP1 RemoteApp for Hyper-V package on this VM.

Note: Update the package for Windows Vista SP1:

http://www.microsoft.com/downloads/details.aspx?familyid=097B7478-3150-4D0D-A85A-6451F32C459C&displaylang=en

4. Restart this VM after the package is installed.

5. Change the following regkey on this VM:

    • Go to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\TsAppAllowList.
    • Set the value of fDisabledAllowList to 1.

b. Creating the RDP file

1. Launch Remote Desktop Connection (MSTSC) and click Save As to save the RDP file that the administrator can use for the RemoteApp for Hyper-V feature.

clip_image002[1]

2. Here is sample RDP file for the stand-alone scenario described above:

clip_image006

The RDP file launches Notepad from the Windows Vista SP1 guest operating system. The administrator can follow the steps below to create the RDP file.

As can be seen from the sample RDP file, the administrator would do the following:

1. Change the parameters

    • “remoteapplicationmode:i:1”

2. Add the parameters

    • RemoteApplicationName:s:<user friendly name>
    • RemoteApplicationProgram:s:<path to the application>

After modifying the RDP file, the administrator saves the RDP file. For each application that he wants to publish as a RemoteApp program, the administrator creates an RDP file in a similar way as described above.

3. Windows 7 32-bit guest operating system

a. Setting up the guest operating system

1. Install Windows 7 Enterprise or Ultimate, 32-bit edition on the Hyper-V as a VM.

2. Enable Remote Desktop on this VM.

3. Change the following regkey on this VM:

  • Go to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\TsAppAllowList.
  • Set the value of fDisabledAllowList to 1.

b. Creating the RDP file

1. Launch Remote Desktop Connection (MSTSC) and click Save As to save the RDP file that the administrator can use for the RemoteApp for Hyper-V feature.

clip_image007

2. Here is sample RDP file for the stand-alone scenario described above:

clip_image008

The RDP file launches Notepad from the Windows 7 guest operating system. The administrator can follow the steps below to create the RDP file.

As can be seen from the sample RDP file, the administrator would do the following:

1. Change the parameters

    • “remoteapplicationmode:i:1”

2. Add the parameters

    • RemoteApplicationName:s:<user friendly name>
    • RemoteApplicationProgram:s:<path to the application>

After modifying the RDP file, the administrator saves the RDP file. For each application that he wants to publish as a RemoteApp program, the administrator creates an RDP file in a similar way as described above.

Some facts about the RemoteApp for Hyper-V feature

1. This feature is enabled by setting the following registry key on the Guest VM:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\TsAppAllowList, and setting the value of fDisabledAllowList to 1.
This means that we are disabling the application allow list on the VM, which means that any application from the VM can be launched as a RemoteApp program. The administrator does not have control over what applications are published or what applications can be launched. After the customer has the created RDP file, he can change the “RemoteApplicationName:s:” parameter and launch any application by setting the correct application path.

Troubleshooting issues that you might observe when enabling this feature

1. While launching RemoteApp for HyperV, you see the error “Windows cannot start the RemoteApp program.”

clip_image009

a. You might observe this error while enabling this feature.

b. This might happen if the fDisabledAllowList regkey is set to 0 on the VM.

c. Change the following regkey on this VM:

  • Go to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\TsAppAllowList.
  • Set the value of fDisabledAllowList to 1.

2. While launching RemoteApp on Windows XP SP3, the application does not launch and the connection is stuck in the details pane.

clip_image011

a. You might observe this error while enabling this feature on Windows XP SP3.

b. If you see this error, there is probably a missing parameter in your created RDP file.

c. Check to see if your created RDP file has alternate shell:s:rdpinit.exe.

d. If this parameter is missing, add this parameter to the RDP file and this should solve your problem.

3. “The remote computer does not support RemoteApp” error

clip_image012

a. You might observe this error while enabling this feature on Windows XP SP3.

b. If you see this error, there is probably a missing parameter in your created RDP file.

c. Check to see if your created RDP file has DisableRemoteAppCapsCheck:i:1

d. If this parameter is missing, add this parameter to the RDP file and this should solve your problem.

4. While launching RemoteApp on Windows XP SP3 / Windows Vista SP1, the application might get stuck in Remote Desktop

a. You might observe this if the update package for Windows XP SP3 or Windows Vista SP1 is not installed correctly on the VM.

b. Uninstall the package and restart the VM to make sure that the package is completely removed.

c. Now, reinstall the package and following the setup instructions as described above for Windows XP SP3 or Windows Vista SP1.

5. While launching RemoteApp, the credential window is shown in the details pane.

clip_image014

a. You might observe this error while enabling this feature on Windows XP SP3.

b. If you see this error, there is probably a missing parameter in your created RDP file.

c. Check to see if your created RDP file has Prompt for Credentials on Client:i:1.

d. If this parameter is missing, add this parameter to the RDP file and this should solve your problem.

Publish RD Gateway on an ISA server using a script

9 gen

Pubblicato da admin in Remote Desktop Connection

Nessun commento

The Remote Desktop Gateway (RD Gateway, formerly known as TS Gateway) ISA configuration script helps ease the process of setting up an ISA server for RD Gateway supported scenarios such as the RD Gateway-ISA core scenario and the RD Gateway-ISA OTP scenario. The script runs on the ISA server and completely eliminates the need to configure the ISA server through wizards. Instead, users can create web listeners and web publishing rules through the command line. Additionally, the script can validate existing web publishing rules and web listeners. In the event that issues are discovered with them, the script provides a list of warnings and errors to the user. The script is supported on ISA server 2004 and later versions. It can be used to publish Windows Server 2008 and higher versions of RD Gateway. This script, along with information on its usage, can be found here.

Windows 7 with RDP7: Best OS for VDI

8 nov

Pubblicato da admin in Remote Desktop Connection

3 commenti

In the minds of IT admins looking to enable a virtual desktop infrastructure (VDI) environment, Windows XP has by far been the preferred OS running in the VMs. However, with the arrival of Windows 7, IT admins have several important reasons to reconsider. In fact, an upcoming RDP Performance Whitepaper will provide a rich set of data to convince even the most skeptical critics that Windows 7, with its enhanced user experience, performance on the wire, and security outshines Windows XP as the virtualized guest OS of choice.

When users connect to a Windows 7 VM, the RDP7 protocol will be used to communicate between client and VM if RDP 7 or Remote Desktop Connection 7 (RDC7) client is used. RDC7 client is offered on variety of OSs, including XPSP3, Vista SP1 and Vista SP2 and the same client is part of the Windows 7 OS (see blog post for more details: Announcing the availability of Remote Desktop Connection 7.0 for Windows XP SP3, Windows Vista SP1, and Windows Vista SP2 ).

When an RDP 7 client connects to a Windows 7 VM, it can take advantage of all the new features implemented in Windows 7.  However, when the same RDP 7 client connects to a Windows XP VM, it will start talking the 9-year-old RDP 5.2 protocol.

User Experience

To test the user experience improvements that the RDP 7 client provides when connecting to a Windows 7 guest VM, we picked the following scenarios:

  1. Media(.wmv) playing in a remote session with Windows Media Player
    1. A Windows 7 VM will give you an experience that is close to watching the same video locally from your PC
    2. On Windows XP with RDP5.x , the video may degrade to become a “slide show” with audio sync behind
  2. Video playing from any popular site:
    1. You’ll find that with Windows 7 you can enjoy the video content
    2. With Windows XP, the experience is much worse. You may experience the same “slide show” effect as with media .wmv files
  3. Aero graphics (“Aero glass”)
    1. RDP7 with Windows 7 is able to remote Aero for your increased productivity and pleasure, so you don’t need to default to the green field of Windows XP Classic theme.
    2. Windows XP will not be able to provide Aero
  4. Audio chat experience
    1. Windows 7 will provide you with bi-directional audio, i.e. with the chance to reply, not only listen silently to the conversation. Using the microphone on your local device, you will be able to change a monologue to a dialogue
    2. With Windows XP, there will be no microphone input from your client computer
  5. Multimonitor sessions–here the difference is even more pronounced
    1. If you have more than a single monitor when connected to a Windows 7 VM, all of them will be available to your virtual desktop
    2. If you continue to work with Windows XP, only one of the monitors will be used, all others will sit on your table collecting dust
  6. Logon speed
    1. Window 7 Client boots faster; you can initiate logon before the whole OS is booted up.
    2. Windows XP boots slower; you have to wait for the entire OS to boot up before logging on.

Performance

Let’s examine the performance of the RDP 7 protocol compared to the RDP 5.2 protocol of the Windows XP era.

  1. Windows 7 introduced a new codec that compresses bitmaps very well and can also distinguish between text and images, applying different compression techniques with different levels of “lossiness” to text or images. The goal with text is to keep it readable, so lossy compression has to be avoided. With images, the human eye is more forgiving when we allow some lossiness, in order to save bandwidth. Windows XP is using RDP 5.2 bitmap compression, which requires twice as much bandwidth on the wire as the RDP 7 codec and does not have a good dynamic approach for different types of content.
  2. In addition to the bitmap compression improvement, the RDP 7 protocol supports a better byte compression technique that is 3 times more effective for all content from a VM to an RDP 7 client–graphics, print data, audio, clipboard, media, and so on. A Windows XP VM will use an older byte compression algorithm that will not be comparable to the modern compression technique available in RDP 7.
  3. IT admins can prioritize interactive traffic (graphics) higher than non-interactive traffic (print/files/clipboard) by assigning a ratio of available bandwidth to these two categories of traffic. By default in both Windows 7 and Windows XP, 70% of the available bandwidth is given to graphics/interactive data, and 30% to all other content. Only Windows 7 VMs allow admins to control this ratio based on their real needs.

Security

Windows 7 with RDP 7 takes remote session security to the next level. When connecting to a Windows XP VM, a connection will be created before security handshakes are finished:

  1. Windows XP VM does not support Kerberos for client/server and/or user authentication
  2. Windows XP VM does not support Network Layer Authentication (NLA): the remote session can be created even for a rogue user
  3. Windows XP VM, does not support Server Authentication, so this VM can be used by any RDP server to steal user credentials
  4. Windows XP VM does not support Transport Layer Security (TLS) / Secure Sockets Layer (SSL)

Windows 7 VM with RDP 7 supports all of the functionality you need to keep your system more secure: user-server authentication, Single Sign On, and Network Layer Authentication.

Administration

Windows 7 VMs are easier to deploy and administrate than Windows XP VMs.

  1. On Windows 7, there is no need to install an enlightenment package or to reboot VMs after a VDI configuration. On Windows XP, the administrator needs to install the enlightenment package and reboot the VMs before the OS can be accessed by the user
  2. Windows 7 supports offline domain join, which makes the process of joining a VDI VM to a domain faster and less error-prone
  3. Windows 7 has a newer version of sysprep, which enables the administrators to create Windows 7 VMs faster

The take-home message from this blog is simple: if you are considering deploying a VDI environment and you’re after the best user experience, performance, security, and administration support, I recommend you use a device running the new RDC7 client connecting to Windows 7 as the desktop OS running in the virtual machines.