Daniele Tosatto

The Remote Desktop Services Deployment Guide for Windows Server 2008 R2 is now live on the Download Center and on TechNet.  This guide is intended for use by system administrators and system engineers who are responsible for deploying the role services and features for Remote Desktop Services for the Virtual Desktop Infrastructure (VDI) environment. It provides detailed guidance for deploying a Remote Desktop Services design that is preselected by you, an infrastructure specialist, or a system architect in your organization.

The Terminal Services Deployment Guide for Windows Server 2008 is now live on the Download Center and on TechNet.  This guide is intended for use by system administrators and system engineers who are responsible for deploying the role services and features for Terminal Services. It provides detailed guidance for deploying a Terminal Services design that is preselected by you, an infrastructure specialist, or a system architect in your organization.

Microsoft published a video about installing a complete MS VDI solution and how many servers does it take.  Video showcases that you can setup a complete solution including backend, broker, and web publishing to provide virtualized clients on a single physical Windows Server 2008 R2 box.  This sample uses Windows 7 for the guest.     The complete 16 minute video is at http://www.microsoft.com/showcase/en/us/details/fbaf6f70-45fd-4c81-be70-6d276d54776b

To learn more about Microsoft VDI:

http://technet.microsoft.com/en-us/library/dd647502(WS.10).aspx (step-by-step guides)

http://social.technet.microsoft.com/Profile/en-US/?user=RemoteDesktopServices&sp=tng (scripts)

After a couple of months in beta, Citrix releases Essentials 5.5 for Hyper-V just before the holidays.

This version of the management platform for the Microsoft hypervisor includes a new technology called StorageLink Site Recovery.

This feature allows the Hyper-V administrators to control the replication features that their SAN arrays without using multiple consoles. From the Essentials console they can test the recovery process with what-if analysis, and restore the protected VMs in isolated, test networks.

The notable thing is that StorageLink Site Recovery is available for every version of Essentials, including the Express one which is free of charge (but it won’t appear there before Dec. 23).
HP announced its support for this technology a long time ago and now confirms integration with StorageWorks SANs.

I want to talk about a little known feature in Windows Server 2008 R2 that could be described as RemoteApp for Hyper-V. Like Microsoft RemoteApp, it allows users to access a specific hosted application remotely, as opposed to the entire desktop. With RemoteApp, the application runs in the context of a server session; however, RemoteApp for Hyper-V enables remote access to an application running in a Hyper-V VM.

With the advent of Windows 7, some enterprise customers were facing application compatibility issues with line-of-business applications that were specifically written for Windows XP and would not work on Windows 7.

One obvious way to resolve this issue is to run those incompatible applications in Windows XP Mode, a new feature that is available in certain Windows 7 SKUs and which simplifies migration to the new OS by allowing legacy XP applications to seamlessly run in their own context within a Windows 7 environment. Windows XP mode has specific hardware, OS and memory requirements. While this solution works well on newer machines with hardware virtualization support, the hardware requirements for XP mode might be prohibitive for some older PCs.

RemoteApp for Hyper-V allows users to remotely access Windows XP applications from their Windows 7 desktop with no additional hardware requirements.

• SKU support: RemoteApp for Hyper-V is supported on the following SKUs running as the guest OS:
  • Windows XP SP3: Professional
  • Windows Vista SP1 and above: Enterprise and Ultimate
  • Windows 7: Enterprise and Ultimate

Here are some examples of applications that will benefit from this feature:

• • Applications that are compatible only with Windows XP SP3
  • Applications that can run on Windows Server 2003, but not Windows Server 2008 or Windows Server 2008 R2
  • Applications that are supposed to be run only on a data center server for data security or compliance reasons

To use this feature, a user connects remotely from a client computer to the VM-hosted application. To host the applications, an administrator sets up a virtual machine with a guest OS on a Hyper-V server hosting the virtual machine.

The client computer must run Windows 7, but the guest OS on the virtual machine can run Windows XP SP3, Windows Vista (with SP1 and above) or Windows 7. For a guest OS running Windows XP SP3, an update is required; for a guest OS running Windows Vista SP1 or above, another update is needed.

• So, how can an administrator deploy this?

There are two ways in which RemoteApp for Hyper-V can be deployed. The first way is the stand-alone scenario, in which all the administrator needs to do is set up a Hyper-V server with virtual machines running a client OS (for example, Windows XP SP3). The administrator would then set up the application and create RDP files that launch this application. A user can connect to the application via a simple Remote Desktop connection using the RDP file.

Here’s how this setup would look:

While this is a simple setup that an administrator can use to pilot the RemoteApp for Hyper-V, it offers no extra efficiency or ability to load balance. One serious drawback of this method is that since only one user can connect to an application at a time, one user connecting to multiple virtual machines effectively blocks out other users.

To get around this problem, the recommended way to install RemoteApp for Hyper-V is over a complete VDI farm or personal virtual desktop setup, including setting up the RD Connection Broker role. An administrator would still need to perform the same manual steps of setting up the application and creating an RDP file, but there are significant advantages to going through the RD Connection Broker. An obvious one is load balancing. In addition, there is increased efficiency, simply because when a user is connected to a virtual machine, all applications launched by that user are redirected to the same virtual machine. Only one user can connect to applications running on a particular virtual machine at a time.

One single user cannot block out an entire farm by holding onto different virtual machines on it at the same time. Until a user’s virtual machine is terminated, redirection is always to the same VM. RD Connection Broker ensures that a user connected to a VM stays connected until logged out.

Here’s how the second setup scenario described above would look (running from a Windows XP SP3 farm, for instance):

Hosting applications in a farm of virtual machines running Windows XP SP3 is a simple way to give multiple people on the domain access to the applications. There is no security filtering for applications on a virtual machine farm. All domain users who have access to the farm will have access to the applications.

If an administrator wants to give only a specific user access to an application, the application should be hosted on a personal desktop. In all cases–farms or personal desktops–an administrator only needs to create an RDP file and hand it over to a user, either via a network share or email.

RemoteApp for Hyper-V is a basic but powerful platform capability which was designed with advanced administrators in mind who are willing to do the manual configuration steps to enable an environment that includes remote access to VM-hosted applications. It serves also as an extensibility point for our RDS partner ecosystem who may want to take advantage of this infrastructure capability and provide additional value-add to RDS customers by streamlining the configuration and expanding the usability and manageability of it. For example, with additional code, it is possible to integrate the RDP files with Remote Desktop Web Access.

Related links:

Update package for Windows XP SP3:

http://www.microsoft.com/downloads/details.aspx?FamilyID=2f376f53-83cf-4e5b-9515-2cb70662a81b&displaylang=en

Update package for Windows Vista SP1 or above:

http://www.microsoft.com/downloads/details.aspx?familyid=097B7478-3150-4D0D-A85A-6451F32C459C&displaylang=en

With Windows Server 2008 R2, Microsoft supports two VDI deployment scenarios: virtual desktop pools and personal virtual desktops. The two scenarios present two different models of assigning virtual machines to end users: shared and dedicated. This post describes personal virtual desktops.

What is a personal virtual desktop? – A personal virtual desktop is a virtual machine hosted on a Remote Desktop Virtualization Host (RD Virtualization Host) server and assigned to a user. Unlike a virtual desktop pool, where a virtual machine can be configured to rollback the changes when a user logs off, a personal virtual desktop retains all changes made by the user.

How do you assign a personal virtual desktop? – The Remote Desktop Connection Broker Manager (RD Connection Broker Manager) can be used to assign an unassigned virtual machine to a user. The assignment is stored in Active Directory. The assignment stays intact even after the user logs off from his or her assigned personal virtual desktop. An administrator can reassign a personal virtual desktop or make changes to the assignment through RD Connection Broker Manager.

How do you access and log off from a personal virtual desktop? - Users can access their assigned personal virtual desktops through RemoteApp and Desktop Connections or RD Web Access. When a user clicks on the personal virtual desktop icon, Microsoft VDI solution prepares a pre-assigned virtual machine for a remote RDP connection. Whether the user has logged off or has a disconnected session he is assigned the same virtual machine each time.

Can a personal virtual desktop be made part of a virtual desktop pool? – No. It is a misconfiguration to add a virtual machine designated as a personal virtual desktop to a virtual desktop pool if the goal is to allow only the assigned user to access that virtual machine. When the designated user makes a connection to his personal virtual desktop which is now part of a virtual desktop pool, the connection will fail and a type mismatch event will be logged.

What is the cost of ownership of personal virtual desktops compared to virtual desktop pools? - Since there is a one-to-one mapping between a virtual machine and a user in the personal virtual desktop scenario, the initial cost and overall cost of ownership of a personal virtual desktop is higher than in the virtual desktop pool scenario in which virtual machines are shared between users.

How many personal virtual desktops can be assigned per user? – One. ISVs can extend the inbox solution and provide users access to more than one personal virtual desktop. Refer to: http://msdn.microsoft.com/en-us/library/dd401684(VS.85).aspx

Can the same Hyper-V server be used to deploy personal virtual desktops and virtual machines from virtual desktop pools? – Yes. It is not required to have personal virtual desktops isolated from virtual desktop pools.

For details on how to set up personal virtual desktops, refer to:

There are a number of ways in which an administrator can publish RemoteApp programs and virtual desktops in Windows Server 2008 R2. The following contains a brief, high-level overview of the publishing options you have, depending on the size of your deployment.

Very small deployment, single Remote Desktop Session Host (RD Session Host) server/farm:

If your deployment requirements are:

• Publish only RemoteApp programs from a single RD Session Host server or single RD Session Host server farm
• Don’t publish personal virtual desktops or virtual desktop pools

In this scenario, you can publish RemoteApp programs and remote desktops in the same way you published them in Windows Server 2008.

On the Remote Desktop Web Access (RD Web Access) Configuration tab:

· Select the “One or more RemoteApp sources” option.

· In the Source name box, type the RD Session Host server name (or if you have a server farm, type the RD Session Host farm name).

Medium deployment, multiple servers:

If your deployment requirements are:

• Publish only RemoteApp programs from multiple RD Session Host servers.
• Don’t publish personal virtual desktops or virtual desktop pools.

This is a new feature in Windows Server 2008 R2, wherein you can specify multiple RD Session Host servers delimited by semicolons in the Source name field.

On the RD Web Access Configuration tab:

• Select the “One or more RemoteApp sources” option.
• In the Source name box, type the RD Session Host server names delimited by semicolons.

Large deployment, multiple servers and VDI:

If your deployment requirements are:

• Publish RemoteApp programs from multiple RD Session Host servers
• Publish personal virtual desktops for specific users
• Publish virtual desktop pools

This is a new feature in Windows Server 2008 R2, wherein you can point the RD Web Access server to a Remote Desktop Connection Broker (which has the Centralized Publishing service running as part of it), which in turn aggregates the published RemoteApp programs from multiple RD Session Host servers, the assigned personal virtual desktop for the user request from AD, and the published virtual machine farms.

On the RD Web Access Configuration tab:

• Select the “An RD Connection Broker server” option.
• In the Source name box, type the RD Connection Broker server name.

For the detailed steps on deploying personal virtual desktops by using Remote Desktop Web Access, please refer to the step-by-step guide here.