… to Provide VDI, Session, and Application Centralised Publishing
Speaker: Alex Balcanuqall, Senior Product Planner, Microsoft
We’re talking about VDI (Windows desktop virtualisation in the data centre), Terminal Services and application (TermSvcs and App-V) publishing to the end user via a man in the middle broker in W2008 R2. Hyper-V is used in some of this (VDI). VMM and SCCM used to manage VDI.
Remote Desktop Services VS Virtual Desktop Infrastructure
- Tech Maturity: RDS Proven, VDI emerging.
- Scalability: RDS gets more users per server.
- Isolation/Security: VDI isolates the user, 1 OS per user and users _can_ run as admin. Opposite for RDS.
- Remote User Experience: Protocol (RDP in MS) dependent
- User flexibility: User is non-admin in RDS
- Application Compatibility: RDS is a server OS and requires TermScvs compatibility. VDI is a desktop OS.
RD Virtualisation Host
- Windows Server manages VM’s
- Install the Remote Desktop Virtualisation Host Role services
- Receives commands from the Connection Broker to start VM’s
- Collects information on VM’s and sends to Connection Broker (session information and VM-state (ie. is it running or hibernated)).
User requests VM on client –> Broker determines rights –> Broker initiates VM –> host starts up VM –> Broker redirects RDP session to VM (a direct RDP connection now)
The redirection uses the RDP 5.2 redirect packet so it’s very backwards compatible.
RDP Broker
- Connection Broker: what the client connects to initially
- Publishing service: aggregates VDI VM’s, RDS session servers or published applications
- Redirector: Most common mistake in setup is not setting this up in addition to the connection broker
- Connection broker and redirector can be separate
TS Web Access talk to Centralised Publish Service on TCP 5504
Redirector
It’s a session host in “drain”/dedicated redirector mode. It forwards RDP sessions to the connection borker and retuns the list of IP addresses received from the broker. Users never TS into it.
Certificates
Must be done right to keep single sign-on and to have no error popups for users.
You can use a single trusted SSL cert for all components.
Prepare VDI host
- Install Hyper-V
- Install Remote Desktop Virtualisation Host role
Sizing?
It depends:
- applications
- data used
- demand cycle of users
- depends on OS
And thing about CPU and memory requirements. Only way to know for sure is to do a pilot with real users and real applications in real usage over a period.
Prepare Client OS VM’s
- Supports XP SP3, Vista and Windows 7
- Install the Hyper-V IC’s
- Enable RDP services (GPO)
- Add users to the groups (GPO)
- Enable Remote RPC (TermSvcs GPO)
- Open firewall for RDP and Remote Service Management
- Modify RDP Listener Permissions (manual or script). This can only be done after a domain join. Possibly a start up script is the way to go here.
- There’s a script from MS for this but the URL on the screen is way too long to copy (must never have heard of Tinyurl)
Configure the Connection Broker and Redirector
- Broker: Is the RD Server Role
- Redirector: Is RD session host
When you install Remote Desktop Service Role the server is automatically put in “drain” mode so users cannot log into this server.
Unfortunately, we now get a very confusing and unrehearsed demonstration. I’m lost. It appears to me that the presenter is here because he is a manager, not a knowledgeable techie.
I can’t keep up with note taking in this session. Sorry; it’s all a bit of a mess.
Pooled VDI VM’s
Often people start with this and switch to dedicated per user VM’s. Problems: when to patch them. S/W deployment – do you really want to install/stream non-standard s/w to a VM every time a user logs in? Probably not.
There was some slides on tips’n’tricks and common mistakes. He rushed through it after spending too much time troubleshooting his demo lab. Disappointing session.