Vison And Upcoming Innovations for Microsoft Remote Desktop Services

Speakers:

  • Scott Manchester, Principal Group Program Manager
  • Joydeep Mukherjee, Senior Product Marketing Manager
  • David Belanger, Senior Program Manager
  • Guest speaker: Sridhar Mullapudi, VP of Product Management, Citrix

Joydeep starts off.

At the last Ignite, Microsoft committed to making RDS the virtual workspace platform of choice. In WS2016, they added performance, scale, and optimization for the cloud. They considered all of this to be “platform capabilities”.

Future Innovations Overview

  • Increasing security, by leveraging things like signals from the security graph, MFA.
  • More cloud ready, a second level of cloud enablement on Azure.
  • Windows Apps everywhere

Scott takes over.

More Secure

Secure authentication powered by Intelligent Security Graph:

  • Azure AD integration
  • Single sign on, MFA
  • Conditional access

Secure environment powered by modern infrastructure:

  • Each tenant in its own sandboxed environment
  • Isolation of infra roles from desktop and app hosts
  • No inbound IP ports – more on this later in the session.

Demo

They’ve been adding AAD integration into the RDS clients. An “enlightened app” is shown, and he’s subscribes to a feed. He signs in, and the normal AAD MFA process kicks in. The RemoteApp client loads and shows the published apps (and published desktop) from the feed.

This will go live next year, and maybe this AAD functionality will be in all clients by then.

Environment

Normally, gateway, web access are domain joined and public facing. In the same network as connection broker, license server, RDVH and session hosts.

Going forward with Modern Infrastructure, the RDVH goes away, merged into the broker. A new diagnostics role is added. So, gateway, web access, diagnostics, connection broker and license server are non-domain machines. In an isolated VNet, the domain joined appllication and desktop hosts are joined to Azure AD.

Multi-tenancy is native to this design. The non-domain stuff has no domain join so it’s multi-tenant. The session/app hosts are domain joined so they are per-tenant.

IP-wise, 443 is required to the gateway, but the hosts are not public facing.

More Cloud Ready

Deploy gateway, connection broker, web server, licensing server as Azure App Services roles – PaaS reduces costs and maintenance. The legacy method will still be supported for on-prem deployments. App and desktop hosts are VMs which integrate with this PaaS deployment via a package. FYI, you can deploy the PaaS stuff in Azure, and do your VM hosts in Azure or on-prem (hybrid RDS deployment).

WIN_20170926_09_18_07_Pro

Demo

He opens the Azure Portal. There are no VMs in the Azure deployment. The infrastructure roles run in App Services. Key Vault is being used to store certificates. The broker DB is using Azure SQL. PaaS is possible because every role is stateless, other than the DB. Scaling out is easy: it’s web apps! You just use the scale out feature of web apps to add instances to the app service plan. You can also using auto-scaling to do it based on demand (rules monitoring CPU usage for scale out and scale in). If you don’t know this stuff, it’s very easy to set up scaling.

A company called PeopleTech (sounded like that) has built a UI for managing RDS Modern Infrastructure (RDMI). Apparently it’s similar to what RDS in Project Honolulu will look like.

Sridhar from Citrix

Honestly, this isn’t a big deal for me because none of my customers use Citrix, and Citrix’s “Azure” products only work in Enterprise Agreements. This is a marketing pitch so there’s no notes here other than support for Windows 10 S.

Back to MS with David.

Demo

An MS-owned RDS client for Mac is in public preview. It looks nice. Admins can group desktops logically for easy click-and-login. There’s thumbnails for identifying the desktops. There are options to disable thumbnails (privacy) and for list view (scale). It will support AAD with RDMI. Applications can be in folders. The Mac OS has some limitations – running published apps don’t get their own native icons in the task bar like they do on Windows, but MS will work around that, including app switching.

Next up is the Windows App for the RDP client. A lot of future improvement here are focused on admin usage (needed if it’s ever going to replace MSTSC.EXE). Indicator to see which desktops are connected. Multiple simultaneous connections is supported. You can easily switch desktops and go “home”. A coming feature in the app is to put the desktops into different windows. There will be an option in settings to open each connection as a new window. RDP files  can be associated with the App and open the desktop in a new window. For high DPI devices, you will be able to control the resolution and/or scaling of the display. You’ll also be able to choose to stretch the content but keep the aspect ratio, or stretch the content only. When you create groups, you can move connections between the groups.

Right now, almost all of this is available now, except multi-window support.

Next up is the new HTML5 web client. This will support RDMI and classic WS2016 deployments. In the demo, you can see the UI is refreshed and modern. It kind of runs similarly to the Windows Store remote desktop app. When connected, the session is in the browser. When you go full screen, an RDP bar is pinned at the top by default, but you can un-pin it to give more space to the app/desktop.

Ignite 2016 – Extend the Microsoft RDS platform in Azure through Citrix solutions

This post is my set of notes from the session that shows us how Citrix are extending Azure functionality, including the 1st public demo of Citrix Express, which will replace Azure RemoteApp in 2017.

The speakers are:

  • Scott Manchester (main presenter), Principal Group Program Manager, Microsoft
  • Jitendra Deshpande, Citrix
  • Kireeti Valicherla, Citrix

RDS

A MSFT-only solution with multiple goals:

image

Two on-prem solutions:

  • Session-based computing
  • VDI

In the cloud:

  • Session-based computing: RDS in VMs or the deprecated Azure RemoteApp
  • VDI “on Windows 10” … Manchester alludes to some licensing change to allow Enterprise edition of the desktop to be used in cloud-based VDI, which is not possible in any way with a desktop OS right now (plenty do it, breaking licensing rules, and some “do it” using a Server OS with GUI).

RDS Improvements in WS2016

  • Increased performance
  • Enhanced scale in the broker
  • Optimized for the cloud – make it easier to deploy it – some is Azure, some RDS, some licensing.

Azure N-Series

There are a set of VMs that are ideal for graphics intensive RDS/Citrix workloads. They use physical NVIDIA GPUs that are presented to the VM directly using Hyper-V DDA (as in WS2016 Hyper-V).

I skip some of the other stuff that is covered in other sessions.

Citrix

Kiritee from Citrix XenApp/XenDesktop takes the stage. He’s focused on XenApp Express, a new from-Azure service that will be out in 2017.

XenApp 7.11 has Day 1 support for WS2016:

  • Host WS2016 workloads
  • Host XenApp and XenDesktop infrastructure
  • Workload provisioning on ARM
  • Deliver new universal apps to any device
  • Accelerate app migration with AppDNA

XenApp/XenDesktop For N-Series VMs

HDX can be used with N-Series Azure VMs. This includes graphics professionals and designers on “single user Windows 10 CBB VMs” with multi-monitor NVENC H.264 hardware encoding.

Options for Azure Migration

Jitendra of Citrix takes over. He works on XenApp cloud and XenApp Express.

image

You can extend workloads to Azure, host workloads in Azure, or  run on a Citrix-managed service in Azure. In the latter, the management is in Citrix, and your workload runs in Azure. Citrix seamlessly update the management pieces and you just use them without doing upgrades.

These are the Citrix/Azure offerings today and in the future:

image

Back to Kireeti.

Next Generation Service for Remoting Apps

XenApp Express, out of the Azure Marketplace, will be the successor to Azure RemoteApp.

image

Citrix Cloud will provide the management – it’s actually hosted on Azure. You bring your own Windows Server Images into XenApp Express, much like we do with Azure RemoteApp – it an image with the apps pre-installed.

Bad news: The customer must have RDS CALs with Software Assurance (Volume Licensing, and yes, SA is required for cloud usage) or RDS SALs (SPLA). The cost of Azure Remote included the monthly cost of RDS licensing.

The VMs that are deployed are run in your Azure subscription and consume credit/billing there.

Management is done via another portal in Citrix Cloud. Yes, you’ll need to use Azure Portal and the Citrix Cloud portal.

image

Here is the release timeline. A technical preview will be some time in Q4 of this year.

image

Next up, a demo, by Jitendra (I think – we cannot see the presenters in the video). The demo is with a dev build, which will likely change before the tech preview is launched.

  1. You “buy” Citrix XenApp Express in the Azure Marketplace – this limits transactions to certain kinds of subscriptions, e.g. EA but not CSP.
  2. You start by creating an App Collection – similar to Azure RemoteApp. You can make it domain-joined or not-domain joined. A domain should be available from your Azure VNet.
  3. Add your Azure subscription details – subscription, resource group (region), VNET, subnet.
  4. Enter your domain join details – very similar to Azure RemoteApp – domain, OU, computer account domain-join account name/password.
  5. You can use a Citrix image or upload your own image. Here you also select a VM series/size, configure power settings, etc, to control performance/scale/pricing.
  6. You can set your expected max number of simultaneous users.
  7. The end of the wizard shows an estimated cost calculator for your Azure subscription.
  8. You click Start Deployment
  9. Citrix reaches into your subscription and creates the VMs.
  10. Afterwards, you’ll need to publish apps in your app collection.
  11. Then you assign users from your domain – no mention if this is from a DC or from Azure AD.
  12. The user uses Citrix Receiver or the HTML 5 client to sign into the app collection and use the published apps.

The Best Way To Deliver Windows 10 Desktop From The Cloud

Cloud-based VDI using a desktop OS – not allowed up to now under Windows desktop OS (DESKTOP OS) licensing.

There are “new licensing changes” to move Windows 10 workloads to Azure. Citrix XenDesktop will be based on this.

image

  • XenDesktop for Windows 10 on Azure is managed from Citrix Cloud (as above). You manage and provision the service from here, managing what is hosted in Azure.
  • Windows 10 Enterprise CBB licensing is brought by the customer. The customer’s Azure subscription hosts the VDI VMs and your credit is consumed or you pay the Azure bill. They say it must be EA/SA, but that’s unclear. Is that EA with SA only? Can an Open customer with SA do this? Can a customer getting the Windows 10 E3 license via CSP do this? We do not know.

Timeline – GA in Q4 of this year:

image

Next up, a demo.

  1. They are logged into Citrix Cloud, which is first purchased via the Azure Marketplace – limited to a small set of Azure subscriptions, e.g. EA but not CSP at the moment.
  2. A hosting connection to an Azure subscription is set up already.
  3. They create a “machine catalog” – a bunch of machines.
  4. The wizard allows you to only do a desktop OS (this is a Windows 10 service). The wizard allows pooled/dedicated VMs, and you can configure how user changes are saved (local disk, virtual disk, discarded). You then select the VHD master image, which you supply to Citrix. You can use Standard (HDD) or Premium (SSD) storage in Azure for storing the VM. And then you select the quantity of VMs to create and the series/size (from Azure) to use – this will include the N-Series VMs when they are available. There’s more – like VM networking & domain join that you can do (they don’t show this).
  5. He signs into a Windows 10 Azure VM from a Mac, brokered by Citrix Cloud.

That’s all folks!

Microsoft News Summary – 8 September 2014

It’s been 5 days since my last of these updates – events, meetings and travel take their toll!

Below you will see an announcement on how to deploy DPM in Azure to backup stuff from within Azure VMs (not a host level backup). Please note that this is licensed using on-premises SysCtr SML licenses and cloud management licensing is not the same as on-premises licensing. A SysCtr Datacenter SML covers 8 VMs in the cloud, so you might need lots more SysCtr licensing to manage Azure.

Microsoft has also launched a Migration Accelerator for Azure based on the InMage acquisition. Right now, the preview is limited to the USA. That’s pretty dumb; anyone who knows MSFT virtualization knows that Europe is the place to be.

Oh – the MSFT versus FBI Irish data centre case rumbles on. It’s clear that the motivations of the US government were not speed (the Irish government would have been quick to help) but are more along the lines of “Mine! MINE! MINE!!!! MY PRECIOUSSSSS!”.

Windows Server

SCVMM

Azure

Office 365

Hardware

Legal

Upcoming Events I’m Speaking At

Here’s some of the events I’m either attending and presenting at.  I’d recommend attending these event is you can, despite me being there Smile

E2E London 2011

Once again, experts in all kinds of virtualisation technologies will be gathering to share their knowledge at this super-economic mini-conference. I’ll be talking Hyper-V as usual with a 45 minute and a 900 seconds session. Some other MVPs and Microsoft virtualisation experts from around Europe will be there presenting. And as usual, there will be lots of Citrix, VMware and common virtualisation technology sessions.

I’ll be doing two presentations. One will be a brain dump on what’s coming in Windows Server 8 Hyper-V. I say "brain dump" because this topic could do with an entire day and not just a session. My second session will be on the subject of CSV design and backup.

Hyper-V Community Event Amsterdam

Lots of Hyper-V and System Center people will be speaking at this event run by the Hyper-V.nu crew in the Netherlands. Speakers include me, Hans Vredevoort, Ronald Beekelaar, Jaap Wesselius, Peter Noorderijk, Maarten Wijsman and Robert Bakker. Hopefully the place won’t blow up cos that’s a lot of the Hyper-V online community right there!

I’ll be talking about the new networking features of Windows Server 8 Hyper-V.

VMM 2012 System Requirements

The official TechNet content is a bit scattered about so I through I’d reorganise it and consolidate to make stuff easier to find.  The software requirements of Virtual Machine Manager (VMM/SCVMM) 2012 are easy:

  • Windows Server 2008 R2 Standard, Enterprise or Datacenter with SP1
  • Windows Remote Management (WinRM) 2.0 – a part of W2008 R2
  • .NET 3.5 with SP1 (a feature in W2008 R2)
  • WAIK  for Windows 7

There’s a significant change for the database.  SQL Express is no longer supported.  You will need to migrate the VMM database to one of the supported versions/editions:

  • SQL Server 2008 R2 Enterprise/Standard x86/x64 (no news of support for the recent SP1 yet)
  • SQL Server 2008 Enterprise/Standard x86/x64 with Service Pack 2

Here’s the system requirements for VMM 2012:

Manage Up To 150 Hosts

Let’s be honest; how many of us really have anything close to 150 hosts to manage with VMM?  Hell; how many of us have 15 hosts to manage?  Anyway, here’s the system requirements and basic architecture for this scale of deployment.

image

You can run all of the VMM roles on a single server with the following hardware configuration:

Component Minimum Recommended
CPU Pentium 4, 2 GHz (x64)

Dual-Processor, Dual-Core, 2.8 GHz (x64) or greater

Memory

2 GB

4 GB
Disk space (no local DB)

2 GB

40 GB
Disk Space (local DB) 80 GB 150 GB

Although you can run all the components on a single server, you may want to split them out onto different servers if you need VMM role fault tolerance.  You’re looking at something like this if that’s what you want to do:

image

A dedicated SQL server will require:

Component Minimum Recommended
CPU Pentium 4, 2.8 GHz (x64)

Dual-Processor, Dual-Core, 2 GHz (x64) or greater

Memory

2 GB

4 GB
Disk space (no local DB)

80 GB

150 GB

A dedicated library server will require:

Component Minimum Recommended
CPU Pentium 4, 2.8 GHz (x64)

Dual-Processor, Dual-Core, 3.2 GHz (x64) or greater

Memory

2 GB

2 GB
Disk space (no local DB)

Depends on what you store in it

Depends on what you store in it

A dedicated Self-Service Portal server will require:

Component Minimum Recommended
CPU Pentium 4, 2.8 GHz (x64)

Dual-Processor, Dual-Core, 2.8 GHz (x64) or greater

Memory

2 GB

2 GB
Disk space (no local DB)

512 MB

20 GB

If all you want is hardware fault tolerance for VMM then the simple solution is to run VMM in a highly available virtual machine.  I don’t like System Center being a part of a general production Hyper-V cluster.  That’s because you create a chicken/egg situation with fault monitoring/responding.  If you want to virtualise System Center then consider setting up a dedicated host or cluster for the VMM, OpsMgr, ConfigMgr VMs.  DPM is realistically going to remain physical because of disk requirements.

Manage More Than 150 Hosts

It is recommended that you:

  • Not use VMM server to host your library.  Set the library up on a dedicated server/cluster.
  • Install SQL Server on a dedicated server/cluster.

The VMM server requirements are:

Component Minimum Recommended
CPU Pentium 4, 2.8 GHz (x64)

Dual-Processor, Dual-Core, 3.6 GHz (x64) or greater

Memory

4 GB

8 GB
Disk space (no local DB)

10 GB

50 GB

The database server requirements are:

Component Minimum Recommended
CPU Pentium 4, 2 GHz (x64)

Dual-Processor, Dual-Core, 2.8 GHz (x64) or greater

Memory

4 GB

8 GB
Disk space (no local DB)

150 GB

200 GB

A dedicated library server will require:

Component Minimum Recommended
CPU Pentium 4, 2.8 GHz (x64)

Dual-Processor, Dual-Core, 3.2 GHz (x64) or greater

Memory

2 GB

2 GB
Disk space (no local DB)

Depends on what you store in it

Depends on what you store in it

A dedicated Self-Service Portal server will require:

Component Minimum Recommended
CPU Pentium 4, 2.8 GHz (x64)

Dual-Processor, Dual-Core, 3.2 GHz (x64) or greater

Memory

2 GB

8 GB
Disk space (no local DB)

10 GB

40 GB

VMM Console

The software requirements are:

  • Either Windows 7 with SP1 or Windows Server 2008 R2 with SP1
  • PowerShell 2.0 (included in the OS)
  • .NET 3.5 SP1 (installed by default in Windows 7 and a feature in W2008 R2 – VMM setup will enable it for you)

Managing up to 150 hosts will require:

Component Minimum Recommended
CPU Pentium 4, 550 MHz

Pentium 4, 1 GHz or more

Memory

512 MB

1 GB
Disk space (no local DB)

512 MB

2 GB

Managing over 150 hosts will require:

Component Minimum Recommended
CPU

Pentium 4, 1 GHz

Pentium 4, 2 GHz or more

Memory

1 GB

2 GB
Disk space (no local DB)

512 MB

4 GB

Managed Hosts

Supported Hyper-V hosts are below. 

Parent OS Edition Service Pack
Windows Server 2008 R2 (Full or Server Core)

Enterprise or Datacenter

Service Pack 1 or earlier

Hyper-V Server 2008 R2  
Windows Server 2008 (Full or Server Core)

Enterprise or Datacenter

Service Pack 1 or earlier

Please note that the following are not listed as supported:

  • Hyper-V Server 2008
  • Windows Server 2008 R2 Standard edition
  • Windows Server 2008 Standard edition

In the beta, Windows Server 2008 is not supported.

Supported VMware hosts are listed below.  They must be managed by vCenter Server 4.1.

  • ESXi 4.1
  • ESX 4.1
  • ESXi 3.5
  • ESX 3.5

There is no mention of vSphere/ESXi 5 at the moment.  That’s understandable – both VMM and the VMware v5 product set were being developed at the same time.  Maybe support for v5 will appear later.

Citrix XenServer 5.6 FP1 can also be managed as standalone hosts or as Resource Pools if you deploy the Microsoft SCVMM XenServer Integration Suite to your hosts.

Bare Metal Host Deployment

The requirements for being able to use VMM 2012 to deploy Hyper-V hosts to bare metal machines are:

Item Notes
Windows Server 2008 R2 Windows Deployment Services (WDS) PXE Server to boot the bare metal up on the network.  No other PXE service is supported.
Boot Management Controller (BMC)

This is a server management card:

  • Intelligent Platform Management Interface (IPMI) versions 1.5 or 2.0
  • Data Center Management Interface (DCMI) version 1.0
  • Hewlett-Packard Integrated Lights-Out (iLO) 2
  • System Management Architecture for Server Hardware (SMASH) version 1.0 over WS-Management (WS-Man)
VHD image A Windows Server 2008 R2 host OS captured as a generalized VHD image.  Have a look into WIM2VHD or maybe using a VM to create this.
Host Hardware Drivers NIC, Storage, etc.

Update Management

A dedicated WSUS root server, running WSUS 3.0 SP2.  It cannot be a downstream server because that is not supported.  There will be a lot of processed updates so this may require a dedicated server (possible a VM).  If you install WSUS on a VMM server cluster then you must install the WSUS Administrator Console on each node in that cluster.

PubForum – XenApp 6 Overview

This session is by Lait Kaushal from Citrix escalation in Dublin.  I’m totally out of touch with Citrix so I’m looking forward to this session.

This is normally a long 70 minute presentation but he only has 45 minutes.  The room has to be closed because this session is too popular.

XenApp6 is designed for Windows Server 2008 R2 application delivery.  Work on devices such as PC, Mac, Smartphone and netbook.  Android, iPhone 2.0 and Windows mobile supported.  So is Linux.  There is a plug-in for App-V.

HDX provides high quality real time media playing, e.g. CD quality audio.

AppCenter is built for W2008 R2.

XenApp provides session virtualization and application virtualization.  The former works with central servers or virtual machines.  Power and capacity management will power down and wake up servers that are not needed.  Thus you get power savings.  Physical machines require WOL.  Alternatively the servers can be virtualized – power up and power down the VM’s to save host resources.

There are advanced, enterprise and platinum versions, each with more features than the previous one.

Installation has been simplified greatly.  There is zero-config deployment, post-installation config and auto-config using GPO.  Pre-requisites are automatically installed (nice).

It includes the ability to do self-service application provisioning (the Dazzle feature).  The user goes to a website and subscribes to an application.  It can download and pre-cache apps.  Current support for Windows and Max.  Linux support on the way.

If you have apps that don’t support Terminal Services then you can run them from dedicated virtual machines and get the same effect.  That’s kind of a mix of VDI and application publishing.

XenApp provides three app delivery mechanisms:

  • Server hosted: Lowest TCO but requires bandwidth.
  • Locally running virtualized applications: Self service and offline execution.  More management.
  • VM hosted application publication: Centralized applications but requires more management.  Requires XenDesktop for the back end VDI infrastructure.

App-V packages can also be streamed by XenApp.

There’s a lot of common ground between MS and Citrix in the desktop delivery market.  ConfigMgr tramples all over Citrix’s toes, especially v.Next.

The licensing component will eventually be a virtual appliance, making it easier to manage and deploy.

“There is no backdoor to hack the license server if you forget the admin password”.  A delegate says that’s not true: there’s an XML file where you can delete the encrypted password string, thus setting it to blank.

Licensing has a WMI interface for reporting to OpsMgr.

HDX uses 90% less bandwidth to give CD audio quality.  Echo cancellation for VoIP.  WebCams are supported.  Tested wth MS OCS.  Plug’n’Play for USB devices is supported.  There is enhanced colour and multiple monitor support – basically, if Windows supports it – XenApp6 supports it.  Smart Card readers are supported. 

Technorati Tags: ,