1. VDI-in-a-Box!Microsoft Desktop Virtualization for Smaller
Scenarios and Businesses
Greg Shields
Senior Partner & Principal Technologist
www.ConcentratedTech.com
2. This slide deck was used in one of our many conference
presentations. We hope you enjoy it, and invite you to use it
within your own organization however you like.
For more information on our company, including information on
private classes and upcoming conference appearances, please visit
our Web site, www.ConcentratedTech.com.
For links to newly-posted decks, follow us on
Twitter:@concentrateddon or @concentratdgreg
This work is copyright Concentrated Technology, LLC
3. ITs Mission Statement,Compliments ofWellMe.
It is the core mission of IT to create, manage, and ensure the
secured access to business applications and data.
Greg Shields,
TechNet Magazine,
February, 2010
4. Fulfilling that Mission
We IT Pros troubleshoot desktops.We IT Pros fix printers.We IT Pros
install software.We IT Pros keep the network running.
But above all else, our job is to create and manage that secured
access to our business applications and data.
Without it, our business cannot operate.
Without it, we have no job.
5. DISCUSS: How Do We Do That?
What mechanisms are available today to deliver applications and
data to users?
6. IT 2.0:Delivering Applications and Data
What mechanisms are available today to deliver applications and
data to users?
Local desktops & laptops
File servers and shares
App-V
Remote Desktop Services
Virtualized RDS
RemoteApp for Hyper-V
XP Mode / MED-V / Client Virtualization
VDI, Pooled Virtual Desktops
VDI, Personal Virtual Desktops
Increasing Complexity
Increasing Management Burden
Increasing Overhead Cost
7. Lightweight to HEAVYweight Spectrum
Local desktops & laptops
File servers and shares
Remote Desktop Services
App-V
Virtualized RDS
RemoteApp for Hyper-V
XP Mode / MED-V / Client Virtualization
VDI, Pooled Virtual Desktops
VDI, Personal Virtual Desktops
Lightweight
HEAVYweight
8. Putting the pieces together
Architecting a VDI Infrastructure
9.
10.
11.
12.
13.
14.
15.
16.
17.
18. SOLUTION: Right-size Application Delivery to User
Needs
ITs 2.0 approach concerns itself as much with how the app is
delivered as the app itself.
Direct Installation
Streamed Installation
RDS session hosting
VDI
VDI can be an excellent solution forapps that dont work atop
XP/2008!
19. SOLUTION: Right-size Application Delivery to User
Needs
For small scenarios and needs, VDI-in-a-Box aggregates Microsofts
VDI functions onto a single server.
With RemoteApp for Hyper-V, users neednt know theyre on a hosted
desktop.
RDS
Conn. Broker
Hyper-V
Web Access
20. Building a VDI-in-a-box
Extended Demo
21. Step 1: Install Components
Install RDS Role Services to Server
RD Session Host
RD Virtualization Host (adds Hyper-V)
RD Connection Broker
RD Web Access (adds IIS)
RD Licensing*
22. Step 2: Generate & Install Certs
Remote Desktop Connection Manager
Virtual Desktops: Resources & Configuration
Digital Signature
Sign with Digital Certificate
This will install a self-signed certificate.
The usual caveats about using self-signed certificates apply
here.
23. Step 3: Spoof the Trust on this Cert
Use Group Policy
Computer Configuration | Policies | Admin Templates | Windows
Components | RDS | Remote Desktop Connection Client
Specify SHA1 thumbprints of certificates representing trusted .rdp
publishers.
Enter the certificate thumbprint.
Doing this forces RDS to trust your self-signed
certificate.
24. Step 4: Create and ConfigureVirtual Machines
Install Windows 7 or Windows XP machines.
Install Integration Services (if necessary).
Enable Remote Desktop.
Configure the Remote Desktop Users Group.
Enable Remote RPC for RDS
HKLMSystemCurrentControlSetControlTerminalServer; AllowRemoteRPC =
1
Enable Firewall Exceptions
Remote Desktop Services
Remote Service Management
25. Step 4: Create and ConfigureVirtual Machines
Add RDP Protocol Permissions.
wmic/node:localhost RDPERMISSIONS whereTerminalName="RDP-Tcp" CALL
AddAccount "contosordvh-srv$",1
wmic/node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or
TerminalName='Console') and AccountName='contosordvh-srv$'" CALL
ModifyPermissions 0,1
wmic/node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or
TerminalName='Console') and AccountName='contosordvh-srv$'" CALL
ModifyPermissions 2,1
wmic/node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or
TerminalName='Console') and AccountName='contosordvh-srv$'" CALL
ModifyPermissions 9,1
net stop termservice
net start termservice
26. Step 4: Create and ConfigureVirtual Machines
Add the RD Virtualization Hosts Computer Account to the VMs
Administrators Group.
Reboot.
Enable Snapshot Rollback.
Right-click the VM and choose Snapshot.
Rename the Snapshot to RDV_Rollback.
27. Step 5: Configure RD Web Access
Add the Servers computer account to the local TS Web Access
Computers group.
Configure RD Web Access to Point toRD Connection Broker.
28. Step 5: Configure the Desktop Pool
Back in RD Connection Manager, start the Configure Virtual Desktops
wizard.
Add the server as an RD Virtualization Host.
Add the server as an RD Session Host.
Clear the Assign personal virtual desktop box.
Create a Virtual Desktop Pool.
Add the virtual desktops you just created.
Supply Display Name and Pool ID.
29. Step 6: Start Your Virtual Desktop!
Navigate to https://server/rdweb.
Double-click on the Desktop Pool you just created.
Voila!
30. Desktops to RemoteApps
Yet, there are problems with deploying desktops.
Double-desktops to manage.
Double-desktops to secure and update.
Retaining an old OS past its lifetime.
Deploying a HEAVYweight solution to fix a lightweight
problem.
31. Desktops to RemoteApps
Yet, there are problems with deploying desktops.
Double-desktops to manage.
Double-desktops to secure and update.
Retaining an old OS past its lifetime.
Deploying a HEAVYweight solution to fix a lightweight
problem.
In the end, you just have a few applications that need a different
delivery mechanism.
BETTER SOLUTION: RemoteApp for Hyper-V!
32. RemoteApp for Hyper-V
Yet, there are problems with deploying desktops.
Double-desktops to manage.
Double-desktops to secure and update.
Retaining an old OS past its lifetime.
Deploying a HEAVYweight solution to fix a lightweight
problem.
33. VDI: How Users Connect
With traditional VDI, users connect to a provisioned desktop that
resides in a pool.
34. RAFH-V: How Users Connect
With RemoteApp for Hyper-V, users instead connect seamlessly to an
application on a pooled desktop.
35. RAFH-V: Provisioning Applications
Using RemoteApp for Hyper-V, problem applications can be delivered
to users directly.
Hosted atop a pooled desktop.
Maintains the VDI architecture, installs problem applications away
from user desktops.
Remotable across any network connection supported by RDP.
User experience improved greatly by SP1.
36. RAFH-V: Provisioning Applications
Using RemoteApp for Hyper-V, problem applications can be delivered
to users directly.
Hosted atop a pooled desktop.
Maintains the VDI architecture, installs problem applications away
from user desktops.
Remotable across any network connection supported by RDP.
User experience improved greatly by SP1.
One major limitation: No support (currently) for RD Gateway or
RemoteApp and Desktop Connection.
I am currently researching why this limitation exists.
37. Remoteapp for Hyper-V
Extended Demo
38. Step 7: RemoteApp for Hyper-V
Open the Remote Desktop Client.
Create a new connection, as if it were a direct connection.
Save the RDP file and manually add
Remoteappapplicationmode:i:1
Alternate shell:s:rdpinit.exe
RemoteApplicationName:s:{appName}
RemoteApplicationProgram:s:{appProgram}
DisableAppCapsCheck:i:1
Prompt for Credentials on Client:i:1
Loadbalanceinfo:s:tsv://vmresource.1.{poolID}
39. Step 7: RemoteApp for Hyper-V
Finally provision RDP file to users.
Group Policy Preferences
Systems Management Solution
40. Lightweight to HEAVYweight Spectrum
Local desktops & laptops
File servers and shares
Remote Desktop Services
App-V
Virtualized RDS
RemoteApp for Hyper-V
XP Mode / MED-V / Client Virtualization
VDI, Pooled Virtual Desktops
VDI, Personal Virtual Desktops
Lightweight
HEAVYweight
41. Your Feedback is Important
Please fill out a session evaluation form drop it off at the
conference registration desk.
Thank you!
42. This slide deck was used in one of our many conference
presentations. We hope you enjoy it, and invite you to use it
within your own organization however you like.
For more information on our company, including information on
private classes and upcoming conference appearances, please visit
our Web site, www.ConcentratedTech.com.
For links to newly-posted decks, follow us on
Twitter:@concentrateddon or @concentratdgreg
This work is copyright Concentrated Technology, LLC