Windows Server 2012 VDI (with a little Citrix)
Corey Hynes
Agenda/Outline• Lot of things to cover…• VDI in 2013, BYOD, COIT• What’s new in RDS• RDS Architecture/Deployment/High Availability• Personalizing the User Experience• Optimizing the User Experience• Licensing• Role of Citrix
Applications
Data
Operating
SystemHardware
Separating the desktop computing layersMicrosoft delivers a broad range of desktop virtualization offerings to address your unique business and IT challenges
• Folder Redirection• Roaming Profiles• User Experience Virtualization
(UE-V)• Profile disks• Application Virtualization (App-
V)• RemoteApp• Virtual Desktop Infrastructure• Remote Desktop Services
session-based desktops
Data & User Settings
Applications
Operating System
Embracing BYOD/COIT
FIREWALL
VirtualDesktop
Infrastructure (VDI)
Office 365
WINDOWS 8 ADVANCEMENTS• High fidelity RemoteFX experience
on LAN / WAN• Multi-touch support for modern
applications and devices• Support for local USB, Lync, etc.
BENEFITS• Secure, fast browsing• Rich user experience; • Touch enabled with
Windows 8 devices• Centralized
management of app & data (IT)
• Enhanced security and compliance (IT)
• Great choice of Windows-based devices
Hosted Applications(RemoteApp)
Powered by Remote Desktop Services (RDS)
The times, they are a changing…..
Your computer IS your tool for work
Your computer CONTAINS your tool for work
Circle of influence is shrinking….
From this….
…. To this
Well its really a square…..
Rich multimedia experiences
Benefits of Microsoft VDIRich experience everywhere
Best value for virtual desktops
Efficient management
True USB and multi-touch remoting
Consistently rich performance
Simplified wizard
In-box management console
Fairshare
Lower-cost storage
User disks
Intelligently patching
Windows Server 2012 RDS – What’s New? (For the admin)
Administration Experience• New Server Manager based tools• Most existing tools retired/removed• Some things can only be done via Group Policy now
• Central Admin Console• Expanded PowerShell• Expanded GPO Support• Change in Firewall rules• UDP and TCP
Low Cost Deployment• Leverage revised 2012 Storage• Storage Spaces• Clustering• SMB Storage• Teaming
• Automated management of pooled desktops• All components highly available• Patching
Low Cost Deployment 2/2• Scenario based configurations• In Server Manager
• Simplified Evaluation/Testing• Single Server (Quick Start) deployments
• Central Publishing• Simplified Interface
SMB, SANs, or direct attached local storage
Windows Server 2012 RDSArchitectural Components
High Availability
Database
Remote Desktop
Connection Broker
High availability for all RDS roles
Remote Desktop Web
Access
Remote Desktop Gateway
Remote Desktop Licensing
Remote Desktop Session Host
Remote Desktop Virtualization
Host
Remote Desktop Web
Access
Remote Desktop Gateway
Remote Desktop Gateway
Remote Desktop Virtualization
Host
Remote Desktop Virtualization
Host
Remote Desktop Session HostRemote Desktop
Session Host
Remote Desktop Licensing
Remote Desktop Licensing
Hyper-V cluster
Web farm
Cluster
Remote Desktop Session Host
farm
Remote Desktop
Connection Broker
SQL Server Clustering
Remote Desktop
Connection Broker
Remote Desktop
Connection Broker
•Active/active high availability mode for brokers
• Scale-out File Server and resiliency
•Requires Microsoft SQL Server
•Automatic data migration from single instance to high availability
New in Windows Server 2012
Remote Desktop Web
Access
Web farm
Configuring RD Connection Broker for high availability
Remote Desktop
Connection Broker
01
Remote Desktop
Connection Broker
02
Remote Desktop
Connection Broker
03
SQL Server Cluster
RD Virtualizatio
n Host
Hyper-V
cluster
Remote Desktop
Session Host
DNS
HA Central Certificate Store
RD Client
RD Gateway
RD Gateway
Farm
RD Session Host Farm
High Availability - RD Connection Broker configuration prerequisites• SQL Server (at least SQL Server 2008 R2) for connection broker servers to use
• SQL server configured with full permissions granted to connection broker servers
• Windows firewall on SQL server configured to “Allow SQL Server Access” from connection brokers
• Network folder to store SQL database files (can be created on SQL server computer)
• SQL client installed on connection brokers
• Static IP addresses configured on the connection broker servers.
• DNS “A” resource records for each of the static IP addresses that point to the same, shared name (enables DNS round robin)
HA Configuration Broker Configuration
• Starting point for enabling HA is to configure a single RD connection broker for either virtual machine or session-based deployment
• In Server Manager, configure RD connection broker for high availability
• Enter SQL connection string, database folder, and DNS round-robin name
HA RD connection broker results• Local connection broker data migrated to SQL and the connection
broker will start using SQL for data immediately• In Server Manager, the option to add additional connection broker
servers to is enabled• If the connection broker role service is not already added to server, it will be
added automatically
• RD connection brokers use SQL to store data• The RD virtual host, session host and Web access (end nodes) are
configured with all the RD connection broker server names• Will choose a connection broker name at random to connect to
• RDP clients use the DNS round-robin name• If any RD connection broker loses connection to SQL, all connected
end nodes immediately disconnected and will try to establish connection with other connection brokers
Deployment
Virtual desktop deployment choices
FIREWALL
1 platform • 1 experience • 3 deployment choices
Desktop Session
sCorporate Office
Branch Office
Library / Coffee house
Home
Powered by Windows Server 2012
Pooled VMs
Personal VMs
• The computer must be a member of a domain• The RD Connection Broker role service cannot be
installed on the same computer as Active Directory Domain Services
• Administrator must belong to the local administrators security group
• A network share configured for storing user profile disks is required• All RD Virtualization Host computer accounts must have
the ability to read and write to this location
Session Virtualization Requirements
• The server must have hardware-assisted virtualization• The computer must be domain-joined• The RD Connection Broker role service cannot be installed on the same computer
as Active Directory Domain Services• Administrator must belong to the local administrators security group• A network share configured for storing user profile disks is required• All RD Virtualization Host computer accounts must have the ability to read and
write to this location• VDI Quick Start• The virtual desktop template (a virtual hard disk)
• Must be generalized by using Sysprep (Virtual Machine Mode), and then shut down
• A virtual switch must NOT be created on the server running Hyper-V (the Quick Start deployment type creates one)
• VDI standard deployment• The virtual desktop template must
• Have the correct virtual switch selected• Be generalized using Sysprep (Virtual Machine Mode), and then shut down
VDI Infrastructure Requirements
Desktop virtualization (VDI) deployment modes• Desktop Virtualization (VDI)• Standard• Installs appropriate roles on separate computers
• Quick Start• Installs the RD Connection Broker and RD Web Access role
services on a single computer• Creates a pooled virtual desktop collection with two pooled virtual
desktops based on a virtual hard disk that’s the virtual desktop template
• Creates a Hyper-V network switch named RDS Virtual
1
2
3a
3b
a - VDIb - Session
Standard Deployment
a - VDIb - Session
4a5
4b6
Standard Deployment (cont.)
a - VDIb - Session
7b
7a
8
If compatibility check succeeds, deployment proceeds
Standard Deployment (cont.)
1
2
3a
3b
a - VDIb - Session
Quick Start Deployment
4a
4b
a - VDIb - Session
5a [Need screen shot
of virtual desktop template from a machine with hardware virtualization enabled]
Quick Start Deployment (cont.)
Preparing the Master or Gold VM (Virtual Desktop Template)• Configure a desktop virtual machine on the Hyper-V server
• Snapshots ARE supported for the template VM• The VDI creation process will use the currently active (“Now”) snapshot
• If static memory is configured, the minimum amount is 1024 MBs; if dynamic memory is configured, the maximum memory must be at least 1024 MBs
• If using the standard deployment model, the master VM must be connected to a virtual switch that can communicate with a domain controller• Note: Quick Start creates a virtual switch
• Install the operating system and any applications that need to be included in the template VM• OS must be at least Windows 7 with SP1 or Windows 8
• Installed in a workgroup• VMs are automatically joined to the domain specified in the VDI wizard
• Apply any patches or updates to the VM as required
• Make any other configuration changes as required• For example, you can create a customized default profile. Note that this would require you to use Sysprep and an
unattend.xml file with the CopyProfile setting set to TRUE in the specialize phase of Windows setup
• In this case, you must generalize the image and then run through Out-of-the-box experience (OOBE) set up again before the final preparation of the image
• In the virtual machine run the following command from Windows\System32\Sysprep directory:• Sysprep /oobe /generalize /mode: vm
Personalizing the UX
Choosing the Right VDI Architecture
Detail: Personal vs. Pooled VMs
• Created in Remote Desktop Services tool of Server Manager*
• 2 types of collections• Personal desktop
• Update with WSUS• Shared (“pooled”) desktop
• Update automatically using a VDI template
• Connect to a collection with Internet Explorerhttps://<FQDN of server>/RDWeb
*Session collections can also be created
Virtual Desktop Collections with User Profile Disks
Personalization with User Profile Disk• Benefits• Available with pooled virtual
machine collections and RDSH collections
• Stores all user settings and data
• Container for:• Roaming User Profile• Folder Redirection cache• User Environment
Virtualization• Roams with user within
collection• Appears as local disk,
improves app compatibility
User Profile Disk with pooled virtual
machine collections
User Profile Disk with RDSH collections
What should I deploy?• User profile disk with every
virtual machine pool and RDSH collection
• UEV to roam settings across collections
• FR to roam user data across collections
• FR to centralize user data backup
Optimizing the UX
Hardware and software GPUs
Rich multimedia
USB redirection
Multitouch
WAN acceleration
Single sign-on
Corporate LAN
RemoteFX over LAN or WANRemoteFX delivers a consistently rich user experience to users over
LAN or WAN(regardless of deployment model)
Internet or WAN
• Enables the delivery of a full Windows user experience to a range of client devices • Includes rich clients, thin clients,
and ultrathin clients• Delivers a rich user experience for:• Virtual Desktop Infrastructure (VDI)
• Provides a 3D virtual adapter, intelligent codecs, and the ability to redirect USB devices in virtual machines
• Session-based desktops and RemoteApp programs to a broad range of client devices
• Integrates with the RDP protocol• Enables shared encryption,
authentication, management, and device support
• Improved WAN performance• Multitouch support• Configured through Group Policy
RemoteFX – Improved User Experience
Unifying of the remoting experience• All features of RDP are available to both sessions and VMs
WAN Improvements• Progressive download, H.264 encoding for video compression, and UDP
as needed to reduce networking overheadSimplified connection• Users can connect to their personal collection of VMs and RemoteApp
programs assigned to them by logging in with their email address and password
Improved user personalization• User profile disks allow users to preserve user personalization settings
across session collections and pooled virtual desktop collectionsMore integrated local and remote experience • Remoting of a broad range of USB devices (such as an all-in-one printer,
a scanner, a biometric reader, a webcam, or a VoIP headset)
Windows 8 RemoteFXImproved User Experience
Support for multi-touch and gesture remoting Simpler logins• Single sign-on for Remote App programs extended to include VMs
assigned to a userEvenly distributed allocation of resources to everyone on a RD Session Host server• No single user can consume all resources
Concurrent reconnection• You can disconnect, go home, and then reconnect to the
RemoteApp programs and VMs that you were using all at once, saving time as you restore your work environment
Windows 8 RemoteFXImproved User Experience, cont.
Text Content
RemoteFX adaptive graphics
Image Content
Video/Animations
RemoteFX progressive rendering
Fair Share
Help ensure high performance across user virtual machines and sessions
Apply to both sessions and virtual machines
Dynamically distribute resources (bandwidth, CPU, and I/O)
Spending MoneyLicensing
Please don’t ask any questionsNo I don’t know what your company has worked outI’m pretty much scared to even mention thisI DO NOT ACTUALLY WORK FOR MICROSOFT
VDI Licensing componentsTwo main components:• License for connecting to the VDI Infrastructure: RDS CAL• For any solution using any of the Remote Desktop or RemoteFX services, including Citrix
XenDesktop, Citrix XenApp, etc.
• RDS CAL licensed per user or per device
• Includes rights to use App-V with Remote Desktop sessions
• License to access a virtual instance of a Windows Client OS: • Software Assurance (SA)
• Virtual Desktop Access (VDA)
• Windows Intune
• Companion Subscription License (CSL)
A license to access a virtualized instance of a client OS is always required• The circumstances and context determine what kind of license (SA, VDA, CSL,
etc) is required
Software Assurance VDI Benefits• Access to Windows 8 Enterprise edition• Access rights for up to 4 VMs concurrently (local or
remote)• Roaming Rights for access from non-corporate device• Access to Windows Thin PC for free• Option to purchase MDOP• 24*7 support, training vouchers and other benefits
VDA (Virtual Desktop Access)
• Rights to access virtual copies of Windows via devices that don’t qualify for SA:• Thin Clients• Consumer Devices (e.g. iPads)• Third party devices (contractor PCs)• PCs not covered by SA
• Licensed Per Device• Annual Subscription
Companion Subscription License• Optional add-on for primary user of SA or VDA licensed
devices• Is for companion (non-primary) devices• Single license covers up to 4 additional devices• Eligible for any personally owned and/or non-x86 corp-owned
devices anywhere (on/off-prem)• Includes Windows To Go and VDA rights• No local install rights• Offered in EA, EA subscription, Select Plus, and EES/CASA
programs• No companywide commitment required and can be purchased
in any quantity• Included with any Windows RT device
Primary work device? (regardless of ownership
and location)
x86/x64 PC(w/ Qualifying OS)
Other(Thin Client, iOS,
Windows RT)
Yes
SA
VDA
Corp owned?No
x86/x64 PC(w/ Qualifying OS)
Windows RT(No License Required
for VDI)
Other(iOS, Android, etc)
Yes
Primary User of SA/VDA licensed device?
Yes
CSL
No
No On Premises?
Yes
No
Any Device(Roaming Rights: No
License Required)
Licensing Windows SA, VDA, and CSL
And now Citrix
V-Alliance: Microsoft and Citrix
Market Leader for Desktop VirtualizationFlexible access to all apps, data and desktops in one productProven scale for 100s to 100,000s of usersWindows desktops and apps on PCs, Macs, iPads, Android and smartphones
Market Leader for DesktopsBest in Class Application VirtualizationA modern server platform to transform today’s infrastructure with virtualization built-inPeople-centric management of devices, desktops, and virtual assets, in the cloud or on premises
User State VirtualizationApplication Virtualization
OS Virtualization
Jointly Integrated, Unified Management
Jointly Integrated, Unified Management
Why Citrix for desktop virtualization? Work anywhere, made anywhere
If you need…
• a mix of Windows Server 2003, 2008, 2008 R2 & 2012
• a mix of Windows XP, Windows 7 & Windows 8 virtual desktops
• a mix of Windows & non-Windows user devices
• a mix of private, service provider and hybrid desktop infrastructures
• a mix of use cases (e.g. VDI, streamed OS, remote, offline, 3D, apps…)
• to scale hosted desktop, sessions, apps from hundreds to many thousands of end-points
• to support heterogeneous hypervisors in the datacenter
…then you need enterprise class desktop virtualization from Citrix
Improved High Availability
Citrix Partnership
Summary
VDI Simplified
RDS Improved
RemoteFXEnhanced
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.