Tuesday, 27 December 2011

Part 1- Building VDI using Remote Desktop Services (RDS)

0 comments

Below is the figure of the infrastructure setup:-



By using Hyper V R2 and SCVMM 2008 R2, I have created the following Virtual machine



In this setup, I'm going to use Windows 7. You can setup client VM running on
○ Windows 7 Business, Enterprise or Ultimate,
○ Windows Vista with SP1 - Business, Enterprise or Ultimate,
○ Windows XP Professional with SP 3

I have tested on these above operating system and it work like a charm. If you would like to know more about the different between Personal and Virtual Desktop Pool,  To make it more interesting, VDI01-Win7.ms4u.info is set to Personal Virtual Desktop and assigned to VDIUser1 which only use Office2007 whereby the Virtual Desktop Pool will use Office 2010 (Beta).

The Client VM name on the Hyper V host should be FQDN and identical as the computer name in the VM.

Example: VDI01-Win7 is the computer name

VDI01-Win7.ms4u.info is the FQDN











For easy and faster deployment of the VM, I using VMM feature called "Rapid Provisioning Virtual machine using Template". For those who are not familiar with this feature,
Let start to look into initial configuration:-

MS4UDC - Domain controller

You may want to take note on some criteria to deploy personal virtual desktop . Your Active Directory need functional level running in Windows 2008. To use the added functionality provided by the Personal Virtual Desktop tab in the User Account Properties dialog box in Active Directory Users and Computers, your functional level for AD DS must be set to Windows Server 2008 R2.

Task 1:- Create user account for VDI

1. Log on to MS4UDC VM
2. Go to Start > Program > Administrative Tools > Active Directory Users and Computers
3. Right click Users container , select New and User
4. Enter username :- vdiuser1 and click Next



5. Enter password :- P@ssw0rd , uncheck "User must change password at next logon" and click Next
6. Click Finish
7. Repeat step 3 to 6 to create user account for vdiuser2 and vdiuser3.

Task 2:- Create a group for VDI

1. Right click Users container , select New and Group
2. Enter the group name: vdigroup with Group scope:- Global and Group type: Security and Click Ok button



Task 3: Assign user account to VDI group

1. Right click Vdigroup and select Properties
2. Click on Members tab and select Add button
3. Enter vdiuser1,vdiuser2 and vdiuser3 and Click Check name
4. Click Ok button
5. Click Ok button to close the vdigroup properties




This is the last post for 2011 :-) Stay tuned for more updates on an Upcoming Year and HAPPY NEW YEAR 2012 :-) 


Cheers !!
Jagadeesh

Part 2:- Building VDI using Remote Desktop Services (RDS)

0 comments

Task 1: Install Remote Desktop Virtualization Host role

On the RDSVH, install Hyper V roles and Remote Desktop Virtualization Host. You need to install RD Virtualization Host role for each Hyper V server that's hosting Personal or Virtual Desktop Pool

1. Log on to RDSVH with administrative right.
2. Open Administrative Tools. Click Start > Administrative tools > Server Manager
3. Right click Roles and select Add Roles
4. On the Before You Begin page, Click Next
5. On the Select Server Roles page, select Hyper V roles and Remote Desktop Service and then click Next
6. On the Remote Desktop Service page, click Next
7. On the Select Role Services page, select Remote Desktop Virtualization Host and click Next
8. On the Confirm Installation selection page, Click Install
9. Restart the system when asked.

Task 2: Install Remote Desktop Session Host (Redirector) role

1. Right click RDSRedirect VM and select Connect
2. Log on with administrative right
3. Open Administrative Tools. Click Start > Administrative tools > Server Manager
4. Right click Roles and select Add Roles
5. On the Before You Begin page, Click Next
6. On the Select Server Roles page, select Remote Desktop Service and then click Next
7. On the Remote Desktop Service page, click Next
8. On the Select Role Services page, select Remote Desktop Session Host and click Next


9. On the Uninstall and Reinstall Applications for Compatibility page, Click Next
Note that the purpose of installing the RD Session Host role service for this solution is for it to act as a Redirector and not for RemoteApp publishing.

10. On the Specify Authentication Method For Remote Desktop Session Host page, select "Require Network Level Authentication" and click Next. Your client must be running minimum Windows XP SP3 (with some configuration that you need to perform) or later in order to support Network Level Authentication. I'm talking about your offsite computer (that's what i mean).


11. On the Specifying License Mode, select Configure Later and Click Next. You can run RDS for 120 days before activating the license. Remember to get the license before the expire date.



12. On the Select User Groups Allowed Access to this RD Session Server, click Add button and Enter VDIGroup.

13. Click Check name and click Ok button.



14. Click Next15. On Configure Client experience, leave default value and click Next
16. Review the confirmation page and Click Install button
17. Click Close button and select Yes to restart the system.

Task 3: Install Remote Desktop Connection Broker role

1. Right click RDSBroker VM and select Connect
2. Log on with administrative right
3. Open Administrative Tools. Click Start > Administrative tools > Server Manager
4. Right click Roles and select Add Roles
5. On the Before You Begin page, Click Next
6. On the Select Server Roles page, select Remote Desktop Service and then click Next
7. On the Remote Desktop Service page, click Next
8. On the Select Role Services page, select Remote Desktop Connection Broker and click Next
9. Review Confirm Installation selection and click Install button. The installation process will begin.
10. Click Close button

Task 4: Install Remote Desktop Web Access & Remote Desktop Gateway role

1. Right click RDSGatewayWeb VM and select Connect
2. Log on with administrative right
3. Open Administrative Tools. Click Start > Administrative tools > Server Manager
4. Right click Roles and select Add Roles
5. On the Before You Begin page, Click Next
6. On the Select Server Roles page, select Remote Desktop Service and then click Next
7. On the Remote Desktop Service page, click Next
8. On the Select Role Services page, select Remote Desktop Web Access and Remote Desktop Gateway
9. Click Add Required Role Service button


10. Click Next11. On the Choose a Server Authentication Certificate for SSL Encryption page, select Create a self-signed certificate for SSL encryption, and then click Next.
It is recommended to get a 3rd party certificate/External Certificate.



12.On the Create Authorization Policies for RD Gateway page, select Now, and then click Next.



13. On the Select User Groups That Can Connect Through RD Gateway page, click Add. In the Select Groups dialog box, specify VDIGroup, and then click OK to close the Select Groups dialog box. Click Next.



14. On the Create an RD CAP for RD Gateway page, enter the name VDI-RD_CAP_01 for the Remote Desktop connection authorization policy (RD CAP), select Password, and then click Next.


15. On the Create an RD RAP for RD Gateway page, enter the name VDI-RD_RAP_01 for the Remote Desktop resource authorization policy (RD RAP), and then select Allow users to connect to any computer on the network. Click Next.
Note: You can limit user to connect computer on the network. If you would like, you can create a VDI computer group and put the computer pool into this group.



16. On the Network Policy and Access Services page (which appears if this role service is not already installed), review the summary information, and then click Next.

17. On the Select Role Services page, verify that Network Policy Server is selected, and then click Next.
18. On the Web Server (IIS) page, click Next
19. On the Select Role Service, accept the default setting and click Next
20. On the Confirm Installation Selection Page, click Install button. The installation process will begin.
The default URL is https://RDSGatewayWeb/RdWeb . Use this url for accessing the VDI.


21. On the Installation Results page, review the results and click Close

Part 3:- Building VDI using Remote Desktop Services (RDS)

0 comments
After the virtual machines are installed and configured for the ms4u.info domain, you must configure them to work with Remote Desktop Services. The following steps must be configured on each virtual machine:

• Enable Remote Desktop.
• Add the user accounts that will be using this virtual machine to the local Remote Desktop Users security group.
• Allow Remote RPC.
• Create a firewall exception to allow Remote Services Management.
• Add permissions to the RDP protocol.

Task 1: Enable Remote Desktop and Add VDIGroup to the local Remote Desktop Users group

1. Log on to VDI01-Win7 with administrative rights.
2. Click Start, right-click Computer, and then click Properties.
3. Click Remote settings.
4. Under Remote Desktop, click Allow connections only from computers using Remote Desktop with Network Level Authentication (more secure), and then click Apply
5. Click on select Users button
6. On the Remote Desktop Users, click Add
7. Enter VDIGroup and click Check name
8. Click OK button to close the Remote Desktop Users
9. Click OK button to close the System Properties
10. Repeat these steps for VDI02-Win7 and VDI03-Win7.

Task 2:- To allow Remote RPC for Remote Desktop Services

1. Log on to VDI01-Win7 with administrative right
2 Click Start, and in the Search programs and files box, type regedit.exe and then press ENTER.
3. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer.
4. Double-click the AllowRemoteRPC registry entry, in the Value data box, type 1 and then click OK.
Default value is 0.
5. Close Registry Editor.
6. Repeat these steps for VD102-Win7 and VDI03-Win7.

Task 3- To enable the Remote Service Management Windows Firewall exception

1. Log on to VDI01-Win7 with administrative right
2. Click Start, click Control Panel, and then click System and Security.
3. Under the Windows Firewall heading, click Allow a program through Windows Firewall.
4. Select the Remote Service Management check box, and then click OK.
5. Repeat these steps for VDI02-Win7 and VDI03-Win7.

Task 4-To add RDP protocol permissions to a virtual machine

1. Log on to VDI01-Win7 with administrative right
2. Click Start, point to All Programs, and then click Accessories.
3. Right-click Command Prompt, and then click Run as administrator.
4. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.
5. At the command prompt, type the following commands:

• wmic /node:localhost RDPERMISSIONS where TerminalName="RDP-Tcp" CALL AddAccount "ms4u\RDSVHquot;,1
• wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='ms4u\\RDSVH" CALL ModifyPermissions 0,1
• wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='ms4u\\RDSVH" CALL ModifyPermissions 2,1
• wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='ms4u\\RDSVH" CALL ModifyPermissions 9,1
• Net stop termservice
• Net start termservice

Note:-
Replace "ms4u" according to your domain name & "RDSVH" to your RD Virtualization Server host name.

6. Log off VDP1-CLNT. This is required in order for VDI Users to log on to one of the virtual machines in the virtual desktop pool successfully.
7. Repeat these steps for VDI02-Win7 and VDI03-Win7

Task 5- Enable Rollback on a virtual machine

Once you've complete all the configuration, you need to enable rollback. This allow VM to revert to original state once the user has log off. No data is saved into the VM. Please do not save your data inside the VM.
1. Open Hyper-V Manager. To open Hyper-V Manager, click Start, point to Administrative Tools, and then click Hyper-V Manager.
2. Under Virtual Machines, right-click VDI01-Win7.ms4u.info, and then click Snapshot.
3. Under Snapshots, right-click VDI01-Win7.ms4u.info, and then click Rename.
4. Type RDV_Rollback and then press ENTER. (Must use the exact snapshot name)
5.Cose Hyper-V Manager.
6. Repeat these steps for the VDI02-Win7 and VDI03-Win7 virtual machine

Task 6 - Verify Remote Desktop

1. Use your client computer and Open Re mote desktop connection. Click Start , on the search program and files , enter "mstsc" and press Enter
2. Key in "VDI01-Win7" and click Connect
3. Provide security authentication by enter username: -ms4u\vdiuser1 and the password isP@ssw0rd.
4. Click Ok
5. Make sure you can log on to the VM. Log off and repeat these steps for VDI02-Win7 and VDI03-Win7.

Part 4:- Building VDI using Remote Desktop Services (RDS)

0 comments

Task 1: Enable Remote Desktop and Add VDIGroup to the local Remote Desktop Users group

1. Log on to RDSRedirect VM with administrative rights.
2. Click Start, right-click Computer, and then click Properties.
3. Click Remote settings.
4. Under Remote Desktop, click Allow connections only from computers using Remote Desktop with Network Level Authentication (more secure), and then click Apply
5. Click on select Users button
6. On the Remote Desktop Users, click Add
7. Enter VDIGroup and click Check name
8. Click OK button to close the Remote Desktop Users
9. Click OK button to close the System Properties

Task 2: Add RDSBroker to the TS Web Access Computer group

1. Log on to RDSRedirect VM with administrative rights.
2. Open Computer Management. Click on Start > Administrative Tools > Computer Management.
3. Expand Local Users and Group and Groups
4. Double click TS Web Access Computer and Click Add button
5. Click on Object Types and Tick Computers and click OK
6. Enter RDSBroker and Click Check name
7. Click OK to close the select Users, Service Account and Group
8. Click Ok to close the TS Web Access computer properties





Task 3: Add RDSRedirect to the Session Brokers Session

1. Log on to RDSBroker VM with administrative rights.
2. Open Computer Management. Click on Start > Administrative Tools > Computer Management.
3. Expand Local Users and Group and Groups
4. Double click Session Brokers Computers and click Add button
5. Click on Object Types and Tick Computers and click OK
6. Enter RDSRedirect and Click Check name
7. Click OK button
8. Click OK to close the Session brokers Computers





Task 4: Configure RDSRedirect for virtual machine redirection mode.

1. Log on to RDSRedirect VM with administrative rights.
2. Open Remote Desktop Session Host Configuration snap in. Click Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host configuration
3. Scroll down to RD Connection Broker , Right click Member of farm in RD connection broker and select Properties



4. On the RD Connection Broker tab and click change setting.



5. Select option Virtual machine redirection6. Enter the RD Connection Broker server name: RDSBroker.ms4u.info and click OK



7. Click Yes





8.Click OK

5:- Building VDI using Remote Desktop Services (RDS)

0 comments

Task 1: Add RDSAccess to the TS Web Access computer group

1. Log on to RDSBroker VM with administrative rights.
2. Open Computer Management. Click on Start > Administrative Tools > Computer Management.
3. Expand Local Users and Group and Groups
4. Double click TS Web Access Computer and click Add button
5. Click on Object Types and Tick computers and click OK
6. Enter RDSAccess and Click Check name
7. Click OK
8. Click OK to close the TS Web Access computer properties.





Task 2:- Add RD virtualization Host , RD Session Host for redirection and RD Gateway

1. Log on to RDSBroker VM with administrative rights.
2. Open Remote Desktop Session Host Configuration snap in. Click Start > Administrative Tools > Remote Desktop Services > Remote desktop Connection Manager.



3. In the middle pane under Virtual desktops Resource and configuration, locate RD Virtualization Host servers and click Add


4.Enter RDSVH.ms4u.info and click Add.



5. In the middle pane under Virtual desktops Resource and configuration, locate RD Session Host server for redirection and click configure.

6. On the redirection setting tab, enter server name:- RDSRedirect.ms4u.info (Enter FQDN) and click OK button.



7. In the middle pane under Virtual desktops Resource and configuration, locate RD Gateway server for redirection and click Specify

8. Tick Use these RD gateway server settings
a) Server name : RDSGatewayWeb.ms4u.info
b) Login method:- Ask for password (NTLM)



9. Tick Use the same user credential for RD Gateway and virtual desktops

10. Click OK

6.Building VDI using Remote Desktop Services (RDS)

0 comments

To deploy personal virtual desktop or most of the time we called as "static virtual desktop deployment", you need to has
a) Active Directory Schema upgraded to Windows Server 2008.
b) Client virtual machine running Windows XP or Windows 7 need to use FQDN in Hyper V Manager snap-in.

Static Virtual Desktop is a 1 to 1 mapping. If you have 100 users, then you need to create 100 Virtual machine. User will access to their own unique virtual machine and have greater control. Besides that, changes on the Virtual machine will maintain in the Virtual Machine. This concept is similar as their own desktop environment.

Task 1: Personal Virtual Desktop Configuration.
1. Click on Configure virtual desktops on the top right of the Action pane.






2. Review before you begin page and click Next
3. Verify RDSVH is listed on Specify an RD Virtualization Host Server and click next. For my case, my RDSVH computer name is "LAINB.ms4u.info)





4.Verify RDSRedirect is listed on Configure Redirection Settings and click Next.




5. Click Next on RD Web Access Server.




6. Click Apply button.



7.Review the summary page and make sure Assign personal virtual machine is tick and click Finish button.



8.On the Assign Personal Virtual Desktop page, click Select user.
9. Enter Vdiuser1, Click Check name and click OK
10. On the virtual machine, select VDI01-Win7 and click Next




11.Review the confirm assignment and click Assign.




12.On the assignment summary page, uncheck assign another virtual machine to another user
13.Click Finish

Stay tuned for Part 7:- Building VDI using Remote Desktop Services (RDS) - Click here . I will cover on how to create Virtual Desktop Pool/ Dynamic VM Deployment.

Building VDI using Remote Desktop Services (RDS)

0 comments

In the Virtual desktop deployment, it is not necessary to put the VM as FQDN. From here you can different between Personal Virtual Desktop and Virtual Desktop Pool.


For customer who cannot upgrade the schema to Windows server 2008, then this is the only option to select. I have tested this deployment when running on Active Directory schame is on Windows Server 2003.


Dynamic Virtual Desktop is not a 1 to 1 mapping. If you have 100 users and only 50 users which is actively use the VDI, you can create 70 Virtual Machine in the pool. (just my estimation to include 20 Virtual Machine as a buffer). User will access to any virtual machine which is available on the pool. The entire virtual machine is install with the same program and same setting. Besides that, any changes make by the user will be lost after their log off. In this deployment, i recommend that you deploy roaming profile and folder redirection to overcome this issue.


When using this deployment, you will need to use differencing disk for the client VM. In essence, you need to have a base image which contain the client operating system and standard application which we called it as "master image". Then for the VM, create a differencing disk and map to the master image. Follow the instruction on Part 3:- http://www.ms4u.info/2010/04/part-3-building-vdi-using-remote.html to prepare the client VM for VDI. Once you have done that, create a snapshot and name it as "RDV_Rollback". Remove unncessary name give by the snapshot. The system will automatically revert to initial state once the user is logoff.
Now let look into the configuration on the RD Connection Broker for Virtual Desktop Pool.

1. Click on Create Virtual desktop Pool on the Action pane.






2. Review the Welcome to Create Virtual Desktop Pool wizard and click Next button.

3. On select Virtual Machine, use CTRL to select multiple virtual machine. In case environment, select VDI02-Win7 and VDI03-Win7. (Ignore the FQDN, Dynamic deployment do not need to rename the VM as FQDN as i mentioned previously)





4. Click Next button
5. On set Pool properties, Enter
a) Display name:- Windows 7 client pool
b) Pool ID: - VDIWin7.





6. Click Next button

7. Review the result and click Finish.

That will do. At this moment, you have successful configure static and dynamic deployment

Formatting Disk using DiskPart

0 comments


Let look into several command that you should execute when formatting disk. Wait, won’t it be easy using Computer Management snap in to format a disk.

Well, you’re right but…you will not have Computer Management when Hyper V host machine is install with Server Core version.

Hope this command come to handy when you format a disk either local or iSCSI LUN presented to Hyper V host.

1. Execute Diskpart command.



2. Execute List Disk to view the disk available on the Hyper V machine
DISKPART > List disk




3. We are going to format disk 3. Execute select disk 3 to select disk 3.
DISKPART > Select disk 3
DISKPART > List disk




* indicated disk 3 is selected.

4. If the disk status is offline. Type
DISKPART > online disk


5. View the attribute of the disk. Make sure the disk read-only is not set to Yes.
DISKPART > attribute disk




If mark as Read-Only. Key in below command:
DISKPART > attribute disk clear readonly


6. Create primary partition using the entire disk volume.
DISKPART > create partition primary
DISKPART > list partition




7. Assign a drive letter
DISKPART > Assign letter =K




8. Quick format a disk with NTFS file format
DISKPART > format fs=ntfs quick


Windows 8:- Hyper-V Bandwidth Management

0 comments

I always wonder how many throughput does a Virtual Machine consume when running in Hyper-V Host. Not always we dedicate a NIC for a Virtual Machine. For better consolidation, we always share several Virtual machine within a 1 Gbps NIC.
Let say, you have 4 Virtual Machines running and share on 1 Gbps NIC. Will each Virtual Machine consume and limited to 250 Mbps? Well not really. Some VM will consume more throughput than 250 Mbps and will eventually impact the performance for the rest of the VM.




This is what i found out when testing Hyper-V Vnext which seem like solving this case. On Virtual Network, you can configure to set minimum and maximum throughput per Mbps on each virtual machine.






Great right…I’m excited to wait this feature available on next release of Hyper-V.

Windows 8:- Dynamic Memory Enhancement

0 comments
Well, dynamic memory is one of the features available in Windows Server 2008 r2 SP1. I do hope that you have tested dynamic memory. Let have a look on Dynamic memory Enhancement which available in Hyper-V Vnext (Code name that I give for new version of Hyper-V in Windows Developer Preview).

Note:- Subject to change and feature is available during my testing using Windows Developer Preview Edition.

Enhancement #1:- Dynamic memory options is available when create a new Virtual Machine. Previously, you can only configure static memory when provision Virtual machine.

Enhancement #2:- Dynamic Changing of Memory when Run Time. That's mean you no longer need to shutdown the Virtual Machine when you want to configure Min and Maximum Memory. You can change the amount of memory when VM is up and running. Find it quite useful especially the Vm has hit to Maximum memory and i can easily increase the amount of memory.

Enhancement #3:- Ability to configure Minimum Memory.





Initially we allow to configure
a) startup memory- amount of memory to use during boot up
b) maximum memory - amount of memory that VM can use.

Now
c) minimum memory - minimum of memory that VM can shrink. This is quite useful for increase the ratio of VM that we want to host. We often saw the memory demand is less but due to Microsoft support policy on certain amount of minimum memory to start up memory, then we need to follow to the policy to avoid any issue. Therefore, we assign the exact startup memory. However VM detected VM does not require that much of memory. So you can consider it is a waste. With minimum memory, we can use the memory as mentioned in the start up and able to shrink until minimum memory when require. This concept is use balloon technique.

Refer to attached diagram above and you will see that
VM boot up - using 512 MB
Minimum memory configure 128MB
From Assigned Memory column, it has shown 321MB rather than 512MB.

For Maximum memory, do i allow to memory over-commit? Well, the answer is "No". So please do not configure more than what is available on your physical Hyper-V Server.