Wednesday, December 16, 2015

Microsoft releases the Remote Desktop assistant

Microsoft released a small tool called the "Microsoft Remote Desktop assistant". For the average user it's sometimes unclear what exact steps to take to configure for example a home computer to allow Remote Access using RDP from another device, tablet et cetera. The Microsoft Remote Desktop assistant simplifies this proces. The Remote Desktop assistant configures Remote Connections, opens the Firewall ports needed and provides an easy link that other devices can use to set up the Remote Connection.

The installation is an easy to install Click Once application



After you accept the license terms you are ready to setup up Remote Access


Once the configuration is completed you will be provided with a several options that allow easy setup of the client.


In this case I saved the configuration file and send that via email to my phone. Opening the link on my phone results in opening the Microsoft Remote Desktop Client (available in the AppStore) and after entering credentials I'm able to connect.





The Remote Desktop assistant allows easy configuration of Remote Sessions using RDP in home scenario's.



Tuesday, December 15, 2015

Improved Remote Desktop Connection Broker Performance with Windows Server 2016 and Windows Server 2012 R2 Hotfix (KB3091411)

The Microsoft RDS Product team has released on important hotfix for RD Connection Broker performance running on Windows Server 2012 R2 and Windows Server 2016!

Have been waiting for this one to be released! Glad to see its now publically available!

“…Internal testing of the RD Connection Broker connection-handling code shows a significant improvement during logon storms and when adding/restarting RD Session Host servers to a farm. We also see similar improvements through internal testing of the end to end connection scenario via the Windows RD client (MSTSC).

Specific results include:

Logon Storm
- 100% connection success with initial burst of 100 connections at a rate of 2 connections per second
- 0.2 second average connection time through RD Connection Broker, down from over a minute

RDSH Add/Restart
- 100% success adding/restarting servers at rate of 1 server per second with 5 sessions per server
- 2 second average add/restart time, down from over thirty minutes

MSTSC End to End
- 100% connection success at a rate of 100 connections per minute
- 25 second average connection time, down from over seven minutes…”




 

Tuesday, December 8, 2015

Azure RemoteApp Public Roadmap updates!

The Azure RemoteApp public roadmap was updated. Two new features have been announced for the April-March iteration Azure Resource Manager (ARM) support and Cloud Solution Provider (CSP)!

image

November updates to Azure RemoteApp

The RDS Product Team posted the November updates to Azure RemoteApp;

“…Within the month of November 2015, we released the following new features and capabilities for Azure RemoteApp:

  • We’ve had a lot of feedback about our two new premium plans and yes both come with a five user minimum, read more about all our plans in the pricing page
  • iOS and Android clients are now MAM enabled allowing them to be managed by Intune using Mobile Application Management, read more in our blog post Intune Mobile Application Management for Remote Desktop
  • Learn about new pricing plans for EMS and existing RDS CAL with Software Assurance customers, you might qualify to purchase Azure RemoteApp for as low as $2 per user per month.
  • Azure RemoteApp is now ISO 27001 certified!
  • You can now Disable User Profile Disks (UPDs) in Azure RemoteApp, read more about the use cases and reasons why this might benefit your organization
  • Office 2016 for Office 365 is not supported in Azure RemoteApp yet, we are completing final testing with Office team and will have new images published when ready along with support statement.
  • Azure gallery and Azure RemoteApp images were updated with the latest Windows security updates
  • iOS client was updated to version 8.1.15 which includes Intune MAM support, as well as fixes for Azure RemoteApp users who could not sign out easily.
  • Android client was updated to include Intune MAM support
  • Quick links for previous monthly updates for March, April, May, June, July, August, September, and October for Azure RemoteApp…”

Source & more info: http://blogs.msdn.com/b/rds/archive/2015/12/07/november-updates-to-azure-remoteapp.aspx

Monday, November 30, 2015

First glimpse at the Azure RemoteApp HTML5 client!

Last week the HTML5 client for Azure RemoteApp was announced on the public roadmap of Azure RemoteApp. More info also see here: HTML5 client for Azure RemoteApp now on the public road map!

Although the preview of the new client is not available yet, here are some screenshots to allow for a first glimpse at the HTML5 client:

After logging on you will be presented with the RemoteApps that are assigned to youimageWhen you open the 1st RemoteApp the user will be logged in on one of the RD Session Host server as part of the Azure RemoteApp Collection
image

Here is Powerpoint open running on Azure RemoteApp in Chrome
image

From the App launcher in the upper left corner we’re able to open additional applications
image

With multiple applications open you can also switch applications by using the top bar as shown here.
image

This was just a first glimpse of the Azure RemoteApp HTML5 client. We can expect the client to go into public beta soon!

Source & more information: Advanced Azure RemoteApp deployment and configuration

Wednesday, November 25, 2015

Slide deck ExpertsLive 2015 event available for download

The slide decks from the sessions presented at ExpertsLive 2015 last week are available for download. Here is a direct link to the slide deck from my session called RemoteApp on Azure Iaas vs Azure RemoteApp:

Slide deck RemoteApp on Azure IaaS vs Azure RemoteApp

image



The last slide contained links to TechNet Gallery scripts & documentation, for easy access I pasted the URL’s here that I shared in the session:

LINKS:
About Azure RemoteApp

Manage users in Azure RemoteApp based on Active Directory groups

Clean Azure RemoteApp orphaned RDSH objects from Active Directory

Automatic Scaling of Remote Desktop Session Hosts in Azure Virtual Machines
RDS in IaaS ARM Template

Desktop Hosting Reference Architecture & Deployment | Azure

Vote for Azure RemoteApp improvements

Azure RemoteApp LinkedIn group

Remote Desktop Services LinkedIn group

Monday, November 23, 2015

My session on RDS / Azure RemoteApp at the ExpertsLive 2015 event

Last week was ExpertsLive, a big IT Pro community event focusing on the Microsoft Platform, held in Ede, The Netherlands. With over 40 breakout sessions divided into 7 parallel tracks with national and international speakers, and over 1200 attendees it was a great event!

IMG_7085I presented a session on RemoteApp on Azure IaaS vs Azure RemoteApp. In this demo heavy session I presented a comparison on both the administrator as well as the end user experience of both technologies.

I had a full house during the session, great turn up, good questions as well as great, more in depth, discussions afterwards. I had a fun time presenting there. Huge thanks goes out to the ExpertsLive team for putting the event together.

 

12232738_10153292140916915_4717392515369458793_oIMG_7114image

If you have attended ExpertsLive you should receive a downlink soon which allows you to download all slide decks of the event, including mine. My session was presented in Dutch, but I have received several requests for an English rerun of the session. I’m currently looking at options to perform a webinar covering that rerun. If you are also interested, let me know!

image

HTML5 client for Azure RemoteApp now on the public road map!

Many have been speculating, and as RDS MVP’s we’ve had the privilege to hear about this a while ago and have already seen some live demo’s… the HTML5 client for Azure RemoteApp! We can now talk about it and it’s on the public roadmap for January-March 2016!

Many (up until now 336) have voted for a HTML5 client for Azure RemoteApp on the User Voice Pages https://feedback.azure.com/forums/247748-azure-remoteapp/suggestions/5958080-we-want-an-html5-azure-remoteapp-client-to-support

The HTMl5 client for Azure RemoteApp will go into private preview very soon! The HTML5 client will expand use cases for Azure RemoteApp with support for Linux clients, Chrome OS and any device without a Azure RemoteApp client. You can expect a more detailed blog post on the HTML5 client as soon as I have more to share more on this subject! Stay tuned!

msohtmlclipclip_image001

Wednesday, November 11, 2015

New Azure RemoteApp PowerShell cmdlet to remotely reboot ARA RDSH Servers

A new PowerShell cmdlet for Azure RemoteApp has been released. The command is Restart-AzureRemoteAppVM. What this command is able to do is remotely restart a RD Session Host server as part of you Azure RemoteApp Collection. For the parameters you need to provide Azure RemoteApp collection name and a UserUpn. The collection name is obvious, the UserUpn needs some explaining. The idea that Microsoft had behind this command is that you use it as sort of a last resort when you run into issues with a specific user. Using this command, you can easily restart the RD Session Host VM that the user is logged on to. To some degree I can understand the idea behind this, although since we now also have the new PowerShell cmdlet Get-AzureRemoteAppVM available to retrieve all RD Session Host servers with their logged on users, allowing to provide a hostname is stead of a UserUPN would also make sense.

Couple of things to be aware of:

- The reboot that is performed is a remotely executed reboot within the VM. By that I mean the reboot is not performed on a Hyper-V level. So in case the RD Session Host server for whatever reason is not accessiable on the network, the reboot will fail.

- The reboot is a forced reboot within the OS without any warning or a delay. This means that all other users that might be running on that VM will also lose their connection, and their work. If you need to use this command, I would advise you to first use the command Get-AzureRemoteAppVM to retrieve a list of users currently active on that specific RD Session Host server, and warn them about upcoming reboot to allow them to save their work.

- If you are running a Hybrid (Domain-Joined) deployment of Azure RemoteApp, you can also easily perform that remote reboot using Remote PowerShell because the RD Session Host servers as part of the Hybrid collection are part of the domain and thus accessible. For Cloud (non-domain joined) collections where you did not create a back door local admin account inside the Template Image, this new PowerShell cmdlet is definitely helpful.

Here is de command in action, using the Get-AzureRemoteAppOperationResult Cmdlet we’re able to track the status of the command.image

This is what the a user will see who was logged on to VM and still had a session, he will see the shutdown take place and after that this screen will close.
image

And here are the details on the Cmdlet.

NAME
    Restart-AzureRemoteAppVM

SYNTAX
    Restart-AzureRemoteAppVM [-CollectionName] <string> [-UserUpn] <string> [[-LogoffMessage] <string>] [[-LogoffWaitSe
    conds] <int>] [-Profile <AzureSMProfile>] [-WhatIf] [-Confirm]  [<CommonParameters>]

ALIASES
    None

REMARKS
    None

Tuesday, November 10, 2015

RDS Team: October updates to Azure RemoteApp

The Microsoft RDS team has released a new blog post on last months updates to Azure RemoteApp!

  • Premium and Premium Plus are two new licensing plans released, they both have a 5 user minimum limit and address needs for higher computing resources.  Read more about all our purchasing plans
  • Learn about new purchasing plans for EMS and existing RDS CAL with Software Assurance customer, you might qualify to purchase Azure RemoteApp for as low as $2 per user per.
  • We have a new webpage https://www.microsoft.com/en-us/server-cloud/products/azure-remoteapp and includes a new Azure RemoteApp clients download webpage.
  • Azure PowerShell v0.9.9 modules were released that allow the ability to enumerate list of users assigned to a particular Azure RemoteApp instance and reboot the instance.
  • iOS client was updated to version 8.1.14 which included minor fixes for Azure RemoteApp.
  • Mac client was updated to version 8.0.23 fixed an issue that caused the RD app to crash when using Azure RemoteApp. Important notice for users on 10.7 (Lion) and 10.8 (Mountain Lion): Our application won’t offer support for these distributions in November. You’ll need to update to a later OS version to make sure you can use a fully supported and regularly updated Remote Desktop client. This announcement has been as well part of our release notes in 8.0.22.
  • Office 2016 for Office 365 is not supported in Azure RemoteApp yet, we are completing final testing with Office team and will have new images published when ready along with support statement.
  • Quick links for previous monthly updates for March, April, May, June, July, August, and September for Azure RemoteApp.

More info & source: http://blogs.msdn.com/b/rds/archive/2015/11/10/october-updates-to-azure-remoteapp.aspx

Monday, November 9, 2015

Azure RemoteApp without User Profile Disk (UPD)?

Azure RemoteApp is the service within Azure that allows you to publish your Win32 applications from the cloud. Part of this service is that a User Profile Disk (UPD) is created for every user logs on for the first time. This UPD is a single .VHDX file that contains the complete user profile, basically anything under C:\user\<username>. This .VHDX file file is then mounted on the fly under C:\user\<username> during logon which allows you to store settings centrally, without having to cache profile settings locally. And since it is a mount path to a .VHDX file, it’s fully transparent for users as well as applications. For more information on UPD also see Easier User Data Management with User Profile Disks in Windows Server 2012

UPD’s are not new with Azure RemoteApp, within any on premises or hosted solution of Remote Desktop Services, UPD can be configured as part of the Deployment, as shown below.

image

Azure RemoteApp comes with UPD out of the box. UPD is great for many scenario’s since this is easy to set up and basically captures every user setting. You do have to be careful though with allowing users to store data inside their profile (.OST files, One Drive for Business cache, or large data), since the UPD file has a maximum capacity of 50Gb. In some scenarios you might not want to use UPD, but rather use your own profile management solution like i.e. Microsoft UE-V, or a solution provided by vendors like FSLogix, AppSense, RES et cetera. When using those vendor solutions, in some cases UPD will not conflict and you can use them side by side, but in other cases you could run into compatibility issues or conflicts when you run those profile management solutions on top of UPD.

What many don’t know however is that using UPD is not mandatory in Azure RemoteApp! You can, if you want, have UPD disabled for a specific Azure Subscription. Send an e-mail to remoteappforum@microsoft.com, provide your Azure Subscription ID and ask for UPD to be disabled. Do note that Microsoft currently cannot disable UPD on a Collection level, only at a Azure Subscription level. This means that is you are running multiple Azure RemoteApp Collections within your subscription, UPD can only be disabled for all Collections.

In my lab I have created a new Azure RemoteApp Hybrid Collection called hybridnoupd, connecting back to my on premises (in this case Azure IaaS) environment.

image

To be able to distinguish other Azure RemoteApp deployments, I provided a separate OU during the configuration of this collection. As you can see, 2 computer objects (RD Session Host servers) have been created by Azure RemoteApp in my designated OU. This also allows me to easily create separate GPO’s for these RD Session Host servers.

image

For this newly created Azure RemoteApp Collection I have asked Azure RemoteApp support to disable UPD for the Azure Subscription it is running in. There are various ways of confirming that UPD is in fact disabled. The most easy one is simply logged on a test user to Azure RemoteApp and launching an application. If we open an Azure RemoteApp application from the Collection where UPD is not disabled, and then connect to that RD Session Host server using our administrator account and browse to C:\user we’ll see a 50Gb the mounted UPD file for in this case a user called testuser. Or, if you did not create any policies yet to prevent access to the local C: drive of the RDSH, simply publish explorer.exe as a RemoteApp.

image

if we now open an Azure RemoteApp application from the Collection where UPD is disabled and connect to that RD Session Host server as an admin we’ll see a regular local profile created.

image

The fact that it is now a regular local profile obviously means that, without configuring anything else, no profile settings will roam across multiple RD Session Host servers as part of our Azure RemoteApp Collection. This however fully opens possibilities to start using other profile management solutions like Microsoft UE-V, FSLogix, AppSense, RES et cetera! Do note that Microsoft UE-V and RemoteApp in general are not the best mix when you want to store synchronous settings (settings that can only be stored during Logoff, and can only be applied during LogOn) like i.e. Roaming Credentials or Desktop Settings. I wrote an article on that here Caution when using User Experience Virtualization (UE-V) with Microsoft RemoteApp

To test one of the 3rd party Profile Management solutions I choose FSLogix Profile Containers. In the screenshot below you see a user logged on to Azure RemoteApp with a FSLogix Profile (similar to UPD) stored on a FileServer in Azure IaaS! I can now fully manage this profile disk running on my File Server.

image

I won’t explain the setup and configurations of all these profile solutions here because this is no different than using these profile solutions in an on premises or hosted RDS environment. One of the great things about the hybrid model of Azure RemoteApp is, as we have also seen in this article, the fact that RD Session Host servers that are deployed as part of your Collection will be become members servers of your domain. This means that we can manage those RD Session Host servers as if they were running on premises, leveraging the same Group Policy objects et cetera. There are many articles & how to guides out there that discuss and describe these profile solutions. Applying those should not be different for Azure RemoteApp collections with UPD disabled.

There are however 3 things you need to be aware of

  • The RD Session Host servers created as part of a Azure RemoteApp collection are provisioned & removed by Azure as needed as part of the elastic runtime. In other words, the RD Session Host servers itself are non persistent. This means that you need to install software agents for the profile solution you wish to use, inside the Azure RemoteApp Template Image, not inside each individual RD Session Host that gets deployed. You can however use GPO to configure these software agents by simply creating a new GPO and linking that to the OU where your configured Azure RemoteApp to create your RD Session Host servers.
  • If you have UPD disabled and don’t perform any additional configuration, cached copies of user profiles will be created on the OS partition of the RD Session Host servers created as part of a Azure RemoteApp collection, and they will stay there. Without configuring another profile solution or additional configuration to clean cached copies of roaming profiles using GPO, cached copies of those user profiles will pile up and could eventually cause disk space issues on the OS partition of RD Session Host servers, which could lead into unresponsive behavior. This is of course no different compared to any on premises deployment of RDS, but something to be aware, because Microsoft cannot be held responsible for this.
  • Only create a Hybrid Collection in a Azure Subscription where UPD is disabled. If you create a Cloud collection, the RD Session Host servers as part of a Azure RemoteApp collection will run in a workgroup, not in a Active Directory Domain you can manage. In those scenario's Azure RemoteApp will create a “shadow user” on the fly locally on the RD Session Host server. With UPD disabled, this will result in a TEMP profile. I would advise to only Hybrid Collections for UPD disabled Subscriptions.

Conclusion
UPD is not mandatory in Azure RemoteApp! Disabling User Profile Disks (UPD) on your Azure RemoteApp Collection fully opens the doors for your favorite Profile Management Suite! Whether its Microsoft UE-V, FSLogix, AppSense, RES or anything else, refer to installation guides, configurations and best practices for an on premises Microsoft RDS environment, keeping in mind the 3 implications of disabled UPD that I described above.

Thursday, November 5, 2015

Azure RemoteApp: Script to clean up orphaned RDSH computer objects in Active Directory

When using a Hybrid (domain joined) collection of Azure RemoteApp, RD Session Host servers deployed as part of the collection will become members of your on premises Active Directory Domain.
These computer objects are placed in a designated OU, which is configured during the creation of the collection. Below is an example of those computer objects.
image
Notice that there is a naming convention in place which consists of eight random letters followed by a number starting from 0000, so for example JWBQPQTO0000.
Also note that in the example above, two combinations of eight random letters objects are shown.If you update your custom template image, or Microsoft updates their template image and you initiate the Update sequence on the collection (as shown below), Azure RemoteApp will start a new eight random letters combination for the RD Session Host servers based on the updated template image.
image
What Azure RemoteApp currently does not do however, is clean up the RD Session Host Computer objects based on the previously used Template Image. This means you will end up with orphaned computer objects in your Active Directory. This is something that your Active Directory Administrator is generally not happy with. Plus, as you start doing more & more updates on your template, things could get really messy in Active Directory.
You can of course manually remove those orphaned computer objects from Active Directory. This is however not only a time consuming task, it’s also hard to tell which computer objects are still part of Azure RemoteApp and which ones are orphaned.
The good news is, there now is a new PowerShell command available that is able to retrieve the list of active RD Session Host servers for a specified collection.
NAME
    Get-AzureRemoteAppVM

SYNTAX
    Get-AzureRemoteAppVM [-CollectionName] <string> [-Profile <AzureSMProfile>]  [<CommonParameters>]

I have used this command to create a PowerShell script that automatically deletes all RD Session Host Servers in a specified OU that are not active in the specified Azure RemoteApp Collection.
For example, this is my OU where Azure RemoteApp stores my RD Session Host servers. As you can tell by the naming, it has multiple sets so it’s likely we have orphaned computers here.
image
If we run the PowerShell script it will output which orphaned RDSH objects are found and they will be deleted.
image
These orphaned RD Session Host objects are now cleaned from Active Directory. You can use the PowerShell script to create a scheduled task to perform clean up every month or so, or decide to run this script manually as part of your Template Image update process. Two notes to the script:
- Make sure you provide the correct OU when running this script, because there is no warning before the deletion of the computer objects
- The script currently does not handle scenarios where you might have deployed multiple Azure RemoteApp Collections in the same OU. I’ll be adding that functionality later.
image
I have published the script on TechNet Gallery here:https://gallery.technet.microsoft.com/Clean-Azure-RemoteApp-0165c3b3
There is also an additional advantage of this command. It also shows which users are logged on on which RD Session Host server! This means its now also easier to determine where a specific user is logged on and maybe offer support, do shadowing or troubleshoot a specific user session. See the example below;
Get-AzureRemoteAppVM -CollectionName Hybrid
LoggedOnUserUpns                           VirtualMachineName
----------------                                     ------------------
{}                                                      jwbqpqto0000
{}                                                      jwbqpqto0001
{rdstest@themicrosoftplatform.net}  jwbqpqto0002



UPDATE:

In the mean time Microsoft has released two new PowerShell Cmdlets to perform clean up:
http://microsoftplatform.blogspot.nl/2016/01/new-azure-remoteapp-powershell-cmdlets.html


Tuesday, November 3, 2015

Azure RemoteApp Premium & Premium Plus are available!

The new Premium & Premium Plus Service plans are now publically available!

Also, these 2 new service plans do not have the 20 user minimum, but in stead a 5 use minimum!

image

More details on the pricing of the 4 service plans

image

http://www.microsoft.com/en-us/server-cloud/products/azure-remoteapp/Purchasing.aspx

Friday, October 30, 2015

Your apps, our cloud, no hassle!

Check out the brand new Azure RemoteApp landing page, which contains video’s, business cases, links to all documentation etc. http://www.microsoft.com/azureremoteapp

image

it also contains a full pricing sheet including the recently announced PROMO OFFERS!

 

Basic

Standard

Premium

Premium Plus

Target user

Basic

Task worker

Standard

Information worker

Premium

Information worker

Premium Plus

Designer/Engineer

Application types

Basic

Lightweight LOB apps (e.g. data entry, expense reporting)

Standard

Productivity apps (e.g. Office, SAP, Dynamics)

Premium

Productivity apps with large data files (e.g. Excel with macros)

Premium Plus

Design or heavy-compute apps (e.g. Matlab)

Storage (user)

Basic

50 GB

Standard

50 GB

Premium

50 GB

Premium Plus

50 GB

Starting price (user/month)

Basic

$10

Standard

$15

Premium

$20

Premium Plus

$25

Hours included in starting price (month)

Basic

40

Standard

40

Premium

40

Premium Plus

40

Hourly overage rate (hour)

Basic

$0.175

Standard

$0.20

Premium

$0.30

Premium Plus

$0.45

Capped price / unlimited pricing* (user/month)

Basic

$17

Standard

$23

Premium

$32

Premium Plus

$43

*Rounded off to nearest integer.

Additional discounts

40% off any Azure RemoteApp tier with qualifying EMS subscriptions. (Available thru March 31, 2016)

Up to 80% off Azure RemoteApp Basic and Standard with qualifying RDS per user software assurance. (Available thru September 30, 2016)

Thursday, October 29, 2015

Thursday, October 1, 2015

Remote Desktop Services MVP - 5th year!

I received the email today, my MVP award in the category Remote Desktop Services is renewed for yet another year!

This is my 5th MVP Award in a row, honored! Thanks Microsoft!

Microsoft MVP Banner

Dear Freek Berson,
Congratulations! We are pleased to present you with the 2015 Microsoft® MVP Award! This award is given to exceptional technical community leaders who actively share their high quality, real world expertise with others. We appreciate your outstanding contributions in Remote Desktop Services technical communities during the past year.

Friday, September 11, 2015

New preconfigured RDSH image available for Azure RemoteApp & RDS on Azure IaaS to include Office 365 ProPlus installation

Starting from March 17 2015 Azure RemoteApp started to support using Azure IaaS to create a Azure RemoteApp template image. For details on that see: Now publicly available: Creating Azure RemoteApp templates using Azure IaaS!

Later, Microsoft also created an base RDSH Template image in Azure IaaS called “Windows Server Remote Desktop Session Host Windows Server 2012 R2”. This image already contains all off the requirements for a Azure RemoteApp template image, and could also be used for RDS in Azure IaaS scenario’s. An ideal starting point for both scenarios.

Recently, Microsoft announced the availability of another base template image called “Windows Server Remote Desktop Session Host with Microsoft Office 365 ProPlus”.

This image is also optimized for Azure RemoteApp and Azure IaaS, and inside this template image Microsoft has installed Office 365 ProPlus including the necessary Shared Activation configuration. If you’re looking at deploying Office 365 ProPlus inside Azure RemoteApp or RDS in Azure IaaS, this new template image is the best starting point!

image

Wednesday, September 9, 2015

Caution when using User Experience Virtualization (UE-V) with Microsoft RemoteApp

I recently ran into some interesting results when using Microsoft User Experience Virtualization (UE-V) with Microsoft Remote Desktop Services, in particular using RemoteApp technology.

For those who don’t know, UE-V is a Microsoft Profile Management solution first introduced a couple of years ago. Prior to UE-V the only Microsoft solution to roam user settings has always been Roaming Profiles. With Roaming Profiles Technology, part of the users profile is copied centrally during logoff and applied during logon and allows users to roam application settings and other preferences across multiple computers, and multiple RD Session Host servers in case of an RDS environment. Roaming Profiles have been there for a long time, and I think we all know the challenges with Roaming Profiles (Slow logons, Profile Corruption etc.) which are still applicable today. This is why there are many vendors (Citrix, VMWare, Dell, AppSense, RES etc.) that offer User Profile Management solutions or have included it in their overall Desktop Virtualization management solutions.

With the introduction of UE-V, Microsoft announced a new method to roam settings across devices and sessions. The concept behind it is great, you can now roam specific user settings and preferences (configured by creating UE-V Templates) across multiple devices without having to roam the complete profile. And also, many of the application settings & preferences can be stored centrally upon other triggers than logoff, for example on application close. This means you can roam settings across devices without logging off. Despite the great concept of UE-V, the development cycle of the product seems slow. All configuration still needs to be done by GPO, PowerShell and creating XML template files. There is no central GUI, no direct integration with the existing Microsoft Consoles like Server Manager. And although there is an active community that creates & shares new XML template files, Microsoft does not provide that many (updates to) their template files as I would like to see. Definitely enough room for overall improvement in that space.

Recently I have done some testing with UE-V and Remote Desktop Services, in particular RemoteApp. A little background, UE-V can work in 2 different modes, configured using the SyncProvider settings, basically the difference is as follows;

SyncMethod=SyncProvider
In this case settings are initially stored locally in the users profile, and are synced back to the Central Store if its available.

SyncMethod=None
In this case settings are not stored locally in the users profile but directly synched to the Central Store.

Because of this, the Microsoft recommended common practice for RDS and VDI scenarios is to use SyncMethod=None because this will avoid settings stored locally and since we can assume the RDS or VDI environment is “always on” in a sense that it can reach the Central Store, we really don’t have to let UE-V cache settings locally.

Besides the SyncMethod, UE-V defines 2 types of settings. In an environment where SyncMethod is set to None, Asynchronous settings are settings that can be stored & applied during the session, at logon, logoff, Lock, UnLock etc. Synchronous settings are settings that can only be stored during Logoff, and can only be applied during LogOn.

So, back to my environment, a Remote Desktop Desktop deployment based on Windows Server 2012 R2, where RemoteApps have been published (no Full Desktop). In this environment I roam several Application Settings & other preferences across Multiple Session Collection serving multiple RD Session Host Servers, using UE-V. I used the default Template files that Microsoft Provides for Office2013, Calculator, Desktop Settings and Roaming Credentials. And UE-V is configured with SyncMethod=None.

The settings in the templates MicrosoftOffice2013Win32.xml and MicrosoftCalculator.xml are Asynchronous settings, which means they can be saved to the Central Store during application close, and can be applied during application launch. When taking a closer look at these 2 templates, you’ll notice the <Process> tag and underneath the <Filename> tag where you’ll see a reference to the application in question.

“…<Processes>
  <Process>
    <Filename>CALC.EXE</Filename>…”

“…<Processes>
  <Process>
    <Filename>WINWORD.EXE</Filename>…”

When publishing these applications, applied settings are successfully stored in the Central Store upon closing the application, and successfully applied upon opening the application. Which means that these settings can now successfully roam across Multiple Session Collection severing multiple RD Session Host Servers. So far so good!

The other two templates DesktopSettings2013.xml and RoamingCredentialSettings.xml are Synchronous settings,which means that they are stored on the Central Store during Logoff and applied during Logon. Taking a look at the template we see the reference to <ShellProcess/> rather than <Filename>.

“…<Processes>
  <ShellProcess/>..”

In this scenario I’m particularly interested in storing Windows credentials. And here’s why. In this Scenario I’m running Office 2013 Click To Run to be able to provide the Full Office experience as RemoteApps, connected to Office 365. When opening Outlook on the RD Session Host for the first time a user will need to authenticate against Office 365 and in some scenario’s, also provide authentication to activate Office (based on shared activation). This results in 2 credentials being stored in the Credential Manager. I obviously don’t want to force users to provide those credentials at every logon, so the RoamingCredentialSettings.xml offers the solution here. Storing & applying Windows Credentials using RoamingCredentialSettings.xml works fine for both a Client OS as well as Server OS in case of Remote Desktop Services.

------------------------------------------------------------------------------------------------------------
Here’s comes the catch;

When using UE-V on Remote Desktop Services, Synchronous OS settings only work when using a Full Desktop, Synchronous OS settings don’t work when using Published RemoteApps!
-----------------------------------------------------------------------------------------------------------

I have been working Microsoft Support on this issue, and asked them following question:

“…Is storing synchronous settings (RoamingCredentialSettings and DesktopSettings) supported / even possible in a Microsoft RDSH scenario when using Published RemoteApps (instead of Full Desktop)? I ask this because there is an important difference between RemoteApp and Full Desktop related to the Shell, which in turn is related to storing synchronous settings.
I quote:
“…Rdpshell.exe is the shell, the RemoteApp equivalent of Explorer.exe. It keeps track of changes to application windows (for example, opening and closing) and sends them to the client-side components so that the application window visible to the client behaves exactly like the application window in the invisible shell..”
Source:
Windows Server 2008 R2 Remote Desktop Services Resource
by Christa Anderson & Kristin Griffin.

Microsoft support then reached out to the MDOP Product team in the US, and they came back with the following confirmation.

UE-V is designed to only synchronize asynchronous OS settings in remote app sessions on session disconnect. The customer’s conclusion is right on target. Synchronous OS settings are tied to a full desktop, which uses explorer.exe as the shell rather than RdpShell.exe.

I was unable to find any Microsoft Documentation on this, so decided to share this here. Be aware of this when using RemoteApps and UE-V. In those scenario’s UE-V will only be triggered to store asynchronous settings. All Synchronous OS settings, including i.e. Desktop Settings & Windows Credentials won’t work in that scenario.

Thursday, August 20, 2015

Microsoft Edge in Windows Server 2016 (Technical preview 3)

As you might have heard, Windows Server 2016 Technical Preview 3 is out and available in both Windows Azure IaaS, as well as in MSDN.

One of the new features in the Preview release is that Microsoft Edge (the new browser which is also available in Windows 10) is now also available in this preview release of Windows Server 2016.

This means that users that access a Remote Desktop Services deployment where a full desktop is deployed, can now also use Microsoft Edge is their remote session.

Below is an example where Microsoft Edge is used on a Remote Desktop Session Host deployed as part of a Session Based Desktop Deployment based on Windows Server 2016 Technical Preview 3.

image

For an overview of all new features related to RDS also see: What's New in Remote Desktop Services in Windows Server 2016 (Technical Preview 3)

For more information on Microsoft Edge visit: https://www.microsoft.com/en-us/windows/microsoft-edge

Wednesday, August 19, 2015

What's New in Remote Desktop Services in Windows Server 2016 (Technical Preview 3)

As part a series of articles called “What's New in Windows Server 2016 Technical Preview 3” Microsoft has published an article containing a summary on what is new in Remote Desktop Services in Windows Server 2016.

  • Personal session desktops

Administrators can now deploy server-based personal desktops in Windows Server 2016. With personal session desktops, each user gets an assigned RD Session Host (RDSH) VM - the admin can optionally enable administrative rights for users. See Introducing Personal Session Desktops by Clark Nicholson for more information.

  • Support for Gen 2 VMs

You can now use Gen 2 VMs (virtual machines) with Remote Desktop. You can use Gen 2 VMs as template images for pooled/personal VM collections and personal session desktop collections. There's no additional configuration required, so deploy at will.

  • Pen remoting support

Pen devices - like those available with Surface Pro 3 devices - are now supported for use through Remote Desktop connections. Technically, you always could use the pens, but it was treated like a mouse. Now we treat pen devices as equal to your mouse, fingertip, and keyboard. David Bélanger has a great post covering how to use pen remoting.

  • Edge support in RDSH

You may have heard that we released a new Web browser - Microsoft Edge. Test Edge in Remote Desktop to see how it handles your apps and meets your needs.

  • OpenGL applications and guest VMs in Remote Desktop

RemoteFX vGPU support in Windows Server 2016 adds support for OpenGL applications and Windows Server 2016 guest VMs. Check out the RemoteFX vGPU information in the RDS blog to get more details and step-by-step instructions on how to test this support.

  • Windows Multipoint Services

Multipoint services is a low-cost, single-server multi-user solution that is easy to deploy and easy to manage. Multipoint is now part of Windows Server 2016 as an optional role, instead of a separate product. When you enable the Multipoint services role, we also install RDSH.

For more details on this new feature, particularly an FAQ, see Tanmay Bhagwat's post on MultiPoint Services on the RDS blog.

  • Client updates

We regularly update our Remote Desktop clients - see Microsoft Remote Desktop Clients for the latest details.

But, in particular, you should check out these:

Remote Desktop preview app for Windows 10 - You can get it from the Microsoft store on any device running Windows 10 or Windows Server 2016 Technical Preview.

Remote Desktop preview app for Mac - You can get it from iTunes.

New Azure RemoteApp feature: Link existing vnet to cloud collection

There is a new feature available in Azure RemoteApp! Linking an existing vnet to an Azure RemoteApp Deployment. We as MVP’s have been testing this in beta, and the feature is General Available today. The feature was previously only available for Hybrid Deployments. Also making this possible for Cloud Deployments will create a new set of scenarios if you’re already using other Azure services such as SQL or Azure IaaS without the need to setup a hybrid deployment with domain join and AD Sync services.

If you create a new Azure RemoteApp Deployment with vnet (also called hybrid deployment) you now have the option to select ‘no’ for join local domain. You might think, “wait wasn’t this all about a new feature for Cloud Deployments?” Yes it is! but what we are in fact doing here is setting up a Hybrid Deployment, but than without the domain join, essentially making this a “Cloud Deployment”. This also means that Cloud Deployment and Hybrid Deployment are now moving closer together. In fact, the only true difference between the 2 deployments is whether or not you join to a local domain. A next logical could be that these 2 deployments will eventually merge into one.

image

This will result in a step-by-step guide similar to the one you get when deploying the full Hybrid Collection, but in this case we obviously don’t have to configure the join local domain part.

image

After selecting the template image, the App Collection will start to provision immediately.

image

After the collection has been provisioned we’re able publish applications and add users similar to any other Azure Remoteapp deployment. When publishing cmd.exe as a test we’re able to confirm that we received an IP from the existing vNet and that we can access server resources, in this case a server running in Azure IaaS within the same vNet.

image

And here we are accessing a file share on that File Server, located in Azure IaaS

image

This is obviously a simple example, but you can imagine we could access any FileServer, Application Server, Database Server et cetera hosted in the vNet.

As explained in the introduction, this ability creates new opportunities to use Azure RemoteApp in specific scenarios to publish applications that require a server backend, but not necessarily a full environment with Active Directory and AD Sync in place.

The Microsoft RDS Team has confirmed that PowerShell support will soon follow!

The RDS Team also introduced this new feature here: http://blogs.msdn.com/b/rds/archive/2015/08/18/how-to-link-an-azure-remoteapp-collection-to-your-existing-azure-virtual-network-without-domain-join.aspx

Wednesday, August 12, 2015

New Azure RemoteApp client supporting pinning to local Start Menu / Start Screen is now publicly available!

We have been waiting for this one!

In April We were given a first look at a new feature of the Azure RemoteApp client. Also see Azure RemoteApp: First look at pinning Azure RemoteApp shortcuts to the Start Screen! This allows pinning a RemoteApp to your local Start Screen and means that you no longer need to constantly switch to the Azure RemoteApp client to a launch a RemoteApp. In fact, after the initial sign in, you can even close the client and still launch a RemoteApp directly from the Start Screen.

Benny Tritsch and I had also performed a demo of this feature while it was still in private beta at the BriForum 2015 Conference in London last May, during our session called “Unfolding the Azure RemoteApp Magic

The feature is now publicly available! If you open the Azure RemoteApp client, the click once application will automatically update.

image

And after you log on, you will be presented with a note in the client stating “Find all your apps in the Start menu All apps list”

image

The RemoteApp applications are now available and ready to launch from the local Start Menu. In my case Windows10, but this is also supported for Windows 8 and Windows 7.

image

From here the shortcuts can be pinned to the Start Menu as desired.

image