Wednesday, June 15, 2016

Azure RemoteApp session at E2EVC Dublin 2016 (the EPIC edition)

imageLast week the 30th edition of the Experts 2 Experts Virtualization Conference (E2EVC) took place in Leopardstown, Dublin and was named the EPIC edition. This event is founded and hosted by Alex Cooper and his crew. If you’re not familiar with the event check out e2evc.com for more details. In many ways this is not your average IT event. To give you an idea, E2EVC was previously called PubForum :)! Alex does a great job in making this a great experience for everyone, short session time slots allow for many speakers to present their topics and E2EVC also arranges fun evening activities.

imageAt this year’s Dublin 2016 edition I presented a session on Azure RemoteApp together with fellow RDS MVP Benny Tritsch. Our session was called “Azure RemoteApp – Past, Present & future”, the more important subtitle however was “Let’s talk ARA Use Cases!”. For this session we decided to not only present all of the awesome stuff of Azure RemoteApp but also cover the current limitations and pitfalls you need to be aware of when taking an Azure RemoteApp environment into production. We covered several real-life use cases based on our own experience and presented what we had learned from these projects. Based on these use cases we educated the audience on scenarios that are suited for Azure RemoteApp and also scenarios that are not suited or very challenging.

imageBecause of our approach, the session became very interactive and we received many great questions! The session was very well received, we had a great time and after the session we received great feedback in person as well as on twitter.

image

image
Thanks to everyone who attended our session, we appreciate the interaction, questions and feedback! I would like to thank Alex Cooper & crew for hosting yet another great edition of the E2EVC event and also congratulate them with this 30th edition! (@PinkVegasMonkey also joined us in Dublin, be sure to follow him on twitter )

imageIf you have questions on Azure RemoteApp or if you need assistance with a design, PoC or implementation, feel free to reach out to either Benny or me and also be sure to check out rdsgurus.com.

Monday, June 13, 2016

Caution when using Remove-AzureRemoteAppUserDisk in Azure RemoteApp PowerShell

You may have read my previous blog post about the announcement of new PowerShell CmdLets to manage User Profile Disks (UPD )in Azure RemoteApp, if not here is the link: User Profile Disk management for Azure RemoteApp is here!

These new CmdLets enable you to manage the User Profile Disks yourself. This is great because prior to this you had to contact Azure Support for every management task you had to do related to UPD. Check out my previous blog post for more details on the new CmdLets Copy-AzureRemoteAppUserDisk and Remove-AzureRemoteAppUserDisk.

One of the things I did run into when testing, is that the Remove-AzureRemoteAppUserDisk CmdLet does not check if the user associated with the UPD is active or not! So please be aware of this when using this command.

This is what happens when you accidentally run the command without checking if the user is active or not. The UPD is removed successfully and the user ends up with unexpected behavior in his session when trying to access application that try to contact the users profile. Basically the session becomes unreliable. Highlighted in green is the Remove-AzureRemoteAppUserDisk CmdLet that runs successfully while the user session (on the right) is active. Highlighted in red are some confirms that User Profile Disk is gone.
image

I have reported this back to the Product Team, and they are planning to have this fixed. In the meantime, be sure to confirm that the associated user is logged off prior to deleting the UPD.

Here are 2 ways to tell what users are logged on;

1. Using PowerShell and run the following command
Get-AzureRemoteAppVM -CollectionName <name of the collection>
For example below you will see that the user rdstest is currently logged on (and jwbqpqto000t is the hostname of the RDSH server)
clip_image002

2. Using the Azure Portal and opening the Session tab also allows you to confirm if a user if current logged on or not.
clip_image003

Tuesday, June 7, 2016

User Profile Disk management for Azure RemoteApp is here!

Two new great PowerShell commands are added to Azure RemoteApp! They allow for management of the User Profile Disk (UPD)! This is a very welcome update! Why? Previously, when you wanted to perform management on the UPD’s of an Azure RemoteApp collection you could not do that yourself. Instead you needed to contact Azure Support. With the new command that are you released you can manage UPD’s yourself! In order to use the two new commands, make sure you downloaded the latest version of Azure PowerShell.

Guide to check what Azure PowerShell current version you are running and how to access the latest version:
http://social.technet.microsoft.com/wiki/contents/articles/31127.azure-powershell-cmdlets-version-updates.aspx

What are the two new commands?

Copy-AzureRemoteAppUserDisk
Using this command you can copy a User Profile Disk, which was previously bound to a single Azure RemoteApp collection, from one collection to another! This is great and opens new possibilities for scenario’s where a specific user was added to a specific collection for example because of a specific application set that was published there and now needs to be moved Or, you can now move a UPD from for example a staging collection to a production collection! Awesome!

SYNTAX
Copy-AzureRemoteAppUserDisk [-SourceCollectionName] <string> [-DestinationCollectionName] <string> [-UserUpn] <string> [-OverwriteExistingUserDisk] [<CommonParameters>]


Here is the command in action where I moved the UPD for rdstest2@themicrosoftplatform.net from collection hybrid to server2016tp5 (yes I tested a collection based Server 2016 Technical Preview, and no, that is not officially supported yet :).
image

If you try to copy an UPD to a collection where an UPD for that user already exists, the command is safely ignored and the UPD in the destination collection is not overwritten, which is good!
image

In order to overwrite it, simple remove the UPD in the destination collection first, for that see the command below.

Remove-AzureRemoteAppUserDisk
This basically does what it says. Using this command, we can remove the User Profile Disk for a specific user in a specific collection. Consider a scenario where a User Profile Disk got corrupted for whatever reason, or you simply want to allow a user to start building a new profile from scratch. This is now possible!

SYNTAX
Remove-AzureRemoteAppUserDisk [-CollectionName] <string> [-UserUpn] <string> [<CommonParameters>]


Here is the command in action when I removed the UPD for rdstest2@themicrosoftplatform.net
image

The command asks you to confirm by default which you can obviously overwrite if you wanted to.

After logging on with the user a new UPD will be created, you can notice this because the initial logon will take a little longer (because of the creation of the UPD) and all profile settings are set to default, you call tell by for example opening Internet Explorer as shown below.
image

These two new commands are a great new edition to the PowerShell Cmdlets for Azure RemoteApp!

Monday, May 23, 2016

Fix Office365 performance issues with FSLogix Office 365 Containers for Citrix!

I’ve written about FSLogix in the past. About a year ago I wrote an article on masking specific applications & plugins for specific users and running various java versions on the same OS. Check it out here: Managing your Azure RemoteApp application landscape using FSLogix Apps.

FSLogix is a set of tools with an extremely small footprint and has an amazing set of features that fix really specific problems, applicable in almost any VDI or RDSH environment!

“…FSLogix Apps is a software agent that enables virtual desktop administrators to massively reduce the number of Windows Gold images, easily manage per-user applications, optimize license costs while assuring compliance, and eliminate some of their biggest problems in VDI and RDSH…”
More info: https://FSLogix.com Today, FSLogix introduces great new functionality again, fixing very common issues in any VDI or RDSH environment!

FSLogix Office 365 Container for Citrix

Consider the following scenario, you have Office 365 and want to publish the full outlook client experience to your end users supporting cross platform and available anywhere / anytime. A common scenario is RDSH of VDI either RemoteApp or Full Desktop. For the best user experience in Outlook for Office 365, outlook cache is enabled. When running Outlook on a local device, that’s no issue, the generated .OST will remain inside the user’s profile on the local device. In any RDSH of VDI scenario however, you preferably roam that .OST file. Otherwise the .OST will be regenerated on each RDSH or pooled VDI you log on to (obviously personal VDI could be an exception). If you do roam the .OST, where do you store it? How do you roam it without having to copy it to the local cached profile? Obviously many vendors offer profile options as part of their overall management suites. For example, Microsoft offers User Profile Disk (UPD). If you are not familiar with UPD, in essence is you store the entire user’s profile in a single .VHDX file on a central file server. When you log on, the .VHDX file is mounted under C:\users\<username> without having to copy any (delta) profile and making it fully transparent for users and applications. FSLogix already offers a similar solution called Profile Containers. This solution is based on the same idea as UPD, but does not have some of the downsides that Microsoft UPD has. For example, Profile Containers is not bound to a single Session Collection where Microsoft UPD is and Profile Containers can be enabled for a specific group of people, for example to exclude administrators. Essentially, FSLogix Office 365 Container for Citrix does the same thing as Profile Containers or UPD, this time however specifically for the just .OST file! Why is this interesting? This makes their solution (similar to all their products) platform & OS independent! Although the name of the product implies that it’s for Citrix only, it’s not. You can run this on top of any RDSH or VDI solution, whether its Microsoft, Citrix VMWare and independent of any existing profile management solution like RES, Appsense (now part of Landesk) you may already have. Azure RemoteApp or AWS would also make for a good use case.

How does it work?
As with any FSLogix product or solution, part of their strength is keeping things simply. There is no complex backend infrastructure needed, and the installation is extremely easy.

1. Import the ADM(X) template provided by FSLogix and create a new GPO (or leverage an existing one that is linked to the OU where your RDSH / VDI machines are located.)

2. Open the GPO and browse to Computer Configuration, Administrative Template, FSLogix. You should see the structure as shown below.clip_image002
3. First, enable Office 365 container
clip_image004 4. Next, provide a location on your (existing) fileserver (CIFS, SMB)clip_image006 5. optionally, advance settings for the VHDX can also be changed. For example, for this lab test I set the maximum Size to 1Gb and Virtual Disk Type VHDX.clip_image007 Alternatively, the settings above can also be configured directly in the registry, the root location if HKLM\Software\Policies\FSLogix
clip_image009 Install FSLogix on the RDSH Servers by using setup.exe, or deploy it using your favorite deployment tools. The setup is extremely easy, setup.exe without any configuration.clip_image011clip_image013

You can configure the environment to only apply FSLogix Office 365 Container for specific users, by modifying the group membership of the group FSLogix ODFC Include List on the RDSH / VDI machine. For this lab I did this manually, but preferably you perform this using GPO or configure it as part of your image management process.clip_image015

That’s it!

After logging on with my test user, a new VHDX file on the central location has been created.clip_image017

And inside user session profile of the active user session you can see the junction point, confirming that we are now using an OST file inside a mounted .VHDX file!clip_image019

And here is the disk in Disk Management.
image

FSLogix Office 365 Containers allows you to fix a very common issue when dealing with Office365 and RDSH / VDI. The setup is extremely easy, there’s no management backend needed. The fact that it works independent of the virtualization solution or infrastructure is awesome!

I’ll write a follow up with some performance testing!
More info: https://fslogix.com/





Tuesday, May 17, 2016

Ten reasons you’ll love Windows Server 2016 #4: Remote Desktop Services

A video was posted on Microsoft Technet where Clark NIcholson talks about Remote Desktop Services in Windows Server 2016.

“…This is post #4 in the “Ten Reasons You’ll Love Windows Server 2016” video series by Matt McSpirit, Technical Evangelist at Microsoft.

In today’s edition, Matt introduces you to Clark Nicholson, Principal Program Manager on the Remote Desktop Services (RDS) team. Clark talks about the powerful new areas of innovation his team is working on for Windows Server 2016 – graphics improvements, scale enhancements, and optimizations for the cloud. Together, these enhancements strengthen our trusted platform for partners to build secure, customized solutions for our customers…”image Source: https://blogs.technet.microsoft.com/windowsserver/2016/04/12/ten-reasons-youll-love-windows-server-2016-4-remote-desktop-services/

Monday, May 9, 2016

Using Azure File Services to store application configuration files for Azure RemoteApp

Consider the following scenario;
You are a small organization and most of your line of business applications are SaaS or web based. You want to embrace BYOD to help employees to be productive on the devices they love and have access to company applications at any time from any location. With all your applications being SaaS and web based this is relatively easy. However, what if still need to support 2 or 3 Windows Applications that you want to manage centrally. Azure RemoteApp seems to be ideal for that use case! With Azure RemoteApp there is no need to setup and maintain a complex RDS infrastructure backend and Windows Applications can be delivered to any device at any time. Some of the Windows Applications however still need access to a classic file share / drive mapping to access centrally stored application configuration files and data. What you can do is stand up file server in Azure IaaS, create a file share and publish that on the RD Session Host servers as part of you Azure RemoteApp Collection. However, that is yet another server to manage, monitor and maintain where your organization may want to move forward to a full “as a service” environment.

Why not use Azure File Services to store application configuration files for Azure RemoteApp application?

Here’s how in 4 easy steps:

1.  You create a new Azure Storage account (or use an existing one)
image

2. You create a new File service within that storage account
image

3. You create a new File Share within that File Service
image

4. You map a network drive directly to the File Share.

To be able to map a network drive, first get the Access Key by clicking the Key icon on the storage account.
image

Then open the example Net Use command by opening Connect icon on the File Share.
image
Simply copy that command and add in the Access Key you copied before. The results in a Net Use command you can use.

In scenario’s where you deployed a Hybrid (domain joined) Azure RemoteApp collection, you can use Group Policy Objects to create a logon script and create a drive mapping in every user session.
image

As a results, the end users’ applications will have a drive mapping available to store and share application configurations settings.
image

In scenario’s where you deployed a Cloud (non-domain joined) Azure RemoteApp collection, you can place the same logon script inside the Azure RemoteApp template image. For more information on how to perform this see: https://blogs.msdn.microsoft.com/cloud_solution_architect/2016/04/08/configuring-startup-logon-scripts-for-azure-remoteapp/

Of
course, you can also create the Azure File Service inside the Azure V1 (classic) portal. The screen shots below outline the necessary steps

1. Create a Storage account (or use an existing one) 
image

2.Open the Storage account and get the Access Key by clicking Manage Access keys
image

3. Based on the access key run the following 2 PowerShell commands
image
image

4. Now create the drive mapping the same way as described above.

That’s it! An easy way to share configuration data & file for Windows Applications hosted on Azure RemoteApp.

Q Can I use Azure File Services for all File Server needs?
A Technically yes, however do note that Azure File Services does not support NTFS

Thursday, April 28, 2016

Run your Remote Desktop Server Connection Broker database in Azure SQL (Win Server 2016 TP5)

Windows Server 2016 Technical Preview 5 is out! For Remote Desktop Services, this brings a great new feature to the table! Remote Desktop Services in TP5 allows you to store the RD Connection Broker database in Azure SQL! This is a very interesting scenarios for RDS on Azure IaaS but can also be used for an on premises or hosted scenario.

How to configure this? The process of setting up RDS Deployment (Quick or Standard) via Server Manager or PowerShell in Technical Preview 5 is similar to setting this in up Windows Server 2012(R2).

Now we need to setup an Azure Database. Select New from the Azure Portal and choose SQL Database.image

In the New Server window provide a server name, logon and location.
image

Next, provide a database name, subscription and new (or existing resource group) and select a blank database. For testing purposes in my lab I selected the Basic tier but in future production environments the Tier should be chosen based on the performance needed.
image

That is basically it! The database will now be created in Azure.
image

Once it’s finished, the screen below is what you will end up with. Click “Show database connection strings” and copy the ODBC connection string and save it, you’ll need this later on.
image

From the RDMS console in Server Manager you can select the option “Configure High Availability”, still similar to Windows Server 2012 R2. In this case however, you will be presented with the option to choose a Dedicated database server or a Shared database server. For Azure Databases the option obviously is Shared database server. Note for this to work, similar to HA in Windows Server 2012 R2, you still need the SQL Server Native client to be installed on all RD Connection Broker servers.
image
image

Provide the DNS name for the RD Connection Broker, similar to setting up High Availability in Windows Server 2012. Copy the ODBC connection string you saved earlier and enter the password in the string, this is the password you provided while setting up the Azure database.
image
Double check the information and click next.
image

The Windows Internal Database is now migrated to the Azure Database
image
The Server Manager console now reflect the changes and shows “High Availability Mode”.
image

Obviously other factors now also come into play like performance, what Azure SQL Tier do I need, what connectivity is required etc. These require more in depth testing, and we still have time since this is only Technical preview, but for now it’s a great new feature that adds more options and flexible deployment scenarios of RDS on Azure IaaS or on premises! image