Module 3: Deploying Virtual Desktops with Windows Server 2012 and RDS

Windows Server 2012 ||

Agenda• Remote Desktop Services components and

configuration• Benefits and architectural overview• Improvements in Windows Server 2012• High availability for server roles• RDS broker configuration

• Configuring custom VDI with Server Manager• Implementing high availability• Patching and updating pooled and personal collections

Windows Server 2012 ||

Remote Desktop Services Architectural Components

SMB, SANs, or direct attached local storage

Windows Server 2012 ||

Improved Administration Experience• New Server Manager-based tools

• Both sessions and VMs benefit from the improved management and deployment experience

• Centralized administration console*• Administer groups of servers• Configure RemoteApp programs• Manage virtual desktops • Add servers

• Automation through Windows PowerShell• Manage at scale using Windows PowerShell

* Existing consoles, such as RemoteApp Manager and RD Session Host Configuration, have been removed and most-used functionality moved to the central console

Windows Server 2012 ||

Lower Cost Deployments• Support for cheaper storage options

• Use inexpensive local storage with live migration functionality between host computers for pooled virtual desktops

• Personal virtual desktops can use SMB-based central storage

• Automated pooled virtual desktop management• Deploy and manage pooled virtual desktops centrally by using a virtual desktop template• Remote Desktop Services installs any changes, such as new applications or updates, in the

virtual desktop template and then recreates the pooled virtual desktops from the template

• Highly available RD Connection Broker• The RD Connection Broker can be clustered in an active/active configuration to improve

deployment scalability, performance, and availability

• Personal desktop patching• Patch personal desktop VMs while they are running, or let RD Connection Broker wake them to

apply patches

Windows Server 2012 ||

Lower Cost Deployments• Scenario-based deployments

• Installation will install the required role services to support the type of deployment you want (session virtualization or VDI)

• Simplified evaluation • A quick deployment scenario installs required role services to support a session

virtualization or VDI deployment on one server

• Centralized publishing• Publish and manage RemoteApp programs, session-based desktops, and virtual desktops

from a centralized console

• Simplified interface• Remote Desktop Services management UI displays commonly-used features• Less-used features often are managed from Group Policy or from the RDS Windows PowerShell provider

Windows Server 2012 ||

Desktop Virtualization (VDI) Deployment Modes• Desktop Virtualization (VDI)• Standard• Installs appropriate roles on separate computers

• Quick Start• Installs the RD Connection Broker and RD Web Access role services on

a single computer• Creates a pooled virtual desktop collection with two pooled virtual

desktops based on a virtual hard disk that’s the virtual desktop template

• Creates a Hyper-V network switch named RDS Virtual

Windows Server 2012 ||

VDI Infrastructure Requirements• The server must have hardware-assisted

virtualization• The computer must be a member of the domain • The RD Connection Broker role service cannot be

installed on the same computer as Active Directory Domain Services

• Administrator must belong to the local administrators security group

• A network share configured for storing user profile disks is required• All RD Virtualization Host computer accounts must have the ability to read

and write to this location

Windows Server 2012 ||

VDI Infrastructure Requirements• A virtual desktop template

• A pre-configured virtual machine that is generalized by using Sysprep and then shut down

• NOTE: the final sysprep of the virtual machine must be performed without using the /unattend switch

• VDI Quick Start• The virtual desktop template (a virtual hard disk)• Must be generalized by using Sysprep (Virtual Machine Mode), and then shut down• A virtual switch must NOT be created on the server running Hyper-V (the Quick Start

deployment type creates one)

• VDI standard deployment• The virtual desktop template must• Have the correct virtual switch selected• Be generalized using Sysprep (Virtual Machine Mode), and then shut down

Windows Server 2012 ||

Preparing the Master or Gold VM (Virtual Desktop Template)• Configure a desktop virtual machine on the

Hyper-V server• Snapshots ARE supported for the template VM• The VDI creation process will use the currently active (“Now”) snapshot

• If static memory is configured, the minimum amount is 1024 MBs• If dynamic memory is configured, the maximum memory must be at least

1024 MBs• If using the standard deployment model, the master VM must be

connected to a virtual switch that can communicate with a domain controller• Note: Quick Start creates a virtual switch

• Install the operating system and any applications that need to be included in the template VM• OS must be at least Windows 7 with SP1 or Windows 8• Installed in a workgroup• VMs are automatically joined to the domain specified in the VDI wizard

Windows Server 2012 ||

Preparing the Master or Gold VM (Virtual Desktop Template)• Apply any patches or updates to the VM as

required • Make any other configuration changes as

required• For example, you can create a customized default profile• Note that this would require you to use Sysprep and an unattend.xml file with the

CopyProfile setting set to TRUE in the specialize phase of Windows setup • In this case, you must generalize the image and then run through the Out-of-the-

box experience (OOBE) set up again before the final preparation of the image • In the virtual machine, run the following

command from Windows\System32\Sysprep directory• Sysprep /oobe /generalize /mode: vm

Configuring custom VDI with Server Manager

Windows Server 2012 ||

Quick Start Wizard

1

2

3a

3b

a - VDIb - Session

Windows Server 2012 ||

1

2

3a

3b

a - VDIb - Session

Standard Deployment

Windows Server 2012 ||

a - VDIb - Session

4a 5

4b 6

Standard Deployment

Windows Server 2012 ||

a - VDIb - Session

7b

7a

8

If compatibility check succeeds, deployment proceeds

Standard Deployment

Implementing High Availability

Windows Server 2012 ||

Database

Remote Desktop

Connection Broker

High Availability for All RDS Roles

18

Remote Desktop Web

Access

Remote Desktop Gateway

Remote Desktop Licensing

Remote Desktop Session Host

Remote Desktop Virtualization

Host

Remote Desktop Web

Access

Remote Desktop Gateway

Remote Desktop Gateway

Remote Desktop Virtualization

Host

Remote Desktop Virtualization

Host

Remote Desktop Session HostRemote Desktop

Session Host

Remote Desktop Licensing

Remote Desktop Licensing

Hyper-V cluster

Web farm

Cluster

Remote Desktop Session Host

farm

Remote Desktop

Connection Broker

SQL Server Clustering

Remote Desktop

Connection Broker

Remote Desktop

Connection Broker

• Active/active high availability mode for brokers

• Scale-out File Server and resiliency• Requires Microsoft SQL Server• Automatic data migration from single

instance to high availability

New in Windows Server 2012

Remote Desktop Web

Access

Web farm

BEST VALUE FOR VDI

Windows Server 2012 ||

Configuring RD Connection Broker for High Availability

Remote Desktop

Connection Broker

01

Remote Desktop

Connection Broker

02

Remote Desktop

Connection Broker

03

SQL Server Cluster

RD Virtualizatio

n Host

Hyper-V

cluster

Remote Desktop

Session Host

DNS

HA Central Certificate Store

RD Client

RD GatewayRD Gateway

Farm

RD Session Host Farm

Windows Server 2012 ||

High Availability RD Connection Broker Configuration Pre-Requisites• SQL Server (at least SQL Server 2008 R2) for RD Connection Broker

servers to use• SQL Server configured with full permissions granted to RD

Connection Broker servers• Windows firewall on SQL Server server configured to “Allow SQL

Server Access” from connection brokers• Network folder to store SQL Server database files (can be created on

SQL server computer)• SQL client installed on connection brokers• Static IP addresses configured on the connection broker servers• DNS A resource records for each of the static IP addresses that point

to the same, shared name (enables DNS round robin)

Windows Server 2012 ||

RD Resource Authorization Policy (RAP) Configuration for Highly Available Connection Brokers

• When deploying an RD gateway server, ensure you configure a RAP that includes the shared (round robin) DNS name of the RD Gateway-managed group

• This setting allows RD Gateway users to connect using the DNS name

Windows Server 2012 ||

High Availability Configuration Broker Configuration

• Starting point for enabling high availability is to configure a single RD Connection Broker for either virtual machine or session-based deployment

• In Server Manager, configure RD Connection Broker for high availability

• Enter SQL connection string, database folder, and DNS round-robin name

Windows Server 2012 ||

High Availability RD Connection Broker Results• Local connection broker data migrated to SQL and the connection

broker will start using SQL for data immediately• In Server Manager, the option to add additional connection broker

servers to is enabled• If the RD Connection Broker role service is not already added to the server, it will be added

automatically• RD Connection Brokers use SQL to store data• The RD Virtual Host, Session Host and Web Access (end nodes) are

configured with all the RD Connection Broker server names• Will choose a connection broker name at random to connect to

• RDP clients use the DNS round-robin name• If any RD Connection Broker loses connection to SQL, all connected

end nodes are immediately disconnected and will try to establish connection with other connection brokers

Patching and updating pooled and personal collections

Windows Server 2012 ||

Patching and Updating Pooled Collections

• Accomplished by updating the master template / reference VM and then recreating the virtual desktops in the collection• When a user logs on, he or she will

receive the updated virtual machine• If a user is logged on, the virtual

machine is unaffected by default until the user logs off• Administrators can force an immediate

logoff so the virtual machine can be updated in urgent situations or force a logoff according to a schedule

Windows Server 2012 ||

Using Snapshots for Pooled Collections• The template / reference virtual machine for a pooled collection is

the ‘now’ snapshot of a virtual machine• All reference VMs must be generalized before they can be used to

provision or recreate a virtualized desktop• As best practice, start with a snapshot of an ungeneralized

Windows 7 or Windows 8 virtual machine• Generalize, shutdown, and create new snapshot

• The ‘now’ snapshot reflecting the generalized state will be used to (re)create the virtual desktops

• When updating a VM, revert to ungeneralized snapshot, delete generalized snapshot, update VM, generalize, shutdown. and snapshot• These steps are particularly important for unarmed versions of Windows 7 • Each sysprep operation consumes one of the 4 rearms available in Windows 7

Windows Server 2012 ||

Updating Personal Collections• Updating is similar to physical desktops using a

periodic Windows Update schedule• If a virtual machine is running, it will be updated just as

a physical machine would be updated• Users with admin privileges may be able to update at

any time, depending on update configuration• If virtual machines are in a saved state or not running,

they will be started by the host, updated, returned to the same state prior to the update, and a VM update notification sent

• Consideration has to be given to update schedules to ensure that not all personal VMs that share the same compute and storage resources are updated at the same time