Category: Blog

Posted on

Virtual Engine Releases the Free RES Showcase

Virtual Engine announces the launch of the free RES Showcase, a cloud-hosted demonstration environment that gives RES resellers the ability to show customers and prospects the latest innovations in dynamic desktops, desktop management and IT automation. The new service will assist partners in the development of sales opportunities, as well as making it simple for Virtual Engine to deliver training on RES products.

Steve Jackson, Vice President Channels and Strategic Alliances, RES Software commented, “Virtual Engine has an extremely strong track record in helping our partners and customers to get the most from their RES Software implementations, both around management of the desktop and automation of IT processes. This new portal will provide our partners with an easy way to help customers evaluate how they can make use of dynamic desktop solutions within their own environments to reduce costs and improve the management of users across multiple desktop delivery platforms.”

The free RES Showcase from Virtual Engine is designed to allow you to evaluate and perform Proof of Concepts (PoC) in a pre-installed and pre-configured demonstration environment. Included in the RES Showcase are RES Workspace Manager, RES Automation Manager, RES Service Orchestration, RES VDX with Subscriber, Citrix XenApp, Microsoft App-V and Exchange 2010.

Posted on

RES Workspace Manager VDX Options Explained

When delivering RES Workspace Manager training there can be some confusion over some of the settings available when integrating it with RES Virtual Desktop Extender (VDX). The purpose of this post is to attempt to clarify what option does what!

image

  1. This is the global option that will enable or disable the RES Workspace Manager and VDX integration, i.e. the ability to run applications as a “Workspace Extension”. Note: If this option is disabled and the RES VDX Engine is installed, there is potentially nothing from stopping this running, just you won’t get the RES WM integration, i.e. licensing etc.
  2. If this option is enabled then the VDX Engine process will be started. By disabling this option you will effectively be turning on the legacy RES Subscriber/Workspace Extender functionality only.
  3. If you have the VDX Engine installed, then this option will enforce the VDX settings to take preference over the RES Subscriber/Workspace Extender, e.g. options 7 – 13 and the Z-ordering improvements. Don’t disable this option if deploying RES VDX!
  4. Depending on the setting chosen the following taskbar behaviour will occur:
    1. Autodetect: The behaviour as defined in the Display Settings section will be honoured, i.e. the configuration of the remote session display.
    2. Yes: The taskbar of the local session will always be hidden regardless of the remote session display configuration.
    3. No: The taskbar of the local session will never be hidden. Note: with the RES Subscriber/VDX Shell, the taskbar is hidden by default.
  5. Depending on the setting chosen, the following client application pass-through behaviour will occur:
    1. Autodetect: If running client application window will be obscured by the remote session, it will automatically be displayed in the remote session.
    2. Yes: All running client applications will be automatically displayed in the remote session.
    3. No: No existing client applications/processes will be displayed in the remote session when it’s first started. Note: this does not prevent reverse seamless applications from being launched from the remote session!
  6. If selected, when a user logs off a remote session, all locally running client applications will be closed (or attempted to be closed!) before the remote session is ended.
  7. Enable this option if you which users to be able to access the system tray icon and enumerate the applications present in the user’s local client Start Menu.
  8. Enable this option if you which users to be able to access the system tray icon and enumerate the applications present in the user’s local client Desktop.
  9. Enable this option if you which users to be able to access the system tray icon and enumerate the applications present in the local client System Tray.
  10. Client applications can be excluded from the VDX seamless window integration by entering the process name, i.e. pnagent.exe.
    1. Multiple processes should be separated with semicolons.
    2. Processes can still be launched, but will not be displayed in the taskbar the remote session and Z-ordering will not be implemented.
  11. If you wish client applications to be unavailable via the System Tray integration, enter the process(es) here.
    1. Multiple processes should be separated with semicolons.
    2. If a client process is excluded, it will not be displayed in System Tray Start Menu or Desktop folders.
  12. Allows you to override the default VDX pop-up balloon title (a).
  13. Allows you to override the default VDX pop-up balloon text (b).
    1. This text is also displayed at the top of the VDX system tray Client Start Menu/Desktop window (c).

image

SNAGHTML6c0f49e

Display Settings

The following information has been taken from the RES VDX User Guide and is used when configuring the Local Client Taskbar integration in option #4 above:

VDX supports several display scenarios. Each scenario may require specific settings. For an overview of these settings, see Setting up the Behavior of the RES VDX Engine (on page 10). Some examples of supported scenarios are:

A single display

In this scenario, both the local desktop and the remote desktop are run on the same display. The remote desktop is the visible desktop, showing both remote applications and local applications. The local taskbar is obscured if the remote session is maximized. With the remote session at a smaller size, the client taskbar is shown twice, once in its original position on the client and once integrated in the remote session.

A dual display setup with the remote desktop spanning both displays

In this scenario, both the local desktop and the remote desktop span both displays. The remote desktop is the visible desktop, showing both remote applications and local applications. The local taskbar is obscured if the remote session is maximized on the first monitor or if both sessions are maximized. 

A dual display setup with the local desktop running on the primary display and the remote desktop running on the secondary display

Both taskbars are displayed. 

A dual display setup with one remote desktop running on the primary display and another remote desktop running on the secondary display

Both remote desktop taskbars are displayed. Client windows can be moved from desktop to desktop.

I hope this helps clarify things for someone! Iain

Posted on

Replacing the default XenServer WSS Certificate

Something a little bit different from the normal RES related posts this time. During the deployment of the Demo Showcase platform we needed to replace the SSL certificate used by the XenServer Web Self Service (WSS) servers. Reviewing the WSS documentation revealed very little about how to achieve this. As you can see the user and installation guides offer very little guidance!

image

Much to my surprise, I couldn’t locate a web resource that details how to do this, i.e. generate the required ssl.crt and ssl.key files. There are lots of snippets of information but no simple post that details the requirements nor the steps to perform. This is my attempt to rectify this situation!

Pre-requisites

Before you begin there is the assumption that you have the following prepared/installed:

  1. The required SSL certificate has been exported into .PFX format (and you know the private key password!);
  2. You have OpenSSL is installed;
  3. WinSCP (or other SCP client) is installed.

Converting the Certificate to a .CRT and .KEY Pair

The WSS appliance expects the certificate and private key to be provided as two separate files rather one as contained in the .PFX (or .PEM) file. We can generate the correct files by utilising the OpenSSL tools. The secret to this part is to ensure that the generated .KEY file is not encoded with a password. If there is, you’ll receive an error when attempting to start the web service on the WSS appliance.

To export the certificate (.CRT) component from the .PFX file run the following OpenSSL command: openssl pkcs12 -in <ssl-certificate.pfx> -clcerts -nokeys -out <ssl.crt>

To export the private key (.KEY) without a password, run the following OpenSSL command: openssl pkcs12 -in <ssl-certificate.pfx> -nodes -nocerts -out <ssl.key>

Transferring the Certificate Files to the WSS Appliance

Once you have the required .CRT/.KEY file pair, you’ll need to copy them to the Web Self Service appliance. This is a fairly straightforward process but requires enabling the SSH daemon on the appliance first. To do this you’ll need to connect to the WSS appliance console via XenCenter. Once you’ve logged onto the console, issue the following command: service sshd start

You’ll also want to stop the Web Self Service process by running the following command: service webss stop

After the SSH service has started and WSS services are stopped, you can now copy the .CRT and .KEY files to the /root/sse/conf directory via WinSCP (or your tool of choice). Note: you might want to rename the original .CRT and .KEY files before copying the replacements in!

Restart the WSS services by executing: service webss start

All being well, you should receive no errors and when browsing to the WSS homepage you should not be warned about the SSL certificate! Here’s an example using a certificate with the Common Name set as the default sse-https-server.

image

Simples! I hope someone finds this useful one day! Iain

Posted on

RES Automation Manager 2012 Global Variables

Unfortunately, this post is a mixture of both good and bad news. In my humble opinion, I feel that RES have missed a trick with their implementation of Global Variables in RES Automation Manager (AM) 2012 and here’s why.

In all the furore surrounding the RES AM 2012 release, Global Variables are supposed to herald the completion of multi-tenancy implementations. For example, multiple departments and/or customers can be co-located on the same database and share the platform without any visibility or potentially any knowledge of who else is utilising the infrastructure. If you’re after an introduction into the RES AM Global Variables I suggest you take a look at Rob Aarts’s article on RESguru or watch Grant Tiller’s demonstration on REStutorials.

Resources and Global Variables

It was my assumption (obviously incorrectly) that we would be able to use Global Variables with file server resources. In a multi-tenant implementation, I wouldn’t necessarily want all administrators uploading file resources to the database and bloating the tables with BLOBS. When we add files stored on a file share to the RES Automation Database, the UNC path is stored along with the entry in the database. This isn’t necessarily a problem, assuming that all RES Automation Manager agents can resolve this path. Unfortunately, in a multi-tenant environment this may not be the case.

Enter Global Variables. Wouldn’t it be a great idea if we could use a Global Variable in the UNC path of a file resource?! As long as we make sure that folder structure is the same for each “customer” site we could set the Global Variable to the customer’s file server at the Team or if needed, Agent level. Even within a single organisation, Global Variables would enable us to use local file servers without having to implement DFS-R etc.

Being RES Consultancy Partners we could also use this process when designing our Building Blocks. For example, we could upload the required resources for a XenApp build to a file server, import the RES Automation Building Blocks and change the Global Variable(s) to point to the customer’s file server instead. No longer would we need to either perform a mass “find and replace” within the Building Block files or upload 5GB of data into a database. Happy days Smile.

As you’ve probably guessed, this doesn’t work. DOH! When we attempt to insert the Global Variable by right-clicking the file path we’re not given the option:

image

Manually entering the Global Variable placeholder, e.g. ^[GlobalVariable] doesn’t work either. There is, however, a workaround.

Resources, Global and Environment Variables

Now that we know we can’t use Global Variables at the resource level, I do know that we can use Environment Variables. If we just so happen to use an environment variable and that environment variable just so happens to be set to a Global Variable’s value, it just might work…

Firstly we need to pick a variable to use and in this example I’ll use ’RESAMRESOURCES’ as it’s unlikely to clash with any other environment variables. We define the Global Variable and set the value to our file server’s share (you can always override this at a Team/Agent level or when importing Building Blocks where needed):

image

Next, when adding a file resource we can browse the target file and override the UNC path and enter an environment variable. In this example I’ll use the %RESAMRESOURCES% to point to the required file server.

image

All that’s left to do is assign the environment variable before any module that we want to use this resource. Fortunately, RES Automation Manager has a task to do just this. In my example I’ve created a job-based environment variable. We could always set this as a persistent machine-based variable via AM too.

image

Once we’re done, our completed module will look a lot like this. Note: the job-based environment needs to be set before we execute a task that references the file server resources, in our case, the Unattended Installation of Foxit Reader task.

image

When we export our Module as a Building Block we now have a fully portable module that can be imported into any environment without storing the resource(s) in the database! All we need to do know is use Global Variables to define the credentials used to connect to the file server..

Resources, Global Variables and Credentials

This is where the house of cards falls down around us.. We’ve managed to trick RES AM into using file resources with Global Variables. However, as the RES Automation Manager service runs under the Local System account, it has no access to file resources located on file servers. To overcome this issue, we need to embed the credentials in with the resources. Again, you would assume that you could use the Credentials type of Global Variables to achieve this.

image

I’ve tried unsuccessfully to get this work, even my manually specifying the ^[GlobalVariable] placeholder. Perhaps I’m the only one, but what about password changes? If we embed the credentials with the resource, using a Global Variable for this would make perfect sense. Currently, we don’t change the password associated with the RES Automation Manager resources as this requires us to update each individual resource. If they were based on a Global Variable we’d have a simple way to update the password, maintain security and pass an audit with flying colours!

I can only assume that this is either technically difficult to implement or is an oversight. As a result, we’re still left have to either do a mass “find and replace” in our Building Block files when implementing RES Automation Manager at customer sites or uploading large binaries into the database. Other than this, I think Global Variables are a brilliant edition and hopefully they will be coming to RES Workspace Manager too Smile with tongue out.

Many thanks for reading. Iain

Posted on

VET v1.1 Released!

Virtual Engine are pleased to announce the general availability of version 1.1 of the Virtual Engine Toolkit (VET). The latest Windows installer and documentation is available for download now on the Virtual Engine web site.

We’ve put together a short overview video demonstrating each new feature. In the “What’s New” video we cover the following features:

  • Conversion of Group Policy Objects to RES Workspace Manager building blocks;
  • Conversion of Active Directory published printers and site definitions to RES Workspace Manager building blocks;
  • Direct import into the RES Workspace Manager console;
  • Multiple profile updates with the Profile Update Utility (PuU);
  • Ad-hoc registry changes in the Profile Update Utility (PuU).

For more videos on the Virtual Engine Toolkit, please check out our YouTube channel.

Posted on

HP Thinpros and Windows 2008 R2 Remote Desktop Services (RDS)

I’ve been sitting on this blog for a while; so I thought it was about time I published it! Just recently we’ve been working with a client that was going through a desktop transformation process from Windows XP to HP thin client’s using a shared desktop on Windows 2008 R2 Remote Desktop Services (RDS). I’m not going to expand on why they chose Microsoft RDS over Citrix XenApp 6.x or why they chose Linux-based thin clients over Windows Embedded clients. Let’s just say that money did come into the equation.

What I’m going to cover in this post are the issues I’ve encountered whilst using the HP t5565 Linux-based thin clients with Microsoft’s RDS.

Remote Desktop Services Connection Broker

Lets start with the BIG one; they do not support the Remote Desktop Connection Broker (RDCB) or should I really say the open source rdesktop doesn’t! Now when I mean they it’s not supported, it can imply that it will work fine (but please don’t ask the vendor to help if any issues arise). In this case it simply doesn’t work. When the RDCB tries to either load balance or reconnect a disconnected session you will face a situation where you enter your login credentials then the session seems to just drop. If you are lucky your load balancer or round-robin DNS will direct you to the correct server, but this is just the laws of probability in action.

I should point out that this point will probably be an issue for any thin clients that are Linux-based and and utilising the rdesktop client. I have heard rumours that FreeRDP does work with the RDCB but I’ve not tried that myself so can’t confirm this; though this forum post does suggest it will work.

Bitmap Caching

Using “Bitmap Caching” in the rdesktop settings causes the screen to freeze randomly; so you have to way up the pros and cons of leaving it turned on. The benefits of enabling the bitmap cache is to minimise the amount of data transferred between the RDP client and server. However, this introduces the screen freezes. As a result, I went with disabling the bitmap caching to improve the user experience – the client had a well connected network so latency etc. was not an issue.

Other Issues

  1. Drawing shapes in Office 2003 will cause the screen to freeze and the system will become unresponsive – Resolved with this forum post.
  2. Using a second monitor to extend the primary display doesn’t work i.e. only show the taskbar on the primary display. What happens is screen spanning occurs therefore the taskbar is split across both monitors and the “Ctrl+Alt+Del” dialogue appears slap bang in the middle of where the monitors join – Resolved with this forum post (though I haven’t had time to test this myself).

I think the moral of this story is to try before you buy and then try some more! If you want to use the RDS Connection Broker then go for a Windows Embedded thin client, if indeed you want to use a thin client. Taking this approach may save you a lot of headaches going forward.

Nathan

Posted on

Scheduled RES Software Courses Q1 2012

Virtual Engine are proud to announce the availablility of official RES Workspace Manager 2011 and RES Automation Manager 2011 scheduled courses for Q1 2012, in London.

Both courses will be held in March on the following dates:

  • RES Workspace Manager: 05/03/2012 – 08/03/2012;
  • RES Automation Manager: 12/03/2012 – 14/03/2012.

For further information on pricing and availability please contact us.

Posted on

What’s New in VET v1.1

With the public release of the Virtual Engine Toolkit (VET) v1.1 just around the corner, we’ve put together a short overview video demonstrating each new feature. In the “What’s New” video we cover the following features:

  • Conversion of Group Policy Objects to RES Workspace Manager building blocks;
  • Conversion of Active Directory published printers and site definitions to RES Workspace Manager building blocks;
  • Direct import into the RES Workspace Manager console;
  • Multiple profile updates with the Profile Update Utility (PuU);
  • Ad-hoc registry changes in the Profile Update Utility (PuU).

For more videos on the Virtual Engine Toolkit, please check out our YouTube channel here.

Posted on

Updating Mandatory Profiles Part 2

Having seen that our original Updating Mandatory Profiles post is quite popular, I thought I’d follow it up with an update. The process described in the first post is quite labourious and error prone. I’d like to make people aware of how quick and easy the Profile Update Utility (PuU) makes updating a mandatory profile with ActiveSetup keys.

Here’s the new process:

  1. Obviously you’ll need to have downloaded (it’s free) and installed VET.
  2. Once installed, simply launch the Profile Update Utility.
  3. Select your mandatory profile by clicking the “Browse” button (step 1).
  4. Check the “Merge HKEY_CURRENT_USER ActiveSetup keys” checkbox (step 2).
  5. Click the “Go” button (step 3).

It doesn’t get much simpler than that! Note: This will merge the ActiveSetup keys from the currently logged on user. Therefore, you need to perform this action on a machine that you’ll be using the mandatory profile on.


The “Output Options” at the bottom of the PuU windows could probably do with some explaination as there is sometimes some confustion.

  1. Update Original Profile: Overwrites the source (Step 1) profile.
  2. Backup Profile: Copies the source profile (in Step 1) to a .bak file and then updates the original.
  3. Create New Profile: Copies the source profile (in Step 1), renames the original (in Step 1) to a .bak file and then updates the new copy.

Which option you use is up to you depending on how you manage the lifecycle of your mandatory profiles.

Enjoy – Iain

Virtual Engine Limited
450 Brook Drive, Green Park, Reading RG2 6UU