Desktop performance is critical to an end user happiness but in a VDI scenario it is crucial to all end users happiness.  As more and more users switch over to virtual desktops small performance gains made in each virtual machine can have a large affect on the overall performance of your VDI solution.  When using Windows 7 as the desktop OS in XenDesktop there are a few things you can do to improve the performance allowing for a better end user experience and better performance of your VDI infrastructure.

The first thing you can do is disable some services.  While this is an old trick that a lot of people did with limited success in Windows XP, with VDI there are some services that are truly not required due to the ?read-only? nature of the pooled virtual machines.  The following services can be safely stopped and disabled in a VDI scenario:

Application Experience - Processes application compatibility cache requests for applications as they are launched
Diagnostic Policy Service - The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components.  If this service is stopped, diagnostics will no longer function.
Distributed Link Tracking Client - Maintains links between NTFS files within a computer or across computers in a network.
IP Helper - Provides tunnel connectivity using IPv6 transition technologies (6to4, ISATAP, Port Proxy, and Teredo), and IP-HTTPS. If this service is stopped, the computer will not have the enhanced connectivity benefits that these technologies offer.
Offline Files - The Offline Files service performs maintenance activities on the Offline Files cache, responds to user logon and logoff events, implements the internals of the public API, and dispatches interesting events to those interested in Offline Files activities and changes in cache state.
Windows Search - Provides content indexing, property caching, and search results for files, e-mail, and other content.

You can also tweak the performance settings in Windows with the following change.  Right click on Computer and select Properties, then click Advanced System Settings, and then click Settings in the Performance section.   Click on Custom, then click Smooth edges of screen fonts and Use visual styles on windows and buttons.

Now shutdown the VM and update your XenDesktop master image.

SCVMM VDI Configuration

I recently posted a set of articles on deploying Citrix XenDesktop.  XD can use Hyper-V R2 and SCVMM R2 as it?s virtualization and management layer but doing so does require a few configuration changes to SCVMM for optimal performance.  While not mandatory they will ease management especially as your VDI infrastructure grows.

In a large (150+ hosts) environments one of the recommendations is to enable Server Optimized Garbage Collection.  Enabling this replaces the default Workstation Garbage Collection and reduces the CPU utilization on the VMM server.  Even if you do not have that many hosts in your VDI infrastrucutre it is still recommended to enable this to reduce SCVMM CPU utilization.  To enable server-optimized garbage collector (GC) on the VMM server, create a file that is named vmmservice.exe.config place it into the %SYSTEMDRIVE%\Program Files\Microsoft System Center Virtual Machine Manager 2008 R2\Bin directory on the VMM server. The file should contain the following:

<configuration>
     <runtime>
          <gcServer enabled="true"/>
     </runtime>
</configuration>

SCVMM also retains all job activity for a default time of 90 days.  In VDI scenarios where new machines are created, refreshed, deleted and so on can lead to performance problems in SCVMM.  It is suggested to change this to 7 days in VDI situations.  To do so edit the following registry key by changing the value to 7:

HKLM\SOFTWARE\Microsoft\Microsoft System Center Virtual Machine Manager Server\Settings\Sql\TaskGC

As you might know, SCVMM leverages PowerShell for all tasks.  With a large number of PowerShell scripts being run timeouts can occur therefore the timeout limit should be increased.  The default is 120 seconds but the value can be increased to a more suitable number.  The recommended value for the IndigoSendTimeout key is 300.

HKLM\Software\Microsoft\Microsoft System Center Virtual Machine Manager Server\Settings\IndigoSendTimeout

Virtual Desktops leverage differencing disks linked to a locked base image.  Again when creating multiple machine simultaneously timeouts can occur so it is recommended to increase the VHDMountTimeoutSeconds value from 600 (default) to 1800

 HKLM\Software\Microsoft\Microsoft System Center Virtual Machine Manager Server\Settings\VHDMountTimeoutSeconds

Finally there is a set of registry keys you can create to modify the refresh rate of the SCVMM database.  This can improve the performance of SCVMM as well as increase the accuracy of the reporting on host, network, storage and VM information.  You can create the following REG_DWORD keys to modify the default refresh policy.

HKLM\SOFTWARE\Microsoft\Microsoft System Center Virtual Machine Manager Server\Settings

VMUpdateInterval ? 7200

HostUpdateInterval ? 7200

VMPropertiesUpdateInterval - 1800

One final note, after applying these registry changes the SCVMM server will need to be rebooted.

VDI with Citrix XenDesktop 5?Part 5 Using Virtual Desktops

So now we have our Master Image built, deployed to our DDC and virtual desktops available to end users.  How do we access them?  Well in this set of examples we created a pool of virtual desktops and made them available via a web browser.  Supported web browsers are:

IE 7
IE 8
Firefox 3.5
Safari 4

To access a virtual desktop simply point your browser to the server where you installed the web component, in our case we installed all the components on the same server.  Provide your credentials and log on.

We altered the policy to allow users a maximum of two (2) virtual desktops.  The default is one (1).  Simply click on either desktop to launch the VM.

There is a Citrix plugin that gets installed the first time but once that is complete the user will be delivered a desktop environment

In the Desktop Studio you can see the total number of desktops as well as how many are currently in use and how many are still available.

See the rest of the series here:

VDI with Citrix XenDesktop 5?Part 4 Quick Deploy

With your Master Image now built the last part is to deploy it to your XenDesktop DDC and set some policies.  Again, Quick Deploy is the fastest way to deploy and configure your virtual desktop images and users.  In Desktop Studio simply click on Quick Deploy to start the process.

Provide the name for the XenDesktop site.

Select the virtualization host type and provide connectivity and credential information

Select the storage and network resources for the VMs

Select your master image from the list of VMs

Determine how many VMs you want in the pool as well has the number of vCPUs and Memory for each virtual desktop.  You can also specify what OU for the computer accounts.  I recommend a different OU for your virtual desktops.

Select the user(s) and/or group(s) who will be able to connect to a virtual desktop

Review the summary and then wait for the process to complete.  Depending on how many virtual desktops you requested this can take some time.

Once complete you can view the current environment in the Desktop Studio Dashboard

One final thing you may want to do to conserve power is to create a power management policy.  A power management policy will allow you to automatically start and shut down virtual desktops at specific times of the day.  A typical policy would shut down idle virtual desktops during off hours (say 6:30PM) and then start the VMs shortly before users start working (say 7:30AM).  Machines that are in use are not affected and users who fail to end their sessions will have their desktops put to sleep.

To enable a power management policy right-click QD Desktop Group and click Edit Desktop Group.  Click Power Management and then click Edit above the graph.  You can drag the lines on the graph and change the VM start/stop times

See the rest of the series here:

Introduction

Installation

Image Mastering

Using Virtual Desktops

VDI with Citrix XenDesktop 5?Part 3 Image Mastering

In part 1 of this series we looked at the system requirements and in part 2 we looked at installing XenDesktop.  Before we go any further we need to prep our master image.  The master image is the base for what gets deployed to XenDesktop users.  Using differencing disks users are quicky provisioned a new desktop based off this master image.  Whatever is included in the image is accessible to the user.  You might be wondering what about user applications?  User profiles?  Customizations?  All that is still possible and we will cover that in a later post.

The following operating systems are supported to be delivered as virtual desktops:

Windows XP 32bit with SP3
Windows XP 64bit with SP2
Windows Vista 32bit/64bit with SP1 or later
Windows 7 32bit/64bit

Creating a master image is a simple process but each step must be completed correctly for it to function properly and to prevent you from having to service it immediately after deployment.

Install one of the supported OSes as a virtual machine. 
Once the base install is complete install all hotfixes and service packs.
Install Hyper-V Integration Components
Install Virtual Desktop Agent (VDA) Note: see below for details
Install 3rd Party Applications and Plugins
- XenApp
- App-V
- Anti-virus
Join the VM to the domain

Generally applications are streamed to the virtual desktop using XenApp or Microsoft App-V and I recommend you do so as well.  This will keep the size of the master image smaller as well as make it easier to update the applications without having to also update the master image.

Installing the VDA is a straight-forward procedure, start by launching the installer and selecting Install Virtual Desktop Agent

You can choose between Quick Deploy and Advanced Install.  Quick Deploy is the fastest way to deploy the agent as you will then use the Desktop Studio to pull in the image and deploy to users.

Review the summary and install the VDA.  Once complete you will again be prompted to ensure a set of ports are open on the firewall.

Ensure these ports are open and then reboot the virtual machine.  Once it has rebooted login again and shut the VM down.  Once it is off your master image is complete.

See the rest of the series here:

Introduction

Installation

Quick Deploy

Using Virtual Desktops

VDI with Citrix XenDesktop 5?Part 2 Installation

Installing XenDesktop 5 is a pretty simple process once you get the pre-requisites out of the way.  Once you are ready to proceed simply insert the disk and launch the installer.  There are five components to install and in a larger environment you can separate these components among a number of servers if you wish.

XenDesktop Controller (DDC) ? this creates and manages the virtual desktops for users as they require them
Web Access ? by installing this users can access their desktops via a browser
Desktop Studio ? this is your management console
Desktop Director ? this is your management web site
License Server ? this component manages your XenDesktop licenses.

In this example though we will install all the components on out 2008 R2 server.  Once you have launched the installer select Install XenDesktop to start the install wizard.

Accept the license agreement and continue.  Once you have launched the installer select the components you wish to install.  By default all are selected but as already mentioned you can separate these if you wish.

There are some firewall ports that you will have to open manually depending on the components you are installing.  This is not done automatically!

Review the summary and wait for the installation to complete.

Once the installation is complete the Desktop Studio will launch and you are ready to go!

See the rest of the series here:

Introduction

Image Mastering

Quick Deploy

Using Virtual Desktops

VDI with Citrix XenDesktop 5?Part 1 Introduction

VDI or Virtual Desktop Infrastructure is a system where you use server computing to provide desktop environments to end users.  Using virtualization you can consolidate desktop resources in the same manner you consolidate server resources allowing you to maximize your hardware investment while at the same time providing the end user with the tools and experience they are used to receiving.

Microsoft, Citrix and VMware (as well as others like Quest) all provide some form of VDI or another.  Currently the most powerful and flexible solution is a combination of Citrix and Microsoft.  Citrix XenDesktop 5 incorporates into a existing (or new) Hyper-V environment allowing you to take advantage of the best virtualization platform in combination with Citrix tools for delivering virtual desktops.

In this series of posts we?ll cover deploying the XenDesktop DDC, creating a master Windows 7 image, deploying the Windows 7 image via XenDesktop and accessing your virtual desktop through a web browser.  Before we get to that we need to cover the basics.

There are a number of forms of VDI and it really depends on how your users will access the desktop and what level of application support they require.  Citrix uses a technology they call FlexCast to allow you to deliver desktops to all users in a number of different usage scenarios:

For task workers sharing a similar set of applications, the most secure, cost-effective approach is Hosted Shared Desktops.
For office workers who need more personalized desktops, Hosted VM-based VDI Desktops is often the best approach. By running each user's desktop in a dedicated virtual machine, this option combines the benefits of central management with full user personalization.
For technical workers and power users who run professional graphics applications such as CAD/CAM, GIS; Hosted Blade PC Desktops ensures dedicated processing power for each user.
Local Streamed Desktops leverage the local processing power of rich clients, while centralizing single-image management of the desktop. This is a quick and cost-effective way for anyone to get started with desktop virtualization by leveraging existing PC resources while keeping datacenter overhead to a minimum.
Virtual Apps to Installed Desktops offer many of the ROI and management benefits of a fully virtualized desktop with minimal setup costs. Although virtual apps run on the local device, they managed centrally.

In order to deploy XenDesktop the following requirements must be available:

Desktop Delivery Controller (DDC)

Windows Server 2008 SP2 or Windows Server 2008 R2 (including SP1)
.NET Framework 3.5 with SP1*
IIS 7.0 or 7.5
ASP.NET 2.0
Microsoft Visual J# 2.0 SE*
Microsoft Visual C++ 2008 with SP1*
Windows Powershell 2.0
IE 7.0 or later
350MB of free disk space

Database

Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Express Edition*
Microsoft SQL Server 2008 SP1 or later
32 or 64bit versions are supported
clustered and mirrored mode supported

Virtual Desktop Agent (VDA)

Windows XP 32bit with SP3 or later
Windows XP 64bit with SP2 or later
Windows Vista 32bit/64bit with SP2 or later
Windows 7 32bit/64bit
Windows XP will require additional install of WinRM 1.1

Virtualization Host

Hyper-V R2 with SCVMM 2008 R2 including SP1
Citrix XenServer 5.6
Citrix XenServer 5.5 with Update 2
VMware vSphere 4.1
VMware vSphere 4 with Update 1

Other Requirements

Active Directory
MMC 3.0
IE 7, IE 8, Firefox 3.5 or Apple Safari 4
Flash Player 9 or higher

Note: * indicates that the installer will automatically install the component if required.

See the rest of the series here:

Installation

Image Mastering

Quick Deploy

Using Virtual Desktops

Creating a Fabric in SCVMM 2012

SCVMM 2012 brings in a new concept of a fabric.  From Wikipedia the concept is described as follows:

?Fabric computing or unified computing involves the creation of a computing fabric consisting of interconnected nodes that look like a 'weave' or a 'fabric' when viewed collectively from a distance?

In SCVMM this fabric includes the virtualization hosts, services, networking and storage.  The fabric is key in providing the services and scalability to a cloud.  If you have tried the Azure platform you might be familiar with the term fabric already but the easiest way to think about it is to see it as the combination of all the resources required to provide virtualization services or cloud services to your organization.  When you select the Fabric tab in SCVMM 2012 and right click on servers you can see one type of resource you can add to your fabric.

Selecting Add Hyper-V Host or Cluster the Add Resource wizard will launch.  From here you can add domain joined Hyper-V hosts, those on a perimeter network and those on an untrusted (aka Workgroup) network.  New to SCVMM 2012 is the ability to provision new hosts using OOB installation to deploy the OS and enable Hyper-V.

You can provide a service account or specify a run as account to install the agent.

You can discover existing Hyper-V servers in AD or enter the server name.

If you use AD discovery you can then select the servers.

Then specify the host group to join them too.

Before ensuring everything is correct in the summary.

After clicking Install the agents will be deployed to the hosts.

At this point you are ready to start working with VMs but there is more to the fabric than just hosts.  Network connectivity is a big part of the fabric and you can create logical networks, MAC Address pools as well as add load balancers and create VIP templates to use with load balancers.

Storage is also a big part of the fabric and you can add arrays and storage providers as well as create storage Classifications and Pools

One of the highlights of this fabric concept is scalability. With this model and SCVMM 2012 you can easily add resources to your cloud and scale to meet the demands of your organization.

Installing SCVMM 2012

SCVMM 2012 beta was released at MMS last week (among other announcements) and is the long awaited update to SCVMM 2008 R2.  There is plenty new in SCVMM 2012 including:

Fabric Management ? deploy, build and patch Hyper-V hosts and clusters. Manage VMware and Citrix XenServer as well as network and storage management.
Resource Optimization ? proactive VM load balancing, host level power management and deeper PRO integration
Cloud Management ? Build your own private cloud and delegate access and enhanced self service provisioning
Service Lifecycle Management ? Create a template that consists of VMs, OS images and application packages and deploy as a service.  Server App-V integration.

Before you can install SCVMM 2012 you need to know the recommended requirements which include:

CPU ? Dual Core 2.4GHz (5-10 hosts) or Dual Core 2.8 GHz (11-20 hosts)
RAM ? 2GB (5-10 hosts) or 4GB (11-20 hosts)
Disk ? 40GB (5-10 hosts) or 50GB (11-20 hosts) PLUS library space
OS ? Windows Server 2008 R2 or Windows Server 2008 SP2
DB ? SQL 2005 SP3 or SQL 2008 or SQL 2008 R2 Standard or Enterprise Edition (no Express Edition)
Software add-ons
- PowerShell 1.0 or 2.0
- WinRM 1.1 or 2.0
- .NET Framework 3.0 or 3.0 SP1
- Windows Automated Install Kit (WAIK 1.1)
- IIS 7.0 or 7.5 (only required for SSP) including
  - IIS 6 Metabase Compatibility
  - IIS 6 WMI Compatibility
  - Static Content
  - Default Document
  - Directory Browsing
  - HTTP Errors
  - ASP.NET
  - .NET Extensibility
  - ISAPI Extensions
  - ISAPI Filters
  - Request Filtering

With that all in place you are ready to start the installation.  If you are missing anything the pre-requisite checker will let you know and you can fix it before proceeding.  With the media loaded you can click Install to begin the procedure.

Next agree to the EULA, enter your organizations information and then turn on Microsoft Update for SCVMM 2012.  Next input your database configuration information.

Next provide the information on the service account you have created for SCVMM 2012.  Rather than use a default domain admin account I would highly recommend creating a custom service account for each of the System Center services (as well as others) in your organization.  If you are on 2008 or R2 AD then managed service accounts take away any reason not to use them.  You will also need to use a domain account if you wish to make your SCVMM 2012 server highly available.

Configure your SCVMM library.  As with 2008 you can specify a local share or a share on a file server.

Review the summary and click Install

Once complete click Finish.

After you click Finish the console will launch and you will choose what account to log in with.  There is much finer grain control over accounts in SCVMM 2012 and the console but to start only an Administrator role exists.

Once logged in you should see a shiny new SCVMM 2012 console!

SCVMM 2012 Walk Through

With the recent release of the SCVMM 2012 beta you might be curious to see what is new.  The first thing you will notice is a new interface including the addition of the ribbon interface from Office.  SCVMM 2012 console is broken down into five major sections.

VMs and Services ? This section is where you will add hosts, clusters and build and manage your cloud services.  You will also see some basic reporting on the cloud metrics such as CPU and memory usage, limits as well as quotas information on user roles.

You can drill down further to get the same metrics on a per host or per host group level.

Fabric ? The fabric is a new concept to VMM 2012 but a familiar one to those involved with cloud computing.  The fabric consists of all to components of your cloud.  This includes virtualization hosts, library servers, update servers, deployment servers, network and storage resources.

Library ? The library concept remains in VMM 2012 as well although it has been expanded to include cloud libraries, self service user content and a larger array of profile types.

Jobs ? Similar to VMM 2008 R2 the jobs pane lets you check in on the status of currently running jobs as well as track and investigate job success and failures.

Settings ? Finally the settings section allows you to manage the configuration of VMM 2012 including such things as Security and User Roles, Servicing Windows, VMM 2012 backups and more.

This is just a brief look at the new VMM 2012.

MMS 2011 Announcements

Part of the Lazyadmin team is at MMS and the other part (me) is following along from home.  There have been a lot of announcements this week and we have the following recap for you.  We?ll update this as necessary so you have the latest information from the 2011 Microsoft Management Summit!

System Center Virtual Machine Manager SP1 was released.  With the recent release of Windows Server 2008 R2 SP1 and new features such as Dynamic Memory and RemoteFX, SCVMM 2008 R2 needed an update to support those features. 

You can download SCVMM 2008 R2 SP1 here.

System Center Virtual Machine Manager 2012 beta was released to a public beta.  System Center 2012 cloud and datacenter management solutions empower you with a common management toolset for your private and public cloud applications and services. As a core component of the System Center suite, Virtual Machine Manager 2012 offers you the following benefits:

Provision a flexible, agile, and cost-effective private cloud
Manage heterogeneous virtual environments using a single tool
Optimize your existing applications for private cloud deployment
Simplify application provisioning and servicing

You can download the SCVMM 2012 beta or a pre-built VHD here.

System Center Configuration Manager 2012 beta 2 was released.  System Center Configuration Manager 2012 helps IT empower people to use the devices and applications they need to be productive, while maintaining corporate compliance and control. The boundaries between work and life have blurred to where people expect reliable, consistent access to corporate services from wherever they are, on any device they're using. Using System Center Configuration Manager 2012, organizations can:

Mobile device management. This includes the wide range of devices that connect to Exchange ActiveSync, including Windows Phone 7, Symbian, iOS, and Android-based devices.
Forefront Endpoint Protection integration, role based administration, and virtualization scenario support will simplify both infrastructure and processes for IT.
Improved console performance and useability

You can download the SCCM 2012 Beta 2 here.

System Center Advisor RC was released.  System Center Advisor (formerly Microsoft codename Atlanta) is a cloud service that enables IT professionals to assess their server configuration and proactively avoid problems. With System Center Advisor, support staff are able to resolve issues faster by accessing current and historical configuration data, all with the security features that meet their needs. Additionally, System Center Advisor helps reduce downtime by providing suggestions for improvement, and notifying customers of key updates specific to their configuration.  Using System Center Advisor an organization can:

Proactively resolve issues before they become critical through ongoing assessments of the server environment for undetected configuration issues.
Decrease time to resolve issues with the ability to share server configuration data with internal support staff or Microsoft Customer Support Services.
Increase performance and availability of servers by understanding configuration state and receiving suggestions for improvement to help ensure availability..

You can sign up to try System Center Advisor here.

System Center Codename Concero was announced.  The initial release of ?Concero? will enable customers to deploy, manage and control applications and services deployed on private clouds built using System Center Virtual Machine Manager 2012 and in the public cloud offering of Windows Azure. This provides a consistent and simple user experience for service management across these clouds.  You can find out more about the Concero announcement here.

Forefront Endpoint Protection licensing changes.  The licensing model for FEP has changed.  Previously it was included with the more costly Enterprise CAL but today it was announced that it is not included with the Core CAL.  What does this mean?  Quite simply anyone with an existing Core CAL now owns FEP for no cost.

You can download a trial of Forefront Endpoint Protection here.

Lync Server licensing changes.  The licensing model for Lync has changed.  Previously it was included with the more costly Enterprise CAL but today it was announced that it is not included with the Core CAL.  What does this mean?  Quite simply anyone with an existing Core CAL now owns Lync for no cost (other than the server).

You can download a trial of Microsoft Lync Server 2010 here.

Windows Intune was released to RTM.  Windows Intune is unique because it's an end-to-end Microsoft solution that brings together Windows cloud services for PC management and endpoint protection with a Windows 7 Enterprise upgrade subscription. With the easy-to-use web-based console, you get immediate insight into your PC environment and can view update and malware status, alerts, security policies, and more. You just need an Internet connection and the Windows Intune client installed on each PC you wish to manage.

You can register for a 30 day trial of Windows Intune here.

Upgrading Hyper-V R2 to SP1

With Service Pack 1 now released for Hyper-V R2 it is about time to start deploying it and updating your VMs.  As with anything there is a process to follow to ensure that everything goes smoothly and that the virtual machines can take advantage of all the features available in SP1.  We?ve already covered these new features in articles on Dynamic Memory and RemoteFX so lets look at what you?ll need to do to get SP1 installed on your hosts and what needs to be done at the guest level to enable those features.

Standalone Hyper-V Server

This is the most straightforward of installations but it will also incur the most downtime.  The following process will allow you to get SP1 installed with the least downtime possible.

Save state of all running VMs
Install SP1 on the host server
Reboot
Resume state of all running VMs

Clustered Hyper-V Servers

This is still a straight forward process and thanks to clustering and Live Migration you shouldn?t experience any downtime.  The following process will allow you to get SP1 installed on all nodes in the cluster.

Live Migrate all VMs from Node 1 to the other nodes in the cluster
Apply SP1 to Node 1
Reboot Node 1
Live Migrate previous VMs from other nodes back to Node 1
Repeat on all nodes in the cluster

Hyper-V R2 SP1 Virtual Machines

With your Hyper-V R2 server(s) upgraded to SP1 the following needs to be performed on each virtual machine in order for it to be able to take advantage of the new features.  This is where things get a little complex as it will depend on the guest OS running inside the VM.  The following table should help clarify what needs to be done for the VMs to be able to leverage Dynamic Memory.

Guest OS	Edition	Requirements

Windows Server 2008 R2	Enterprise, Datacenter	Install Server 2008 R2 SP1 or Upgrade VM Integration Components
Windows Server 2008 R2	Web, Standard	Install Server 2008 R2 SP1
Windows Server 2008 SP2	Enterprise, Datacenter	Upgrade VM Integration Components
Windows Server 2008 SP2	Web, Standard	Upgrade VM Integration Components *and* Install KB2230887 Hotfix
Windows Server 2003 R2 SP2	Web, Standard, Enterprise, Datacenter	Upgrade VM Integration Components
Windows Server 2003 SP2	Web, Standard, Enterprise, Datacenter	Upgrade VM Integration Components
Windows 7	Enterprise, Ultimate	Install Windows 7 SP1 or Upgrade VM Integration Components
Windows Vista SP1	Enterprise, Ultimate	Upgrade VM Integration Components

IE6 Application Compatibility Mitigation with Unibrows?Part 2

In part one of this article we looked at the client prep required to deploy Unibrows.  With the client in place and the plugin installed the next step is to create rules for the plugin to process.  To do so you will use the Unibrows Configuration Manager tool.  Launch the tool and from the Files tab click on New Project.

Select the Rules tab and then the Rules Editor.  A number of dropdowns are available that allow you to build your rules.  Start with the type of rule.  In this example we are going to specify if a user access a particular URI that it will load with the Unibrows plugin and be rendered with IE6.

We will add the condition IS

and then specify the URL (be sure to enter it exactly as it appears in the browser including any trailing /)as well as the profile (IE6 in this case)

Give the rule a name and then specify if this is to be a user scope or machine scope.

Once complete save the project and then launch your browser and browse to the URIs you specified in your rules.  You will see ub: at the start of the URL to tell you it is working.

IE6 Application Compatibility Mitigation with Unibrows?Part 1

One of the biggest blockers to Windows 7 migration is browser compatibility.  Too many internal web applications were written for IE6 and this has prevented organizations from deploying IE7 and/or IE8 to their desktops.  There are a number of options to mitigate this, from compatibility mode in IE7 and IE8 to finding and fixing issues with the Application Compatibility Toolkit.  Now there is another option, Unibrows.

UniBrows is a lightweight browser add-on that is easy and inexpensive to deploy, requiring no new infrastructure and no servers.

With UniBrows there?s no longer a need to rewrite Web applications or install expensive and complex virtualization solutions. By simply installing UniBrows on PCs running Windows 7 or Windows XP with IE8, enterprises can continue to use all of their already-deployed and paid-for IE6 applications inside IE8 without modifying a single line of code.

Browser compatibility issues have dogged the enterprise in recent years, resulting in 74 percent of the organizations continuing to run the aging Windows XP on their desktop and laptop PCs and delaying browser and operating system upgrades as long as possible. These compatibility issues, driven by line of business applications that run only in IE6, have the added problem of blocking deployment of Windows 7, forcing organizations to forego the business and technology benefits of Microsoft?s latest operating system.

UniBrows solves both problems via an IE8 add-on that enables IE6 web applications to run in an IE8 tab, enabling enterprises to upgrade PCs to Windows 7 while keeping your legacy IE6 applications running unmodified.

There are two parts to getting this deployed in your environment.  There is client prep and then there is rules preparation.  Part one will take a look at client prep and in part two we will take a look at creating and deploying rules.  Creating the client installers is pretty straight forward.  Once you have downloaded Unibrows there are two main components, UB-Client-Prep.exe and UBManager-Setup.msi.  To create the client packages launch UB-Client-Prep.exe.  After skipping the Welcome screen and agreeing to the license you will be prompted to download a set of components from Microsoft.  Click on the download button and save the file to your PC.

Once you?ve downloaded them you will need to open them with the Client Setup Preparation Tool.  Simply click on Open File and browse to where you saved the file.

Once complete you are ready to build your client prep installers.  Simply click on Build and sit back and wait.

Once the build process is complete you will be asked to save the three prep tools.  There is one for XP, one for Vista and one for Windows 7.

The files are MSI files and can be deployed in any manner you use to deploy MSIs.  There are no installation prompts so a silent install is easy to accomplish with the following command line:

msiexec /i path/to/install.msi /q

Once installed you will see it appear under Manager Add-Ons in IE8

With the client deployed we can now set up rules for the plugin to process.

To download a 60 day evaluation kit visit Browsium.com

Analyzing Candidates for Virtualization

Almost all workloads are now supported on one virtual platform or another.  There is a knowledge base article from Microsoft that outlines the support policy of it?s products that will help you determine what level of host OS, guest OS and application version you need to be at to obtain support but how do you determine if a machine should be virtualized or if it should stay a physical machine?  It isn?t as hard as it sounds as there are some great guidance out there as well as some tools to help make the decisions easier.  The first thing you need to determine is the limitations of your virtualization platform.  With this information it will be easy to eliminate physical machines that cannot be virtualized.  These will include any that aren?t supported (see the KB article or application vendor) as well as those with physical attributes that are not supported in a virtual environment.  This might be specialized hardware but most likely it will be machines with CPU and/or memory requirements that are beyond the support of virtualization platforms.  These limitations include:

Hyper-V R2:

Maximum 4 virtual CPUs per VM
Maximum 64GB RAM per VM
Maximum 12 NICs per VM (4 synthetic, 8 emulated)
Maximum 260 virtual hard disks (4 IDE, 256 SCSI)

VMware ESX 4.1:

Maximum 4 virtual CPUs per VM (8 in Enterprise Plus edition)
Maximum 255GB RAM per VM
Maximum 10 NICs per VM
Maximum 64 virtual hard disks (4 IDE, 60 SCSI)

Now if you have a reliable and up to date hardware inventory it should be easy to cut out the physical machines that can?t be virtualized.  But even still there is a determination to be made, just because something can be virtualized doesn?t mean it should be virtualized.  There are two ways to help make this decision and both will also help you if you don?t have a reliable and up to date hardware inventory.  One is the Microsoft Assessment and Planning Toolkit, which is free, and the other is System Center Operations Manager with a few select management packs.

MAP is an agentless tool that will scan the physical machines using WMI to build a hardware inventory and then gather performance statistics for the time when the test is run.  It can gather some basic information and assess whether a machine can be virtualized or not.  It will then output a nice report outlining a list of machines that can be virtualized with the technical details in an Excel file (sample ServerVirtRecommendation.xlsx)and a higher level Word document outlining the benefits (sample ServerVirtProposal.docx).

If you have System Center Operations Manager in place and are already collecting performance data of your physical servers you simply need to run a report which can identify virtualization candidates.  There are a few management packs required to collect and assess the information including the following management packs:

System System Center Virtualization Reports 2008
System Center Virtual Machine Manager 2008
System Center Virtual Machine Manager 2008 Management Pack for System Center Operations Manager 2007 (only for SCOM 2007 non R2)
Virtual Machine Discovery MP for Operations Manager 2007 (only required if you have VMware VMs in your environment)

With these management packs in place you can run the Virtualization Candidates report.  Simply enter the criteria for your scenario and run the report.  The following is a typical scenario for a Hyper-V environment.  Not the number of physical processors, since Hyper-V (and most editions of vSphere) only support 4 vCPUs it is important to limit your reporting to physical machines with 4 or less CPU/Cores.

One important thing to remember is that just because it can be virtualized doesn't mean it should be.  As an example yes you could virtualize a quad CPU, 64GB SQL server on Hyper-V but should you?  Would you not be better off virtualizing 8 smaller servers (2CPU with 4GB RAM) with those resources and keeping that SQL server a physical machine? 

Understanding Failover Cluster Ownership and Hyper-V

Failover clustering has been in Windows Server for a long time.  By installing resources in a failover cluster you can provide high availability of resources and is typically used with critical business applications.  One example of this today is Hyper-V virtual machines.  Understanding how resources failover is critical when it comes to planning and even more so now with the introduction of geo clusters.

When you add a resource to a cluster, such as a virtual machine there is a list of possible owners that includes all nodes in the cluster and you can further specify preferred owners from that list.  The possible owners are listed in order of installation so in this example Hyperv01 was installed first, Hyperv03 was installed second and Hyperv02 was installed last.

For the sake of this example we are going to look at a few scenarios but for simplicity the nodes are installed in order of number, i.e. Node 1 was installed first and Node 4 was installed last.  The first example is a four node cluster with Node 1 and Node 2 as preferred owners.

When the resource on Node 1 (a file server VM in this example) fails, say Node 1 lost connectivity to the SAN, the resource will failover to Node 2.  The same process will occur if the entire Node 1 fails (for example a power supply failure).  However if the resource is on Node 2 and the resource, or Node 2 itself fails, it will failover to Node 3 even if Node 1, a preferred owner is online.  In essence the resource fails over to the next node in the list (based on install order) and preferred owner doesn?t mean anything.  In this next example we have the same four node cluster but this time we have not set any preferred owners.

When the resource on Node 1 fails, the same result will occur as with a preferred node scenario in that it will failover to the next node in the list.  The difference here is that if the node fails the failover cluster service will randomly select a node from the list and move resources to that node.  Now this might not be an issue in most instances but it can become an issue in geo clusters where nodes are in separate sites.  Let?s take a look at the first scenario again but this time Node 1 and 2 are in Site 1 and Node 3 and 4 are in Site 2.

The same failover pattern will apply in this case but this is where issues can develop.  If a resource is on Node 2 in Site 1 and the resource or node fails the failover cluster service will move the resources to Node 3 in Site 2.  This may not be ideal, especially if your sites are on different IP subnets.  While the resource will failover to the new site, it will need new IP configuration and DNS to be updated before clients can connect to it.  And again, with no preferred owners set the same scenario will play out.  Additional issues can appear depending on your storage subsystem and how replication and synchronozation occurs.

In this case if the resource fails it will move to the next node in the list but if the node fails it will randomly select a node.  Again this node could be in the same site, but it could also be in a different site.  In a nutshell, nodes in a multi-site cluster are not site aware.

So you might be asking what does the preferred node option actually do?  Well in the case of a manual move you have the option of Best Possible and when you chose that option it will attempt to move the resource to a preferred node first.

If there are no preferred nodes set, again it will randomly choose a node to move the resource to.  So there are a few things you will need to plan for in no particular order?

capacity ? by this model the best practice would be for a single node to be able to support all resources.  This is in line with the Microsoft limitations in Hyper-V of 384 VMs on a single node or 64VMs per node (in a 16 node cluster).  If this is followed all but one node in a cluster could fail and all resources would still be available.
network ? in a multi-site scenario proper network planning is essential.  Due to this failover model all VMs should be on the same IP subnet.  The clustered hosts do not need to be on the same IP subnet but the VMs should be.  If not a VM could end up on a host in another site with a different IP subnet and the IP would need to be updated and DNS records updated before connectivity would resume.  While the VM would always be running there would still be downtime if there is no connectivity.  Possible workarounds inlcude using DHCP with reservations on the VMs.  When the resource fails over it starts the VM from a stopped state and the DHCP addressing can update the IP and register the new address in DNS.
ownership ? with Live Migration ownership is a non-factor because the destination host is always selected and Intelligent Placement can be used it automated scenarios (such as Opalis) but it does have an effect on unplanned failovers.  In unplanned failovers the resource will failover to the next node in the list of possible owners.
monitoring ? monitoring via Operations Manager (or a 3rd party tool) and alerting when a resource moves or a node fails is crucial.  While IP configuration and DNS changes can be scripted (DHCP or Opalis) something will need to trigger that script or notify an admin that the move has happened.  While basic monitoring is most likely in place to notify you if a server is down, more advanced monitoring at the resource level is essential.
bandwidth - with most SAN replication and synchronization technologies when the disk resource fails over and the RW/RO LUN is reversed the system will resynchronize the LUN with a full push from the new RW LUN back to the new RO LUN.  This will have an impact on your replication link and could impact the replication of other LUNs.

In most multi-site clusters this might not be an issue.  For example a multi-site cluster stretched across the street or across town with a fast link might have minimal impact.  But as the distance grows, link speed drops (or the link becomes saturated) and/or latency grows these issues can become bigger.  Proper planning is key in any cluster and even more so in a multi-site cluter.

One recommendation is to split up your nodes into multiple clusters, one multi-site for site wide HA, and two local clusters, one in each site, for local HA. 

Adding Integration Packs to Opalis

System Center Opalis can extended its automation capabilities further into your environment through what are called Integration Packs, or IPs.  IPs are available for the other System Center products, Microsoft products such as SQL and a host of 3rd party solutions.  There is also a site on Codeplex with additional IPs.  The IPs are free and allow you to create policies to automate even more tasks in your environment.  As an example with the SCVMM IP you can create a policy to deploy new VMs automatically based on a number of factors.  Before you can take advantage of the capabilities of an IP you need to register it with the Opalis Management Server and then deploy it to the Opalis Action Server(s).

To register an IP with Opalis, open the Opalis Integration Server console and right-click on Integration Packs and select Register IP with Management Server

Skip the Welcome screen and then browse to the location where you downloaded the IPs too.

You can register multiple IPs at once if you like, when you have added all you would like to register hit Next.

Finish out the wizard and watch the Log Entries area for notification of successful registration.

With the IPs registered the next step is to deploy them to your Action Server(s).  To do this, again, right-click on Integration Packs and this time select Deploy IP to Action Server or Client.

Skip the Welcome screen and then select the IP(s) you wish to deploy.

Next add the name(s) of your Action Server(s) you wish to deploy the IP to.

Decide when you wish to install the IP.  By default it will deploy the IP immediately after finishing the wizard.  When you deploy an IP all running policies will be stopped while the IP is deployed.  If you do not wish for this to happen you can change the option to not stop policies but a restart at some later point will be required before they become active.  Alternatively you can schedule the install for a time when it is OK to stop processing the policies.

Once you complete the wizard the IPs you selected will be deployed to the Action Servers you chose.

After re-launching the Opalis Integration Server console the new IPs will be available in the Objects pane.

Creating an Opalis Policy

System Center Opalis is the latest tool available to the System Center suite of tools.  Opalis was recently acquired by Microsoft and the tools added to the suite.  What is Opalis?

Opalis is an automation platform for orchestrating and integrating IT tools to drive down the cost of datacenter operations, while improving the reliability of IT processes. It enables IT organizations to automate best practices, such as those found in Microsoft Operations Framework (MOF) and Information Technology Infrastructure Library (ITIL). This is achieved through workflow processes that coordinate System Center and other management tools to automate incident response, change and compliance, and service-lifecycle management processes.

A colleague of mine called it ?scripting for dummies? and he was right.  It allows you to drag and drop items into a workflow allowing you to create scripts and policies without writing a single line of code.  In this example I?ll create a script to monitor a folder and move files to an archive once a certain number of files exist.  There are three components to this policy, a folder to monitor, an action to take and an event log to write.  In the Opalis Integration Server (OIS) console right-click on Policy and select New | Folder and name the folder.

Then right-click the folder and select New | Policy

Now from the column on the right locate the Monitor Folder item and drag it onto the center screen.  Do the same with Move File and Send Event Log Message.  Now click the arrow pointer and draw a line between the items to create Links.  When your done your policy should look like this.

Now double click on Move File so we can edit it?s properties.  On the General tab enter a description for this task.  You can also change the name if you wish.

Next enter the path to the folder you wish to monitor.  You can include sub-folders if you like as well as create filters to limit the monitoring to certain file types.

Now set a trigger.  The trigger will specify when to execute the next task in the policy.  In this example I set the policy to 4 so when the 5th files is created the policy will execute.

If you are running this policy against a non-domain joined machine you can enter alternative credentials for the policy to use.  You can also alter the run behaviour but we will leave that as is for now.  Click Finish.

Now on the Move File item, double click and go to the Details tab.  Here we will define a source and destination.  To do this, under source, right-click in File field | Subscribe | Published Data and select Origin folder and click OK.  Do the same for the In the Folder field under destination and then add a backslash followed by an asterisk.  The rest of the settings can remain at their defaults so when complete, click Finish.

Lastly double click on Send Event Log Message and under details enter the computer name where you want the event log written to.  Then enter the message you wish to be written.  You can also right-click in the field and select Subscribe | Published Data and then select the Move File option to grab the data from the previous task.

With this complete we can now check in out policy and test it.  Right-click on the policy name and select Check In.

Now click on the Test button and a new window should open up.  Click the Run button and the policy will start.  Now create 5 text files in the folder C:\logs and watch the policy execute.

Once complete you should see an event in the event logs.

Now you might have noticed that it created an individual event log for each file moved.  This might be a bit too much but we can alter this under the Run Behaviour tab of the Send Event Log Notification item.  By selecting the Flatten option and a separation option (I prefer line breaks) you can consolidate all notifications into one event log entry and each item will be on an individual line.

That is a pretty basic example of what you can do with Opalis.  Going forward we will cover some more advanced featur

IE9 Pinning and Jump Lists

One of the new features in IE9 is the ability to pin a website to the taskbar and include items in the Jump List.  With the new site under construction and IE9 close to complete I decided to add this functionality to the new site.  Pinning is easy and doesn?t require any configuration.  Just grab the URL and drag it to the taskbar.

To add a Jump List takes a little configuration.  The new site is built on Wordpress so I will use that as an example but the process is pretty close on any site.  On your Wordpress site browse to WP-Content\Themes\THEME_NAME\ and open header.php for editing.  Add the following code to your header.php anywhere in between the <head> </head> tags.

<meta name=?application-name? content=?YOUR_WEBSITE_NAME?/>
<meta name=?msapplication-task? content=?name=LIST_ITEM_1;action-uri=URL_FOR_ITEM_1;icon-uri=URL_FOR_ITEM_1_FAVICON? />
<meta name=?msapplication-task? content=?name=LIST_ITEM_2;action-uri=URL_FOR_ITEM_2;icon-uri=URL_FOR_ITEM_2_FAVICON? />

Save the header.php file and then clear your browser cache.  Launch IE9 and pin the website to your taskbar.  Close IE9, right-click on your taskbar icon and you should see your Jump List appear.

Hyper-V R2 SP1 - RemoteFX

RemoteFX is another new feature in Hyper-V R2 SP1.  RemoteFX enables you to provide a rich user experience for your end users connecting through RDP.  Traditionally when you connect through RDP you lose all rich UI and graphical capabilities but with Remote FX the user will have the same UI and the same experience when connected via RDP.  This can be very important when it comes to VDI deployments.

Before we install RemoteFX you should be aware of the requirements which include:

Hyper-V R2 SP1 hosts
SLAT enabled CPUs (Intel EPT or AMD RVI)
GPU
- DX 9c and 10 support
- Dedicated graphical memory
Client with RemoteFX decoder (RDP 7.1)

The most notable item on that list in the GPU.  Typical servers leverage the built in GPU which typically use shared memory.  This will still be the case for the KVM or monitor connected to the server, but additional GPUs will be required to provided the rendering capabilities for the RemoteFX clients.

Installing RemoteFX is pretty straight forward.  Launch the Add Role wizard and select the Remote Desktop Services role.

Under Role Services select the Remote Desktop Virtualization Host as well as the two sub-roles; Core Services and RemoteFX.

Once complete you can open up Hyper-V Manager and you will see a new option available under Add Hardware, the RemoteFX 3D Video Adapter.  You will need to install this in any and all VMs that will provide the rich UI to clients.

In the VM settings you can then configure the number of monitors on the client end as well as the resolution.

Careful attention needs to be paid here as there are guidelines as to how much memory the GPU will need to support the number of VMs, monitors and screen resolution.

RemoteFX is an interesting technology and something to consider in VDI deployments, well not quite as full featured as Citrix HDX it is included and comes pretty close for the price.