In Windows Server you can create two kinds of Virtual Desktop Infrastructure (VDI), personal or pooled. A personal collection is a bit like a company car scheme where everyone chooses their own car. This means there needs to be car for everyone even if they are on leave or sick etc. and each car needs to be individually maintained. However the employees are really happy as they can pimp their transport to suit their own preferences. Contrast that with a car pool of identical cars, where an employee just takes the next one out of the pool and when its brought back its refuelled and checked ready for the next user, and you don’t need a car for everyone as there’ll be days when people just come to the office or use public transport to get to their destination. That seems to be a better solution than company cars for the for the employer but not so good for the employees. Pooled VDI collections work like pool cars in that they are built from one template and so only one VM has to be maintained, but that means every user has the same experience which, might not be so popular. However Pooled VDI in Windows Server 2012 has a method for personalising each users experience while still offering the ability to manage just one template VM and that’s why I want to use pooled VDI in my demos.
Carrying on from my last post I right click on RD Virtualisation Host and select Create Virtual Desktop Collection
Now I get specify the collection type
Having chosen the collection type I now need to pick a template on which to base the pool..
I found out that you can’t use the new Hyper-V generation 2 VMs as a VDI template even in Windows Server 2012R2 rtm. This does mean you can use that WimtoVHD Powershell script I have promoting in earlier posts in this series to create my template directly from the Windows installation media.
Note: you’ll need windows 8.1 enterprise for this which is currently only available on msdn, until 8.1 is generally available in a couple of weeks when there should be an evaluation edition available
In fact for a basic VDI demo the VHD this creates can be used as is; all you need to do is create a new VM from this VHD to be configured with the settings each of the VDI VMs will inherit, such as CPU, dynamic memory settings, Virtual NICs and which virtual switches they are connected as well as any bandwidth QoS you might want to impose..
Here you can see the setting for my template VM such as it being connected to my FabricNet virtual switch.
Normally when you build VMs from templates you will want to inject an unattend.xml file into the image to control its settings as it comes out of sysprep (as I have done in earlier posts in this series). This wizard helps you with that or you can just enter basic settings in the wizard itself as I have done ..
and not bother with an unattend.xml file at all.
Now I can start to configure my collection by giving it a name, how many VMs it will contain and specifying who can access it ..
In a production environment you would have several virtualization hosts to run your collection of VMs and here you can specify the load each of those hosts will have.
Having specified which hosts to use I can now get into the specifics of what storage the VMs will use. I am going for a file share, specifically one of the file shares I created earlier in this series, which will make use of the enhancements to storage in R2. Note the option to store the parent disk on a specific disk, which might be a good use of some of the new flash based devices as this will be read a lot but rarely updated.
My final choices is whether to make use of user profile disks. This allows all a users settings and work to be stored in their own virtual hard disk and whenever they log in to get a pooled VM, this disk is mounted to give them access to their stuff. This is really useful if all your users only ever use VDI as you don’t need to worry about all that roaming profiles and so on. However if your users sometimes use VDI and sometimes want to work on physical desktop such as laptops then you’ll want to make use of the usual tools for handling their settings across all of this so they get the same desktop whatever they use - remember we work for these people not the other way around!
That’s pretty much it - the desktops will build and your users can login via the web access server in my case by going to http://RDWebAccess.contoso.com/RDWeb
To demo the differences in performance on a pooled VDI collection that sits on a storage space that's had deduplication enabled I could create another collection on the Normal* shares I created in my post on storage spaces by doing this all again. Or I could just run a PowerShell command, New-RDVirtualDesktopCollection, and set the appropriate switches..
$VHost = "Orange.contoso.com" $RDBroker = "RDBroker.constoso.com" $ColectionName = "ITCamps"
#The VDI Template is a sysprepped VM running the Virtual Hard Disk, network settings etc. that all the pooled VMs will inherit. The VHD will run windows 8.1 configured and sysprepped with any applications and setting needed by end-users
$VDITemplateVM = get-vm -ComputerName $VHost -Name "Win81x86 Gen1 SysPrep"
New-RDVirtualDesktopCollection -CollectionName "ITCamp" -PooledManaged -StorageType CentralSmbShareStorage -VirtualDesktopAllocation 5 -VirtualDesktopTemplateHostServer $VHost -VirtualDesktopTemplateName $VDITemplateVM -ConnectionBroker $RDBroker -Domain “contoso.com” -Force -MaxUserProfileDiskSizeGB 40 -CentralStoragePath”\\fileserver1\NormalVMs” -VirtualDesktopNamePrefix "ITC" -OU “VDICampUsers” -UserProfileDiskPath “\\fileserver1\NormalProfiles” My good friend Simon May then gradually add in more and more VMs into the collection with the Add-RDVirtualDesktopToCollection cmdlet to see how much space he can save.
The other really clever thing about a pooled VDI setup like this, is maintaining it. Clearly you will want to change the tem[plate the Pooled collection is based on from time to time, for example to add or remove version of applications and to keep patches up to date. All you have to do is to make another template VM with the new applications and latest patches and then Update the collection from the Collection management screen, or via the Update-RDVirtualDesktopCollection PowerShell cmdlet for example
PS C:\> Update-RDVirtualDesktopCollection -CollectionName "ITCamp" VirtualDesktopTemplateName "$VDITemplateName" -VirtualDesktopTemplateHostServer $VHost -ForceLogoffTime 12:00am -DisableVirtualDesktopRollback -VirtualDesktopPasswordAge 31 -ConnectionBroker $RDBroker
where I would have set $VDITemplateName to be the modified and sysprepped VM to base the updated collection on. Note the Force LogOffTime setting; that’s where users will be thrown out and forced to log on again. If you don’t set this they’ll only get to use the new version when the login and logout again. However you manage that if you have used User Profile in the collection as I have done their preferences and setting will persist on the updated collection.
So that’s the basics of setting up VDI on a laptop for your evaluations. From here I could go on to ad other parts of the Microsoft remote desktop solution such as;
However I would be interested to know what you would like me to post next, so please add comments or if you are shy e-mail me
We are supposed to be able to connect from Apple devices or Android -- how does that work?
Dan You go to the appropriate store and get the RDP 8.1 client for your device. Details are here: http://technet.microsoft.com/en-us/library/dn473009.aspx
Hi andrew, i've already created a virtual desktop collection with 6 VM and it is working fine, after i tried to create another or increase other VM's in the first collection but it couldnt finish: "El agente de conexión a escritorio remoto no pudo crear
el objeto de cuenta de equipo en servicios de dominio de Active Directory.Asegurese de que la cuenta de equipo del agente de conexion a escritorio virtual tiene perimoso para crear cuentas de equipo en la unidad organizativa(OU), que el agente de conexión
a Escritorio remoto puede ponerse en contacto con AD DS y que no existe un objeto de cuenta de equipo duplicado en otra OU" Some things that i did to solve this: Create a new collection and a diferent user's group in AD to access Create a new template (it
is not a clone from the first one) Assign the user agent like administrator of my OU Please help me.
Ola Valeria my knowledge of VDI and Active Directory(AD) is OK too but not my Spanish (although I did some latin a long time ago :-)) so I think what you may need is for the broker to have permissions to update your organizational unit (OU)in AD, so I
am not sure how you managed to create the collection in the first place. In my lab my broker VM is RDS-Broker so I need to ensure that the computer account (RDS_Broker$) is an administrator of the OU in AD. So go to Server Manager | Remote Desktop Services
| OverviewWindow "Deployment overview", Tasks | Edit deployment properties. In the AD configuration pane, select the wanted OU to configure the appropriate permissions, and then select Apply. After you have done this ,In the active directory adminsitarion
consaole (ADAC), right-click the OU, click properties,make sure that $ computer account has been added with appropriate permission in the security tab.
Hi Andrew, I'm working on a test lab and come a cross the following problem:I can't select a OU from the dropdown menu in "Unattended Settings" step. When I check the AD Configuration in the Deployment Overview, same thing I can't select a OU.The OU dropdown menu only displays a dash.Any ide what the issue could be?ThanksJoe
How to create a Pooled VDI infrastructure using Win server 2012 as VM image?I have followed the "usual" way to build a pooled VDI desktop using Win7 or Win8 with success, but it fails when I use an image of Win Server 2012 as VM instead. Am I overlooking something? Should I need to prepare the image in a different way? Thanks
Thanks, Dan. This excellent post answered my questions and will allow me to provide more intelligent input to my IT guy.
Hi Andrew: I'd be quite interested to see other posts on some of the subjects you mentioned at the end of this post, such as, adding the RD Gateway to open up the RD infrastructure to remote users from just one host.
George This is a big thing to setup as to properly test it you are going to need more VMs. On my lab a I have spoofed a DMZ where VMs on that network only have limited communication back into the data centre where RDS is running but are connected tot he
internet which I did with a VM running remote access. then I have a Read only domain controller (RODC) so that the Gateway can authenticate users without exposing other DCs tot eh internet. Typically you install the Gateway on the same VM as the Web Portal,
but before you can configure this you need to create a certificate (see my post on PKI for the Powershell to do that. so I have now written a book on all of this and one chapter (28 pages) just to do that. My book is at