Microsoft Virtual Desktop Infrastructure (VDI) Explained
Posted By: Yung Chou
This is a follow-up posting and a continual discussion of desktop virtualization and Remote Desktop Services (RDS) relevant to Windows 7 and Windows Server 2008 R2 (WS2008R2).
What It Is
Microsoft Virtual Desktop Infrastructure (VDI) is a centralized desktop delivery solution. The concept of VDI is to store and run desktop workloads including a Windows client operating system, applications, and data in a server-based virtual machine (VM) in a data center; and allow a user to interact with the desktop presented onto a user device via Remote Desktop Protocol (RDP). Notice VDI is part of an enterprise’s cohesive, holistic virtualization strategy across IT infrastructure to support Microsoft’s vision of Dynamic IT. VDI is not an isolated architecture, but one of the many technologies available to optimize enterprise desktops.
A notable component in the Remote Desktop Services (RDS) of WS2008R2 is the availability of Remote Desktop Connection Broker (RDCB). RDCB is a native VDI connection broker, providing a unified experience for access to VDI as well as traditional, session-based remote desktops. With RDCB, virtual desktops are now delivered similarly to RemoteApp. For example, a user will access http://rds-all.contoso.corp/rdweb and be presented with a webpage with authorized applications and desktops, once authenticated, as shown below.
Here, three Office 2007 applications are published as RemoteApp which works very much the same with that in Windows Server 2008. In Windows Server 2008 R2 however, RemoteApp programs shown on this consistent URL can be composed from multiple sources. The RemoteApp programs shown here are not necessarily installed on the same Remote Desktop Session Host (RDSH) or Terminal Server. They can be from multiple RDSHs and Terminal Servers, yet composed and presented with the same URL. Further, the presence of a RemoteApp program is based on the access control list of a published application in RDSH. By default, all authenticated users will have access to published RemoteApp programs.
The icon, My Desktop, appears for only those who are assigned with a personal virtual desktop. The assignment can be done in RDCB, or the User object in Active Directory. When a user click My Desktop icon, a virtual desktop will be delivered to the user’s device, once the user is authenticated. The follow screen capture shows Word 2007 accessed as a RemoteApp program and a virtual desktop delivered via VDI to a user on a non-managed Windows 7 client.
The icon, Contoso Desktop, is for accessing a virtual desktop running on a VM dynamically picked from a VM pool defied in RDCB. Notice once a VM pool is defined, the icon to access a VM in the pool will show up on the RDS webpage for all authenticated users, regardless if a user has access to the pool. Both the display name of the page and the display name of the icon to access a VM pool can be easily customized in RDCB, here “Contoso Wonder LAN” and “Contoso Desktop” are both customized display names. Further information of the RDS architecture and how RDCB plays a central role in a VDI solution is available in “Remote Desktop Services (RDS) Architecture Explained.”
RemoteApp and Desktop Connection
A new feature in WS2008R2 worth mentioning here is RemoteApp and Desktop Connection which provides the ability to access to RemoteApp programs, remote desktops, and virtual desktops from the Start menu of a Windows 7 PC. In Windows 7, a user can go to Control Panel to configure it with a few mouse clicks in a friendly wizard-driven process. The URL of an intended RDS webpage and user credentials of an intended user are needed to complete the process. When RemoteApp and Desktop Connection accessing a target RDS webpage on a user’s behalf, the user will be prompted for credentials. The screen capture on the right shows the Widows 7 Start menu integrated with RDS resources published on the Contoso Wonder LAN page shown earlier. If the user deletes the settings configured in RemoteAll and Desktop Connection, the Contoso Wonder LAN and its content will be removed accordingly.