Manage Desktop Virtualization
With Microsoft System Center 2012 Configuration Manager
Microsoft Desktop Virtualization enables today's workforce flexibility choices in productivity by providing them new devices and applications that give them the freedom to work from anywhere, anytime. These expectations are putting increased pressure on IT departments to find a way to offer compelling solutions to employees while maintaining a secure and well-managed environment. Desktop Virtualization technologies can help IT to optimize their core desktop infrastructure by separating the different layers of the computing environment — user state, applications, and the operating system — and managing them independently.
Microsoft Desktop Virtualization and management solutions use key features and tools found in Windows Server Hyper-V, Microsoft Desktop Optimization Pack, and System Center to build a flexible work experience to users who want to connect from everywhere, on the devices they choose, whether inside or outside the corporate networks. These solutions deliver personalized, consistent, and secure experiences for users, while also improving compliance through centralized control and access to confidential data.
Microsoft Desktop Virtualization helps you simplify management by unifying IT operations onto a single infrastructure across physical and virtual assets. It enables instant provisioning of corporate applications and desktops, which get users up and running sooner, and equips IT to provide access to legacy applications during migration to Windows 7. Working with System Center management tools, Microsoft Desktop Virtualization automatically detects device configurations and network conditions to deliver the most appropriate services to each user.
This article focuses on maximizing the benefits of Microsoft desktop virtualization with System Center covering the following topics:
- Desktop Virtualization: Overview of desktop virtualization technologies including user state, application, and operating system virtualization.
- System Center Products: Overview of System Center products that provide management of desktop virtualization, including System Center Configuration Manager, System Center Operations Manager, and System Center Virtual Machine Manager.
- Managing Desktop Virtualization:
- User State Virtualization: Overview of the technologies that manage user state virtualization and how it is important for a complete desktop virtualization solution.
- Application Virtualization: Deep dive on how Configuration Manager and Operations Manager manage Microsoft Application Virtualization (App-V) and RemoteApp.
- Operating System Virtualization: Deep dive on how Configuration Manager, Operations Manager, and Virtual Machine Manager manage Microsoft Enterprise Desktop Virtualization (MED-V), RDS Session virtualization and Virtual Desktop Infrastructure (VDI).
Back to top
Desktop Virtualization Overview
Desktop virtualization is a set of technologies focused on optimizing desktop operations. It helps IT tune the desktop environment to better fit different end users' needs by separating desktop resources (data and user settings, applications, and operating system) from each other. Following is a brief description of each desktop virtualization technology:
User State Virtualization
User state virtualization increases business flexibility by having the user's personal profile and data available dynamically on any authorized PC. With User state virtualization users can access their data (documents, presentations, videos, etc.) and settings (application settings, personalization, operating system standards) from any corporate PC. User state virtualization also helps IT improve business continuity by backing up user data and settings in the data center.
Application Virtualization enables reduction in application management costs and acceleration of application deployments. Application virtualization helps in avoiding traditional application installation on the desktop, delivering applications and updates much faster with fewer interruptions. Microsoft offers App-V and RemoteApp for local and hosted virtual application delivery.
Microsoft App-V: Microsoft App-V is a local delivery and execution solution, where applications are packaged into a resource or service that is executed on a user's computer. This enables offline usage and utilizes the user's local device resources while eliminating regression testing and application conflicts.
RemoteApp: RemoteApp is a feature of Remote Desktop Session Host (RDSH) where applications appears to be running locally on a user's desktop, but are executed on a server.
Operating System Virtualization
Operating system virtualization separates the operating system workloads from the underlying hardware. It enables a single PC to run virtual machines side-by-side to address legacy application compatibility or hosted virtual desktops in the data center, providing simplified management, business flexibility, and security. There are three choices for operating system virtualization: virtual desktop infrastructure, session virtualization, and Microsoft Enterprise Desktop Virtualization (MED-V).
Microsoft Enterprise Desktop Virtualization: MED-V delivers a client-hosted operating system virtualization solution that accelerates an organization's upgrade path to the latest version of Windows, such as Windows 7, by enabling incompatible or unsupported applications to run in a well-managed virtual machine running Windows XP.
Session Virtualization with Remote Desktop Services: Session virtualization provides access to applications either by providing access to the server's desktop. Session virtualization provides a shared desktop experience for users from any connected device, running user applications on a single Windows Server operating system with multiple sessions.
Virtual Desktop Infrastructure: With VDI, users access their Windows desktops that are hosted on servers. This provides users access to their desktop with full-fidelity from any connected device. VDI provides integrated management, improved security and compliance, anywhere access from connected devices, and increased business continuity.
Additional detail on Microsoft Desktop Virtualization technologies is available at the following sites:
Back to top
System Center Overview
System Center 2012 helps you manage your IT environments across traditional datacenters, private and public clouds, client computers, and devices. Using these integrated and automated management capabilities, you can become a trusted service provider for your business. System Center captures and aggregates knowledge about systems, policies, processes, and best practices so that you can optimize your infrastructure to reduce costs, improve application availability, and enhance service delivery.
System Center Configuration Manager
Configuration Manager 2012 helps IT empower their users with the devices and applications they need to be productive, while maintaining corporate compliance and control. It provides a unified infrastructure for managing mobile, physical, and virtual environments that allows IT to deliver and control user experiences based on user identity, connectivity, and device specifics. Configuration Manager provides key management capabilities around application delivery, desktop virtualization, device management, and security that make it possible to enable productivity amidst device proliferation while reducing costs.
System Center Operations Manager
Operations Manager 2012 provides deep application diagnostics and infrastructure monitoring that can help you ensure the predictable performance and availability of vital applications and offers a comprehensive view of your datacenter, private, and public clouds. System Center Configuration Manager 2012 is the end-to-end service-management product that is the best choice for Windows because it works seamlessly with Microsoft software and applications, helping organizations increase efficiency while enabling greater control of the IT environment. Operations Manager leverages Microsoft expertise and best practices to enable successful identification and resolution of issues affecting the health of distributed services.
System Center Virtual Machine Manager
Virtual Machine Manager 2012 enables you to deliver flexible and cost effective Infrastructure as a Service (IaaS) solution. Virtual Machine Manager 2012 provides the tools for creating private and public cloud initiatives. Virtual Machine Manager 2012 consolidates physical servers into a virtual infrastructure with physical-to-virtual machine conversion enabling intelligent placement of workloads on host servers. Virtual Machine Manager 2012 also enables rapid deployment of virtual machines, for desktop virtualization based solutions automatically by authorized end users, and dynamic response to loss of services across hardware, operating systems, or applications.
Back to top
Managing Desktop Virtualization with System Center
System Center 2012 approaches Desktop Virtualization by creating a single pane of glass that gives IT insight and control over the entire desktop environment, whether that is made up of physical desktops, virtual desktops, and/or mobile devices. It manages and protects corporate assets on diverse client devices (corporate and employee-owned), enabling IT the ability to provide users a familiar experience across different devices, contexts, and locations.
|Management Solution||App-V||MED-V||Remote Desktop Services||Microsoft VDI||Third-Party VDI|
|Configuration Manager||Full Integration||Full Integration||Full Integration||Full Integration||Full Integration**|
|Virtual Machine Manager||Server App-V***||N/A||N/A||Recommended*||Requirement|
Table 1: Desktop Virtualization with System Center Matrix
*The Remote Desktop Connector for Virtual Machine Manager enables Remote Desktop Services to use the virtual machine placement capabilities of System Center Virtual Machine Manager 2008 R2 for personal virtual desktops.
**Third-party VDI integration is supported full integration, however it isn’t recommended to deliver applications or updates to pooled desktops.
*** Server App-V is a feature of Virtual Machine Manager that enables IT to extract server based applications from the operating system for improved provisioning.
Management Benefits of Desktop Virtualization with System Center
System Center Configuration Manager 2012 helps IT empower people to use the devices and applications they need to be productive, while maintaining corporate compliance and control. As consumerization becomes a reality, IT organizations face the challenge of delivering a rich experience to users across multiple devices without giving up the control needed to protect corporate assets. Configuration Manager 2012 provides a unified infrastructure for mobile, physical and virtual environments that allows IT to deliver and manage user experiences based on identity, connectivity, and device. Configuration Manager 2012 also makes IT more efficient with simplified administrative tools and improved compliance enforcement. The benefits of System Center and desktop virtualization include:
- Device freedom
- Optimized, personalized application experience
- Application self-service
- Integrated mobile, physical, and virtual management
- Integrated security and compliance
- Reduced infrastructure complexity
- Comprehensive client management
- Automated remediation
This article describes individual Desktop Virtualization technologies and how System Center products can be used to manage each technology.
Back to top
Managing User State Virtualization
User State Virtualization is a built-in feature to the Windows operating system and implemented by utilizing a combination of Roaming User Profiles, Folder Redirection, and Offline Files. Management of User State Virtualization is accomplished with the built-in tools available in the operating system through account management and/or Group Policy objects. Although it does not require System Center for management, this technology should be implemented to all desktops, both traditional and virtual, to provide a complete Desktop Virtualization solution.
Managing Application Virtualization
Managing Application Virtualization with Configuration Manager
Adding improved management of application virtualization solutions begins with Configuration Manager. Configuration Manager provides integrated management of both traditional and virtual applications across the entire set of desktop virtualization technologies.
Configuration Manager 2012 provides a fully integrated App-V delivery and management solution. With Configuration Manager, the typical App-V infrastructure is reduced to the App-V Sequencer and App-V Client. Configuration Manager takes the place of the publishing and streaming components in a typical App-V full infrastructure, while providing additional benefits like scheduled delivery of applications, staging of updates, and machine- and user-based targeting.
Additional information on App-V Integration with Configuration Manager 2012 is available in the Virtual Application Management with Microsoft Application Virtualization 4.6 and System Center Configuration Manager 2012 whitepaper available at:
RemoteApp is a feature of Remote Desktop Session Host (RDSH) where applications appears to be running locally on a user's desktop, but are executed on a server. Using RemoteApp, administrators can solve application-to-application compatibility issues by redirecting where the application is executed, abstracting the application from the desktop environment.
Alternatively, RemoteApp applications can be App-V virtual applications. App-V applications that are delivered to RDSH servers can be published to users and gain the benefits of App-V with RDSH and enable redirected execution by adding the App-V Remote Desktop Services Client on the servers.
Managing Application Virtualization with Operations Manager 2012
Operations Manager improves the management of application virtualization infrastructures through management packs available from Microsoft and third-party companies. This enables views that show state, health, performance, as well as alerts for specific events with application virtualization infrastructures. This enables administrators to be automatically informed of performance or service degradation, providing additional information, guidance, and tools to react quickly and with minimum impact on users.
App-V Management Pack
Desktop Virtualization environments where virtual applications are deployed with an App-V Full-Infrastructure can be monitored with the features of the
App-V Management Pack. This enables IT professionals to use Microsoft System Center Operations Manager 2012 to monitor App-V server systems. The App-V Management Pack is designed to maximize App-V Server availability for handling App-V Client requests. This component delivers an enterprise-level solution to proactively monitor Microsoft Application Virtualization 4.5 server systems.
Configuration Manager Management Pack
Desktop Virtualization environments where virtual applications are deployed with System Center Configuration Manager can be monitored with the features of the
Microsoft System Center Configuration Manager Management Pack. The System Center Configuration Manager 2012 Management Pack can help prevent errors, increasing your organizational uptime and helping you build a more secure and reliable Configuration Manager 2012 infrastructure. This Configuration Manager Management Pack contains configuration items intended to manage your Configuration Manager 2012 site system roles using the desired configuration management component in Configuration Manager 2012.
Remote Desktop Services Management Pack
Desktop Virtualization environments where virtual applications are deployed via the RemoteApp feature and all other features of Remote Desktop Services can be monitored with the
Remote Desktop Services Management Pack. The Remote Desktop Services Management Pack helps you manage your computers that are running Remote Desktop Services on Windows Server 2008 R2 by monitoring the health of Remote Desktop Services role services.
Back to top
Managing Operating System Virtualization
There are three choices from Microsoft for operating system virtualization: virtual desktop infrastructure (VDI) and session virtualization, both of which are enabled through Windows Server 2008 R2 Remote Desktop Services, and Microsoft Enterprise Desktop Virtualization (MED-V), which is part of the Microsoft Desktop Optimization Pack (MDOP).
MED-V 2.0 accelerates migrations to Windows 7 by allowing legacy Windows XP applications, including applications that require older versions of the Internet Explorer browser, to run seamlessly in Windows 7. MED-V allows legacy applications to run within a Windows XP compatibility workspace. MED-V 2.0 has enhancements over previous versions that provide a more seamless user-experience, streamline deployment, and simplify administration.
Managing MED-V with Configuration Manager
System Center Configuration Manager enables complete management of the MED-V components and delivery of the Workspace Package (MED-V Virtual Machine). Post deployment of the MED-V components, requirements, and workspace, Configuration Manager provides ongoing management of the MED-V workspace installing additional traditional or virtual application packages, updating the operating system with patches, and performing normal desktop inventory and metering operations.
Additional information on managing MED-V is available in the
Managing Remote Desktop Services
Remote Desktop Services (RDS) provides the common server infrastructure for centralizing the desktop via VDI or session virtualization with Remote Desktop Session Host. Remote Desktop Services Management was discussed earlier in the Application Virtualization section. The same two components apply for management of Remote Desktop Services: utilizing Configuration Manager and Operations Manager.
Managing VDI Solutions
When looking at managing VDI, there are several categories of management that must be addressed. The following management categories are the same for VDI-based desktops, even though the management solutions may be different than traditional desktops.
- Applications: VDI-based solutions need a management solution for applications, either traditional or virtual. Nothing changes because they are moved to data center.
- User Data and Settings: VDI supports both personalized and pooled desktops. In both scenarios, removing the user data and settings with User State Virtualization will improve the management. Another reason to implement User State Virtualization is the ability to eliminate or reduce the amount of personalized desktops that require the most resources in the data center and that cost the most to manage.
- Virtual Desktop Updates: Virtual desktops in a VDI solution, whether personal or pooled, require updates for patch management as well as updates for typical security solutions like anti-virus, anti-malware, and security software and settings. Because pooled desktops are updated centrally on a maintenance schedule and not individually, Configuration Manager allows administrators to identify and exclude automated updating of pooled desktops. Personal Desktops management of the operating system, applications, and security updates are managed with Configuration Manager as with a traditional desktop.
Managing Microsoft VDI with Configuration Manager
Management solutions for VDI differ depending on the type of virtual desktop that is being implemented either pooled or personal. Details of the two types of desktops are provided throughout this section as they pertain to specific management solutions. In general personal desktops operate like traditional desktops storing changes made by users and persisted in the datacenter and directly mapped to an individual user. Pooled desktops are built from a base image where all users receive a copy of the image that includes identical settings, applications, and configurations.
Personal Virtual Desktops
Configuration Manager provides a complete management solution for personal virtual desktops because they are very similar to physical desktops with respect to management. In this scenario, the Configuration Manager agent is installed on the personal virtual desktop. Because the targeted user base for personalized virtual desktops is knowledge workers, concerns about management causing performance-related issues with disk activity are minimized. Since most knowledge workers log on and off at different times, the concerns for additional load on a VDI infrastructure, most notably disk, should be minimal. However, Configuration Manager 2012 has randomized key tasks to minimize virtual host disk impacts. For any running virtual desktop, the following tasks are randomized:
- Hardware Inventory scanning
- Software Inventory scanning
- Software update scanning, download and installation
- Antimalware scanning and updates
One area where there should be consideration is when implementing software updates and third-party updates for security-based software that is done on a specific schedule. One way to mitigate the impact of these cadence-style updates is to stagger them.
Pooled Virtual Desktops
Given the intent and nature of pooled virtual desktops, there are many considerations for management. Pooled virtual desktops are created off a base image where the virtual desktop itself is not persisted over any length of time. When managing hybrid environments that combine physical and virtual desktops, the machine context must be understood so that configuration activities (such as troubleshooting non-compliant desktops) can be performed appropriately according to the type of desktop. Configuration Manager 2012 allows you to gather machine attributes so that you know when you're looking at a machine name whether it is a physical or virtual desktop, and if virtual, whether it is personal or pooled.
Machine context attributes are especially valuable when managing Pooled Virtual Desktops. Configuration Manager 2012 makes it easy to define custom inventory classes that exclude pooled virtual desktops, using the Pooled/Personal attributes available from Citrix XenDesktop. In pooled environments, it also allows Configuration Manager uniqueness to be saved through the shutdown process and startup. This prevents obsolete records from being created every time a user logs in, and also eliminates delays that would be caused by re-registering the user at every log in.
Managing VDI with System Center Virtual Machine Manager
Third-party VDI solutions such as Citrix XenDesktop, utilize Virtual Machine Manager in combination with their Connection Broker to build, store, and remove user desktops according to on-demand or preconfigured thresholds. Virtual Machine Manager integrates with Operations Manager, providing load management and failover capabilities. And together with Configuration Manager, virtual desktop updates can be provisioned as services with the Virtual Machine Servicing Tool. This enables administrators to automate updating the base image for pooled desktops.
Managing VDI with Operations Manager
Like previous technologies within Microsoft Desktop Virtualization, Operations Manager can play a critical role in managing the infrastructure that supports VDI. A list of Management Packs that can be implemented to provide monitoring of the VDI infrastructure is available at:
Also, there are several third-party management packs available for partner VDI-based solutions.
VDI Application Delivery Scenarios
Another key area when planning for virtual desktops is to determine how users' applications will be deployed to virtual desktops. As traditional desktop applications require patching and updates, by leveraging the centralized nature of virtual desktops, patching can be performed directly on the virtual machine in the data center. The ability to quickly deliver updates is increased and the impact to users is minimized.
There are several options when delivering applications to VDI. The following table shows the matrix of the two types of desktops (personal and pooled) and the delivery options (Configuration Manager, App-V, RemoteApp, and Citrix XenApp).
|VDI Desktop Type||Configuration Manager||App-V/Shared Cache||RemoteApp||Citrix XenApp|
|Pooled||No||Yes, only App-V Shared Cache||Yes||Yes|
Table 2: Recommended VDI Application Delivery Options
Application Delivery with Configuration Manager
Configuration Manager as an application delivery mechanism for VDI solutions enables delivery of traditional and virtual applications to personal desktops. Due to the nature of pooled desktops, where changes are discarded between sessions, Configuration Manager would not be a preferred method of deploying software. In this scenario where personal VDI desktops are used, the Configuration Manager agent would be included as part of the desktops and since they are persisted between sessions, the desktops are managed like traditional desktop operating systems. There are some exceptions to this that have been previously mentioned or referenced in links for additional documentation around staggering schedules for installations of operating system, antivirus, and other updates for performance reasons.
Application Delivery with App-V and App-V Shared Cache
Utilizing App-V for delivery of applications to a VDI environment has several different smaller scenarios. App-V has many benefits for management of the software lifecycle that have been mentioned previously. For VDI, there are two different types of configurations that each has benefits and limitations. The first is storing virtual applications for personal desktops locally on each instance of virtual machine in the App-V cache. The second is storing virtual applications centrally, outside of the personal or pooled virtual machines in a shared App-V cache.
As depicted in the table above, personal desktops can use either App-V with a local cache or App-V with a shared cache. When choosing between the two, the below technical details must be considered:
|App-V Cache Type||Benefits||Drawbacks|
- Dynamic delivery and updates
- Individual user provisioning
- Duplication of virtual applications across all desktops
- Minimal storage (each application in cache once outside of VDI desktops)
- Manual cache updates
- Provisioning of applications into desktops via base image updating, scripting, or App-V Full Infrastructure
Table 3: App-V Cache Location Benefits and Drawbacks
Application Delivery with RemoteApp
Another method of delivering applications to VDI personal or pooled desktops is RemoteApp. RemoteApp enables users to launch an application from their start menu, or desktop, but the application execution is done remotely on a RDSH server. This enables applications, either traditional or virtual, to be managed centrally at the RDSH server(s). This scenario doesn't require additional footprint of application installation on the VDI desktops and reduces the SAN requirements for the VDI infrastructure.
There are some technical details that are important for deploying applications to VDI desktops that are listed below:
- Configuration Manager can be used to deliver both traditional and virtual (App-V) applications to the RDSH servers. However, Configuration Manager doesn't support draining users prior to installation, so installs should be done in maintenance windows when they are not accessible by users. This requirement is for traditional software installs and updates to existing App-V packages.
- Publishing of RemoteApp applications requires administrator intervention for enabling applications for RemoteApp, as well as creating RDP or MSI files for deployment.
- RemoteApp RDP or MSI files can be deployed in two ways. On personal desktops, Configuration Manager could be used to deliver these files. In pooled desktops, the base image would need to be updated with these new files to enable their execution.
- Some applications aren't supported on server operating systems.
In order to further improve the VDI desktop experience when delivering applications via RemoteApp, administrators should enable the RemoteApp and Desktop Connections (RAD) feature of Windows 7. RemoteApp and Desktop Connections is a new feature in Windows 7 and Windows Server 2008 R2 that builds on this by bringing RemoteApp programs to the Start menu, giving them the same launch experience as local applications. With RAD enabled on personal or pooled desktops, the list of RemoteApps will be dynamically updated.
Utilizing RemoteApp with RAD on the client enables a solution for delivering applications to VDI desktops without the footprint of application installation and provides dynamic application addition and removal for pooled desktops. Combined with App-V, delivering applications to VDI desktops with RemoteApp and RAD provide a compelling solution and also can be used to support traditional desktops, both local and remote.
Managing User Data and Personalized Settings in VDI
User State Virtualization should be part of all VDI solutions. Generally, for personal VDI environments, User State Virtualization should be used to reduce the storage requirements of the infrastructure by redirecting and storing user data and settings on separate storage locations than the VDI desktops. In pooled virtual desktop solutions, two options exist. The first is that the pooled desktops don't save any user data or settings changes. However, in a second pooled solution enabled with User State Virtualization, user's changes to data and settings would persist on a remote location. VDI with User State Virtualization provides benefits by taking the data and settings layer and making it portable in either virtual desktop solution. With pooled environments it allows for a more personalized experience where administrators can choose which data and settings can be persisted. In personal virtual desktop environments, it reduces the storage requirements.
Folder Redirection: Use to remotely host application settings that are located in the AppData\Roaming folder in addition to redirecting users' data folders on pooled desktops. However, some applications may experience performance issues if the AppData\Roaming folder is redirected because they will be accessing this folder over the network. If this causes problems, consider not redirecting the AppData\Roaming folder; however, this can increase logon/logoff times.
Offline Folders should be disabled in both pooled and personal VDI environments because VDI requires constant network connectivity between the client and the data center, and Offline Folders provides no real advantage for such always-connected scenarios. Another reason Offline Folders should be disabled in VDI environments is that the servers that contain the data that users need to access typically reside in the same data center and therefore on the same high-speed LAN as the Remote Desktop Virtualization host on which the virtual desktop runs. Finally, enabling Offline Folders on virtual desktops can lead to backups of outdated user state if the servers that contain the data that users need to access reside outside the data center and are connected to the data center over slow or unreliable WAN links.
Roaming User Profiles. Roaming User Profiles stores users' desktop and application setting information from the HKCU registry hive on users' computers in profiles that are stored on network servers so that they can be downloaded to other computers where users might log on. For users who need access to their data files from both Windows 7-based computers and personal or pooled virtual desktops in VDI environments, the following Roaming User Profiles concept is relevant:
Desktop virtualization provides a broad set of technologies to help address desktop management needs across physical and virtual desktops. These technologies improve the management strategy, providing reduced costs for the desktop, increased business flexibility, enhanced security, and regulatory compliance.
This article has presented what is available today from Microsoft System Center technologies and how they can improve the desktop virtualization solution, as well as a preview of the upcoming Configuration Manager. By utilizing System Center, organizations can reduce their efforts through increased automation, enable business intelligence with inventory and asset management, and react to changing business needs with proper health and performance for the infrastructure components.
Back to top