Are Windows Server 2008 Terminal Services Good Enough For Me - Part 2

Update: Ericom has released PowerTerm WebConnect for Windows Server 2008. This is a free package that enhances the capabilities of Windows Server 2008 Terminal Services, adding several significant capabilities to that platform. If you are considering Windows Server 2008 Terminal Services for your Server Based Computing needs, I highly recommend that you give PowerTerm WebConnect for Windows Server 2008 a try.

Microsoft TechNet recently ran a two-part interview with Tad Brockway, group program manager for the Terminal Server product development team (via DABCC.com). In this interview Tad conducts a quick demo of Windows Server 2008 Terminal Services and also draws a high-level diagram of its architecture on the whiteboard. While this interview does not contain any surprises or features that we have not seen before, it does provide a nice, short overview of what’s in Windows Server 2008 Terminal Services, and also indicates what has been left out. This information can help you determine if it’s worthwhile to investigate Windows Server 2008 Terminal Services as a complete solution for your Server Based Computing needs or if you still require an add-on solution such as Ericom PowerTerm WebConnect or Citrix. Please note that you may need Microsoft Silverlight to view the interview recording.

So what can we learn from this presentation? Tad shows us that:

1. Windows Server 2008 Terminal Services are quick and easy to install and configure
2. Published applications and desktops can be accessed using a built-in web interface (TS Web Access)
3. Published applications and desktops can be accessed securely from outside the firewall without an SSL VPN or modifying firewall configurations, using HTTPS tunneling (TS Gateway)
4. Published applications are seamlessly integrated into the local desktop (TS RemoteApp
5. Published applications share sessions
6. Multi-monitor support – while Tad doesn’t talk about it, his Vista client is configured with two monitors

There are also several new Windows Server 2008 Terminal Services features that Tad doesn’t show:

1. Session based load balancing (TS Session Broker) – Tad mentions this feature but doesn’t demo it
2. Universal printing (TS Easy Print)
3. Plug-and-Play device redirection
4. 32bit color, improved RDP performance and more

Thanks to all these new features and capabilities Windows Server 2008 Terminal Services can provide a sufficient Server Based Computing solution in scenarios that previously required add-on products such as Ericom PowerTerm WebConnect or Citrix.

This presentation also highlights some of the limitations of Windows Server 2008 Terminal Services:

1. Applications are published to all users, not to particular groups of users. In other words, when using the web interface all users will always see the same applications icons
2. No Single Sign On from the web interface to the published applications. Single Sign On can only be accomplished by saving credentials in the local Credential Store
3. TS Session Broker is very limited and is intended for use with no more than five Terminal Servers

There are also some limitations this presentation doesn't touch on:

1. No centralized management – when using multiple Terminal Servers, applications must be published on each and every server independently
2. Limited application publishing – application shortcuts can be published to desktops but only using MSIs. This is a somewhat clunky mechanism and does not support clients that are outside the domain
3. As I explained in my previous post, most new features require Windows Vista SP1, or at least XP SP3
4. No application load balancing, which means all the application must be installed on each of the Terminal Servers
5. No logging or auditing
6. No end-point monitoring or root-cause analysis

If you require any of these features and capabilities than you still need an add-on to Windows Server 2008 Terminal Services. At this time, Ericom PowerTerm WebConnect is the only such product that is compatible with Windows Server 2008 Terminal Services. Moreover, PowerTerm WebConnect is the first and only Terminal Services product certified by Microsoft for Windows Server 2008.

Yet Another Happy Customer

Another entry in the ongoing series of Happy Customer reports - this time in the financial sector. Tech Decisions is running a story about how Western Financial Group, a Canadian banking and insurance firm successfully switched over to Ericom PowerTerm WebConnect. A few choice quotes from this article:

Installation went quickly. "We built the environment and put the terminal server on it," says Bennett. “We called the Ericom support folks and downloaded the application, and with their assistance over the phone, we had it configured within a half hour or 45 minutes."

And

"... my plan was to explain [to management] here is my old cost point, here is my new cost point, and the new one is substantially less. It wasn’t even a sell. I found a more cost-effective solution, it didn't cause us any issues, and there really was no change from the user side."

More Great Stuff From Mark Russinovich

I just ran across another great interview with Mark Russinovich, Microsoft Technical Fellow, this time at Channel9. In this interview Mark discusses numerous interesting subjects including Windows Server 2008 Kernel, MinWin vs ServerCore, HyperV, and Application Virtualization. You can download a podcast but since Mark gets in front of a whiteboard I recommend watching the video.

Network World Blog Post Critique

Mitchell Ashley blogs over at Network World about Doug Brown’s interview with Dr. Mark Russinovich, Microsoft Technical Fellow in the Platform and Services group. Mitchell Ashley begins his blog entry by stating that “this is a valuable podcast to listen to if you want to get a basic understanding of issues around virtualization”, I couldn’t agree more. However the rest of this blog entry contains a few statements that I either don’t agree with or don’t understand.

In the second paragraph Mitchell Ashley writes about the debate regarding OS vs. hypervisor and states:

Selecting your hypervisor technology and virtualization management systems is now the first decision to make, rather than the OS

While the hypervisor is unique in being software that runs underneath the OS, I take exception with this statement that selecting the hypervisor is more important than selecting the OS. The purpose of IT, first and foremost, is to provide users with the applications they need to do their work. Therefore selecting which OS to use is critical – it must be an OS that supports these applications and facilitates their use. Selecting the hypervisor, on the other hand, is a technicality, like selecting which hardware to use. It may be an important technicality, but it’s a technicality none-the-less. After all, the users could care less which hypervisor you use as long as their applications work properly.

In the last paragraph of the blog entry Mitchell Ashley writes:

By managing client options (as Mark describes it), I believe this plays well in to Citrix' strategy with Xen, virtual desktop images can be centrally managed and distributed to client machines, creating a virtual desktop operating on whatever computer that end user is using. This also plays well into the evolution of Terminal Server and Citrix servers into a virtualized world.

Unfortunately I’m unable to fathom what Mitchell Ashley is trying to say here. Is he saying that virtualization is good for Citrix because it can be used for desktops as well? If so, what does that have to do with Microsoft and this interview? Also, while desktop virtualization is part of Citrix’ roadmap, they are currently only selling a server virtualization product, XenServer, which will directly compete with Microsoft’s Hyper-V. Their future XenDesktop product will not operate “on whatever computer that end user is using” because it doesn’t stream the VM, it remotes the UI. Moreover, XenDesktop will be distinct from Citrix Presentation Server and not an evolution of it. This is unlike PowerTerm WebConnect which integrates both virtual desktops and Terminal Services into a single product.

Maybe all that Mitchell Ashley is trying to say is that there is a great future in store for desktop virtualization. That is a statement I can certainly agree with.

Microsoft Virtualization Gems

I’ve already written about Doug Brown’s excellent series of podcast interviews with Microsoft virtualization experts. In short, it is required listening for anyone interested in virtualization in general and Microsoft’s take on virtualization in particular. Here are a few gems I’ve extracted from these podcasts, with some personal observations:

1. Management is where it’s at – in one interview Doug Brown states that the hypervisor is becoming a commodity and that the battle will be about management. I couldn’t agree more, and apparently so does Microsoft, having priced Hyper-V at a mere $28. Several interviewees talk about Microsoft’s new System Center Virtual Machine Manager, and all the hard work they are doing to catch up with VMware. It appears that Microsoft is shooting for a version 1.x with the capabilities and scope of a 2.x. It will be interesting to see if they succeed.
2. Microsoft to manage VMware – I guess Microsoft has come to grips with the fact that VMware is too entrenched to be replaced any time soon. As a result System Center Virtual Machine Manager will be able to manage both Microsoft’s Hyper-V and VMware’s ESX/VI3! I cannot think of any other example where Microsoft has taken such an approach with a direct competitor.
3. Leveraging the monopoly – Microsoft’s key advantage is that the OS most organizations will virtualize is Windows. Microsoft is planning to leverage this advantage using what it calls “deep management” – managing both the outside and the inside of the virtual machines using a single console.
4. Windows is enlightened – enlightenment is a very interesting new Windows kernel features described in the interview with Eric Traut. Special code has been inserted into the Windows kernel that recognizes when it’s run inside a virtual machine. This triggers various optimizations that can improve performance by up to 20%. The big question is: will this code identify ESX or only Hyper-V?
5. The pervasive VHD – Virtual Hard Disk is format developed by Microsoft for packaging virtual machines. It’s also the format licensed by XenSource (now Citrix) for Xen. According to these interviews, Microsoft is so enamored with this format that they plan to use it all over the place, e.g. they are considering replacing the Application Virtualization (SoftGrid) SFT format with VHD.
6. VDI is in the future, way in the future – Doug asks all the interviewees about VDI, and they all answer that it’s interesting. They all mention Terminal Services. And they all neglect to provide any concrete details about Microsoft’s plans for VDI. My take is that currently Microsoft simply does not have concrete plans for VDI.

What does all this mean for Ericom? We believe that Hyper-V will become a significant factor in the virtualization market, but that VMware will remain a dominant player for some time to come, at least. As a result, many organizations will find themselves utilizing multiple types of hypervisors and their data-centers, despite the obvious desire to standardize on a single vendor. Moreover, the approach taken by Oracle, of officially supporting its products only on its own virtualization platform, may lead to even greater diversification. In this context, Microsoft’s decision to enable management of multiple types of hypervisors using a single console appears to be very justified.

We believe that VDI connection brokers must take the same approach. As a results, our connection broker already supports VMware VirtualCenter 1.x and 2.x, Microsoft Virtual Server 2005 (Hyper-V support is in the works), Xen and VirtualIron. Oracle VM support will be added very soon. Add to that our longstanding support for Terminal Servers as well as many other types of back-end systems all within the same product, and you’ve got total access solution.

Great Podcasts at DABCC Radio

Wow. Doug Brown’s DABCC Radio has always been a great source of information about virtualization and server based computing, but the latest series of podcasts with Microsoft virtualization experts is simply fantastic. Noteworthy interviewees include Dr. Mark Russinovich, Microsoft Technical Fellow and Mike Neil, Microsoft's General Manager of Virtualization Strategy. If you are interested in virtualization in general and Microsoft’s plans regarding virtualization in particular, this is a series that you must listen to.

Follow-up Windows Riddle

In a previous post I asked whether Regsvr32.exe in the System32 directory is a 32-bit executable or a 64-bit executable on Windows Server 2003 x64. Here is another 32-bit / 64-bit Windows riddle: is the default browser on the x64 version of windows (2003, XP, Vista and 2008) 32-bit or 64-bit? I will post the answer in the comments section in a few days.

Improve Logon Time by Removing Unnecessary Startup Applications

Most Server Based Computing solutions, such as Ericom PowerTerm WebConnect or Citrix Presentation Server, strive to make launching published applications as similar as possible to launching local applications. For example, such solutions create icons on the local Desktop and Start Menu for published applications and can even associate local file types with published applications. And yet there are several significant differences between the actual process of launching a published application on a Terminal Server and a local application. One such difference is that launching a published application on a Terminal Server often requires starting a new user session on that Terminal Server (unless Session Sharing occurs, which is why Session Sharing is so desirable). The biggest annoyance this represents for the end-user (aside from the potential for profile corruption) is the delays caused by the session creation and consequent logon, both of which can be fairly lengthy compared to the time required for the actual application to start. In a previous post I described a new Windows Server 2008 feature, called Parallel Session Creation, which reduces the delay caused by session creation. In this post I will describe a method for shortening logon time.

Perhaps the most straightforward means of shortening the logon time is to remove unnecessary startup applications. Startup applications are applications that run at Windows startup, and it turns out that there are often a large number of such applications, and that many of them are indeed unnecessary. Probably the best way to view the complete list of startup applications is to use the SysInternals Autoruns utility. Here’s a screenshot from my own laptop: As you can see, this list is quit extensive, and I’ve seen much longer. In a Terminal Server environment, however, I would consider such a list as being excessive. Not only do startup applications slow down logons but they also often continue running throughout the session’s lifetime, consuming system resources such as CPU, memory and handles. Also, they can introduce a certain amount of instability to the system. In a Terminal Services environment these deficiencies may be multiplied by the number of concurrent sessions.

It’s not always easy to determine which startup applications are necessary and which are not. You certainly do not want to remove startup applications that are actually required. The best approach is to review the list, search the web (which you can conveniently do from within Autoruns simply by right-clicking on an item in the list), and make educated decisions. When in doubt, don’t remove. To help you on your way here are two recommendations to start with:

1. Adobe Reader Speed Launcher (reader_sl.exe) – in an attempt to speed-up Reader load time, Adobe installs this startup application (introduced in Adobe Reader 7, I believe). Essentially all it does is silently load an invisible instance of Reader. This way when Reader is launched intentionally its modules are already in memory, resulting in somewhat faster startup time. While this technique might be acceptable in a single-user environment, it’s definitely a bad idea for Terminal Servers. First, if the session is used for a published application other than Adobe Reader then it’s much less likely that Reader will be launched by the user in the context of the same session. Second, if the published application is Adobe Reader, then it will be launched immediately in the session anyway, so pre-loading will not provide any benefits. Finally, in a multi-user environment, Adobe Reader may already be running in a different session, which may provide the same benefit as reader_sl.exe anyway. To Remove Adobe for the startup list of future sessions, simply uncheck it in Autoruns.
2. Office speech recognition and the handwriting recognition (ctfmon.exe) – originally introduced in Microsoft Office, ctfmon monitors active windows and provides text input service support for speech recognition, handwriting recognition, keyboard, translation, and other alternative user input technologies. If you do not require support for alternative user input technologies you can remove this process from startup, as described in this Microsoft support article: http://support.microsoft.com/kb/823586/en-us

Whether or not you gain any noticeable improvements to the logon time of your Terminal Servers is very much dependant on their configuration and utilization. However, every journey begins with a first step and every little bit helps.

Ericom and RTO Solution Integration

For several years now, I’ve been a big fan of RTO Software. RTO practically invented the concept of virtual memory optimization for Terminal Services (and Kevin Goodman, RTO’s CEO has the patents to prove it), and to this day has the best solution on the market, in my opinion. For this reason, I was very pleased when Ericom and RTO agreed to bundle the latest version of TScale Advanced into PowerTerm WebConnect. Out of the box, PowerTerm WebConnect can provide up to 50% greater scalability than Citrix per server. Combined with the RTO TScale, this scalability benefit becomes even more pronounced. In addition TScale Advanced enables Terminal Servers to provide a more robust and consistent application performance and user experience, which is crucial in an enterprise Server Based Computing environment. Probably the bast way to learn about this technology is by listening to Kevin Goodman describe it himself.

I’m now very happy to inform you that Ericom and RTO have agreed to expand this relationship and also bundle RTO’s PinPoint and Discover into PowerTerm WebConnect. RTO PinPoint is, in my opinion, the leading solution for application performance monitoring for Server Based Computing environments. In such environments it can be very difficult to diagnose performance problems and identify bottlenecks due to their complex nature, and the various interdependencies between their components. At the same time identifying and addressing such problems can be crucial because they can impact the entire organization. RTO have leveraged their unique and deep understanding of the internal workings of Windows and Terminal Servers to create a solution that provides the following features:

• Root cause Analysis - Simple intuitive interface and easy to find and troubleshoot root cause quickly with the ability to replay historical activity.
• End-To-End monitoring - Collect, measure and monitor application performance from the client to the server endpoints and track the User Experience.
• Critical Path Monitoring - Auto-discover servers and group business-critical servers in the critical path of a transaction or user session and set alerts and threshold triggers to this group.

To learn more about this technology you can (and should) listen to Kevin Goodman describe it.

Discover is yet another great solution from RTO that addresses the need for an automated tool for enterprise IT managers and staff to get an accurate, real-time understanding of their complex IT infrastructure. RTO Discover is able to analyze and map environments comprised of thousands of applications, servers and network devices. It is, in my opinion, an indispensable tool for any system administrator. Kevin Goodman provides an excellent overview of RTO Discover in this interview.

We are currently in the final stages of implementing this integration. A new version of Ericom PowerTerm WebConnect that combines all the benefits of these RTO products should be available for download and evaluation from our web site within a few weeks. Watch this space for the announcement of its availability.

By the way, it is not by chance that Kevin Goodman was the first interviewee on Brian Madden Live, and the second interviewee on DABCC Radio, where he has since been interviewed again. Kevin is an amazing person with an uncanny ability to grasp complex technical issues and simplify them so that they become understandable and addressable. I highly recommend viewing videos of presentations he has delivered at previous BriForums, which you can find here.

A Riddle for You Windows Mavens

So you think you know Windows? Well here’s a riddle for you: on Windows Server 2003 x64 is the Regsvr32.exe in the System32 directory a 32-bit executable or a 64-bit executable? For the answer, and a follow-up riddle check out the comments section.