The author of the article is Roman Levchenko ( www.rlevchenko.com ), MVP - Cloud and Datacenter Management

We continue to dive into the innovations of RDS Windows Server 2016.

The first part was devoted to a new type of RDS deployment - MultiPoint Services.

Today we will talk about no less than wonderful, namely Personal Session Desktop and other innovations that extend and complement the existing RDS functionality in Windows Server 2012 and Windows Server 2012 R2 environments.



Once again, I’ll note that at the moment we start from the version of Windows Server 2016 that is officially available and open for use - Technical Preview 4 . In the RTM version, it is possible that there will be changes that we will notify about.



Let's get started

')

Personal Session Desktop

If you are a service provider and want to provide a full-fledged "desktop" to your customers, then in the current environment, the VDI script and the Service Provider License Agreement (SPLA) are an insurmountable wall for solving the problem. According to the SPLA, it is impossible to provide a VDI infrastructure built on the basis of client OS to “cloud” users.



Habr loves evidence, so I quote from the official DaaS (Desktop As A Service) licensing guidelines.

SPLA (January, 2016):

Desktops are delivered under SPLA using Windows Server and Remote Desktop Services (RDS). Windows Desktop Operating System cannot be used .

Microsoft Desktop as a Service Licensing Guide:

No option is available for the SPLA to provide a hosted virtual desktop using the Windows Desktop Operating System; however this is possible to do through Dedicated Outsourcing

Dedicated Outsourcing refers to the situation when a client is licensed through VL and you, as a service provider, provide dedicated physical resources for VDI based on client OS. It is important to note that this scenario also does not give us the right to provide resources under the one to many scheme (1 app. Server <-> many clients). Only a 1: 1 ratio. In fact, we give a couple of units in our closet for rent to one and only one client.







To circumvent such limitations, as a rule, the system is built on the basis of classical terminal solutions (session-based architecture, of course, with the desktop experience on board) and is given to the "tearing" of customers or users.



In Windows Server 2016, they decided to simplify this business and add the method of “binding” users to specific terminal nodes (in the framework of RDS these are Remote Desktop Session Host, RDSH). As a result, we get a new type of RDS collection - Personal Session Desktops (PSD) or private desktops based on terminal sessions. Obviously, you can draw an analogy with Personal Virtual Desktops in VDI, also designed to highlight the "isolated" environment to users.



Let's look at a couple of scenarios that are successfully solved thanks to the PSD:

• If the user needs to work, the OS has all the features and appearance "as the client" (for example, Windows 10), then the full replacement of his desktop will be a PSD with installed Desktop Experience components that allow you to achieve the look and feel of the Windows Server interface to the usual client OS.
• If the user has administrative authority on his usual PC and you want to transfer it to PSD, then this can be done by adding the user to the group of local administrators (determined at the PSD deployment stage, “manual work” is not required)
• If the user does not see his future life without graphical applications that require additional hardware resources, then you can provide a PSD with updated RemoteFX capabilities. We will talk about this a little later. Looking ahead, we finally waited ...

The PSD was first announced in Technical Preview 2 and changed to TP3 / TP4 (one of the changes was the replacement of the cmdlet structure responsible for the PSD configuration). Currently, the only way to deploy PSD is PowerShell. GUI option plan to add no earlier than RTM release.



For demonstration and testing purposes, you can use the session-based Quick Start deployment type. This will install RD Connection Broker, RD Web Access and RD Session Host on the same physical server. For real use it is recommended to form a distributed architecture. Do not forget that each RDS component supports virtualization (for example, 1 VM RDSH <-> 1 PSD User) and high availability (for example, RD Connection Broker to have a highly accessible configuration).



Just in case, I present the configuration steps.



Additionally, install Desktop Experience on the RDSH site

Install-WindowsFeature Desktop-Experience 

Moving on to creating a collection of PSD.



The New-RDSessionCollection was supplemented with a switch -PersonalUnmanaged , which is used to create a collection of type Personal Session Desktop (in Technical Preview 2, the name of the switch was different, namely -PersonalSessionCollection )

 #   RDSH $rdshost="tp4-root.democorp.ru" # PSD-      New-RDSessionCollection -CollectionName Personal -ConnectionBroker $rdshost -SessionHost $rdshost -GrantAdministrativePrivilege -PersonalUnmanaged #  rdsuser   PSD   Personal Set-RDPersonalSessionDesktopAssignment -CollectionName Personal -User democorp\rdsuser -Name $rdshost # Get-RDPersonalSessionDesktopAssignment -CollectionName Personal CollectionName DesktopName User -------------- ----------- ---- Personal TP4-ROOT.DEMOCORP.RU DEMOCORP\rdsuser 

If the RDSH is already in one of the PSD collections, then based on it you cannot create a new collection. Only after removing this RDSH from the current collection will it be possible to define it in a new one.

 New-RDSessionCollection -CollectionName Personal -ConnectionBroker $rdshost -SessionHost $rdshost -GrantAdministrativePrivilege -PersonalUnmanaged WARNING: The RD Session Host server tp4-root.democorp.ru already exists in another collection. New-RDSessionCollection : Unable to create the session collection. #   Get-RDSessionCollection CollectionName Size ResourceType CollectionType CollectionDescription -------------- ---- ------------ -------------- --------------------- QuickSessionCollection 1 RemoteApp programs PooledUnmanaged #  Get-RDSessionCollection|Remove-RDSessionCollection 

After creating the PSD collection and linking the user to it, go to the RD Web Access node (https: // host fqdn / rdweb) for additional verification, using the credentials of our user. A list of the collections available to the user should appear.







I note that in the administrator’s usual list of collections (Server Manager -> RDS -> Collection List), this type of collection is not displayed, since it is created and managed only using PowerShell (at least until the RTM version is released).



This is the appearance of the Start Panel in the PSD session:







Our collection was created with the -GrantAdministrativePrivilege key, so the user was automatically added to the Administrators group on the dedicated RDSH server.







Moving on.

RemoteFX enhancements

In Windows Server 2012 R2, the RemoteFX adapter has a number of limitations: 256 MB is the maximum amount of dedicated VRAM, support for only OpenGL 1.1, and lack of support for OpenCL. All this affects the supported number of monitors, resolution and adequate work of new graphics applications (for example, Autocad Re-Cap requires OpenGL 3.3 and 1 GB VRAM, Photoshop CC - OpenGL 2.0 and 512 MB VRAM at a minimum).



Windows Server 2016 is designed to solve these problems and makes a number of changes:

• Ability to select up to 1 GB VRAM. Hyper-V virtual machines can use up to 1 GB of dedicated VRAM + to increase the amount of VRAM due to VM system memory, getting up to 2 GB VRAM, depending on the amount of memory available to the virtual machine.
  
  
  
  In addition, the dynamic definition of VRAM volume based on the number of monitors and resolution is replaced by the ability to set a specific VRAM value for each VM, regardless of the maximum number of monitors and resolution.
  
  
  
  
  
  
  
  
• OpenGL 4.4 and OpenCL 1.1 support. As a result, we have a “carte blanche” for the use of modern graphic applications.

RemoteFX settings are defined via both the GUI and PowerShell.

 Set-VMRemoteFx3dVideoAdapter Set-VMRemoteFx3dVideoAdapter [-VM] <VirtualMachine[]> [[-MonitorCount] <byte>] [[-MaximumResolution] <string>] [[-VRAMSizeBytes] <uint64>] [-Passthru] [-WhatIf] [-Confirm] [<CommonParameters>] 

New RDS customers

More recently, Microsoft did not have a single mobile client to access remote desktops, and had to use third-party paid solutions that support RD Gateway. However, as the RDS solutions were promoted and used, the following clients were released and added:

• RD Client for Android
• RD Client for iOS
• RD Client for Mac

The RDP client (MSTSC.EXE) has been upgraded to version 10, which has improved support for the AVC / H.264 codec and AVC 444 mode, designed to improve fps, reduce color loss by using the features of the hardware H.264 decoder in high resolutions up to up to 4K (GPU should support DirectX 11.0, H.264 decoder Level 4.1 / BT.709). So far, only as part of a full-fledged client, but it is planned to add support for mobile clients, indicated above.

AVC444 mode is used by default in RemoteFX, but it is possible to use AVC444 and in other scenarios using group policy settings:



Computer Configuration / Administrative Templates / Windows Components / Remote Desktop Session Host / Remote Session Environment:

Prioritize H.264 / AVC 444 Graphics mode for Remote Desktop connections

and

Configure H.264 / AVC hardware encoding for Remote Desktop connections>

Support for second-generation virtual machines

Second generation VMs (Generation 2) became available even in Windows Server 2012 R2, but their use within RDS / VDI (and not only) was postponed. For example, the ability to create VMM service templates based on Gen2 was added only within UR6 .

In Windows Server 2016, we can use both generations for use in various types of collections (personal / pooled or personal session). Additional configuration is not required.

Edge Stylus & Browser Support

If your device, such as Surface, supports working with a stylus, and the local system is not lower than Windows 10, then you can use the stylus as part of an RDP session.



In Windows Server 2012/2012 R2, such devices are also redirected, but are used as a replacement for the mouse. As part of Windows Server 2016 and Windows 10, you can draw or write with the stylus, for example, by opening a graffiti application in Microsoft Edge, which also gained support when working in a remote session.

findings

Updated RemoteFX and RDP with support for 4K resolution increase the return on VMs with “heavy” applications within VDI and increase their speed in comparison with Windows Server 2012/2012 R2 (of course, you need to test and look at real numbers).



MultiPoint Server, which has moved under the “wing” of RDS, expands the field of application of remote desktops and makes them more attractive (interactivity in the dashboard, ease of configuration play an important role in this).



Personal Session Desktop (PSD) simplifies the provision of desktops within the DaaS service and extends the capabilities of RDS in Azure. I don’t have to expect a global change in SPLA conditions. Say "thank you" that they did not forget about us here either.



Hope that was interesting. All good virtualization and RDS implementation.