Publishing vworkspace HTML 5 connector behind Citrix Netscaler

Since the release of vworkspace 8.5 I’ve been wanting to try out the HTML 5 connector properly! we have a lab enviroment where we have it deployed and it works amazingly fast inside the local network.

But… I also want it available from outside our local network, therefore I decided to publish it using our Netscaler. Now the HTML 5 connector from Dell is like the one on Storefront, it runs on top of the web access server and we can use that as an proxy to access applications and desktops.

Now initially I wanted to publish the connector using SSL offloading, meaning that users could access the HTML 5 connector on a SSL enabled vServer and that Netscaler would do the SSL processing and the web access server would get non encrypted traffic via port 80 but… when I got this up and running all I got was error messages.

clip_image002

Didn’t see alot of useful info in the logs as well which could lead me to the error.

2015-01-20 08:59:45.078 – 844 – RdpProxy – ERROR – Server exception.

System.Net.Sockets.SocketException (0x80004005): An existing connection was forcibly closed by the remote host

   at Freezer.Common.Utils.readAll(Socket socket, Byte[]& data) in d:\Build\349\vWorkspace\Elbling\Sources\SRC\Freezer\IIS\Freezer\Common\Utils.cs:line 121

   at Freezer.Common.SocketStateObject.handleSocket(Object o) in d:\Build\349\vWorkspace\Elbling\Sources\SRC\Freezer\IIS\Freezer\Common\RdpServer.cs:line 160

2015-01-20 08:59:45.078 – 4780 – UserStatecbf3bb31-bd6e-7cdf-5e50-f21fccda8e4 – DEBUG –

2015-01-20 08:59:45.078 – 1000 – UserStatecbf3bb31-bd6e-7cdf-5e50-f21fccda8e4 – DEBUG –

2015-01-20 08:59:45.078 – 1692 – UserState – DEBUG – RDP ProcessExited for: [id_1421740273901]

2015-01-20 08:59:45.078 – 1692 – UserState – DEBUG – RDP ProcessExited: Cleaning up for [id_1421740273901]

2015-01-20 09:00:14.828 – 144 – UserStatecbf3bb31-bd6e-7cdf-5e50-f21fccda8e4 – DEBUG – Message received: AS00000704:      handle_print_cache( 00DEE778 )

2015-01-20 09:00:14.828 – 144 – UserStatecbf3bb31-bd6e-7cdf-5e50-f21fccda8e4 – DEBUG – 00000704:     ignoring an UPDATE PRINTER event

What I did see on the other hand was that my browser which was running the JS did try to open a connection directly to 443

clientSide: wss://demossoproxy.dsg-iam.com/vWorkspace/Freezer/api/Image?sessionId=id_1421175921207 (wss is SSL based websocket connection)

but since my web accesss server was running only on port 80 it didn’t work well. Therefore I changed the setup a bit. Instead of SSL offloading I tried with SSL bridging, so I moved the encryption back to the web access server and just used SSL multiplexing, which actually worked!

I’m guessing that the websocket connection requires the same port externally and internally, since I didn’t troubleshoot it anymore. So here Is a little clip of how fast the HTML5 connector for Dell vWorkspace is.

#citrix-netscaler, #dell-vworkspace, #html5

Dell vWorkspace EOP–Configuration

For those who do not know what vWorkspace is, take a look at my previous blogpost regarding vWorkspace –> https://msandbu.wordpress.com/2014/04/20/introduction-to-dell-vworkspace/

EOP (Enhanced Optimized Protocol) is an enhancement to the RDP protocol which Dell (or Quest) have developed which is a part of vWorkspace. Now Microsoft has made alot of improvements to the RDP procotol in 2012 and 2012 R2, but it is nowhere near Citrix in how it performs over WAN and the ability to deliver high-graphic content. EOP contains mulitple enhancements to the procotol to even the difference, like:

EOP Xtream. Accelerates RDP and EOP traffic on wide area networks (WANs). This provides for an improved user experience by providing faster RDP screen responses and improved performance of all EOP features.

EOP Print. A single-driver printing solution that satisfies both client-side and network printing needs in a vWorkspace environment.

EOP Audio. Enables support for applications that require the use of a microphone, such as dictation, collaboration, and certain Voice Over Internet Protocol (VOIP) applications such as Office Communicator and Lync.

EOP Multimedia Acceleration. Enables the redirection of Flash content and Microsoft DirectShow content (anything that can be played in Microsoft Windows Media Player) from the VDI or Windows RDSH Session through an RDP Virtual Channel to the client access device. There it is played using the local compression/decompression technology (CODEC).

EOP Flash Acceleration. Allows playing of Flash content.

EOP Graphics Acceleration. Reduces bandwidth consumption and dramatically improves the user experience, making RDP usable over WAN connections.

EOP Universal USB. EOP Universal USB enables the use of virtually any USB connected device, such as PDAs, local printers, scanners, cameras, and headsets to be used in conjunction with VDI.

EOP MultiMon. Enables support for multiple monitors, which is monitor aware.

Where do I configure EOP ? Firstly under Connection policies, choose create new

image

Then during the wizard, define which EOP enhancements you want to enable to the end user

image

Remember to assign it to a user as well.

image

You also need to enable Graphics acceleration on the particular desktop as well.
In my case I have a RemoteFX enabled VDI machine. So right click and choose Properties.

image

And under EOP Graphics choose enable –>

 image

How can I verify that it is working ?
For instance Flash Redirection, when starting a Flash video on the remote session the flash redircetion engine should fire up a local flash instance and show the video from your device instead of being rendered on the host.

image

From Netbalancer I can see that PNFMMRHost.exe starts when I start a flash video, this process is part of the Quest Flash Redirection engine.

Text echo (Now this is inded a very good feature to have in a RDP session with high latency) since it displays in real time what the user is typing, even thou it might not appear in the desktop right away.

image

So with testing Graphic accleration I did a basic test, opened a remote session and from within the session I opened Internet Explorer and opened URL gamespot.com after the page was fininshed loading I logged out of the session.

With Graphic Accleration enabled

image

Disabled

image

So this was just few of the enhanced features that EOP brings, more to come. Note that next week the Beta 8.5 will be released.

#dell, #dell-vworkspace, #eop

Customizing Web portal for Dell vWorkspace

In all cases when you are having planned downtime or doing maintance work to a service you want to be able to inform all potential users that they are aware of the downtime. vWorkspace has an excellent way to easily change the content and implement different banners directly into the web portal.

So to look a bit back to my previous post https://msandbu.wordpress.com/2014/04/20/introduction-to-dell-vworkspace/ 

So for instance if we were to add a custom banner on the vWorkspace web access portal. Go into the management console, web access and choose the web site.

image

Right-click on it and choose Properties. From here we get a menu list where we can do tons of changes directly. From here we can for instance integrate it with a secure gateway solution or custom rules for how the web portal should provision connection files (For instance if it is behind a firewall)

image

We also have the option to define mutliple AD domains so that a user can choose when they login, and SSO using Kerberos and or two-factor using RADIUS.

Now the setting we are interested in is under Messages section. Here we can enter what text we want shown out to the users in different scenarioes. And we have something called the Message Center which is not shown by default.

image

So by entereing information here and crossing of for “Show the message center” and choose OK. Then choose update website

image

After the website is then updated we can reopen the browser to the web site and see the message box.

image

Now if I am not happy with the layout of the web site or want to customize it with my own company logo or something else. I can also easily do this from the same menu under themes.

I can change logo / color / theme directly from this menu

image

Now even thou I can define configuration here I can also define it manually using XML. When I do a change to the web access site it does the configuration changes in a file called websettings.xml

Which is stored under C:\inetpub\wwwroot\nameofwebsite\Config. The file is pure XML but as the variables are easy to interpet.

image

For instance if we wanted to script a message center, we can change the <ShowMessageCenter>false</ShowMessageCenter> to true instead. And change the <InfoMessage> tag as well.

#dell-vworkspace

Introduction to Dell vWorkspace

Lately there has been alot of fuzz regarding Vmware and their release with Horizon 6 suite with terminal server based solution, and if we rewind one month back in time we also have the latest XenDesktop release from Citrix which contains Hybrid cloud provisioning features.

Now both Citrix and VMware are both good options and of course Microsoft themselves are becoming more focused regarding delivering apps and desktops to users, with the latest release and with of course remote clients for Apple and Android.

There is also other products within this segment, one of them which I find interesting in particular is Dell vWorkspace.

vWorkspace is part of the formerly known Quest Software portfolio which is now part of Dell. vWorkspace has much of the same features such as any other VDI/RDSH product but it has some interesting features as well, such as

* Support for Linux VMs
* EOP protocol (Which is built on-top of RDP like HDX/ICA is on Citrix)
* Supports vSphere, SCVMM, Paralells

ill get more into the different features in a bit. As I thought I would go trough a basic deployment of vWorkspace just to show the difference between some of the different products. Now the latest version of vWorkspace is version 8 MR 1 (Which has support for 2012 R2 and Windows 8.1)

vWorkspace can be downloaded from Dell here –> http://www.quest.com/vworkspace/

image

Now when installing vWorkspace we have to different setup options

image

If we choose advanced we have the option to choose what roles a server should have installed.

image

NOTE: If you want to installed the RD session host role (You need to have it installed the windows feature RDSH first) If we choose Web Access Role as well we need to enter a site name (Which will be the IIS path)

image

Also the setup requires a database where the configuration will be stored, luckily it has the option to install a SQL express edition

image

Now important to note that vWorkspace uses sa user to connect to SQL database, and therefore remember what username and password you use here

image

(NOTE when pressing next here it will take some time before the install continues since it is silently installing SQL)

Now other then that, the installation took like 1 min and the architecture is quite flexible since I can choose what roles a server should have.

First of after a quick reboot and starting the management console we are presented with a licensing pop-up

image

After we have entered a license or just clicked next we are presented with a quick wizard guide which shows us some options we have to provision desktops

image

If we close this we get to the main console which gives us an overview of the solution

image

I can go down into single objects and see session hosts, connected users, processes directly from the console

image

I also have the option to provision a group of new hosts directly from the console. Now first we can do is add the previosly created website to the solution by going down into web access.

Choose Action –> New website and choose import (If you have installed the web access role on the same server type in localhost and choose OK, the wizard will get all locally installed web access sites then choose validate.

Then you will get a wizard which allows you to configure the website behaviour( default apps, and so on)

Now in my case I can now connect to the website using my regular Windows client.
NOTE: I added a default domain using the web access wizard ( I can also add other domains which makes it easy for users to choose what domain they come from)

image

Now since I haven’t added a application or desktop yet I will get the following error mssage when connecting to the site

image

So let us publish a full desktop connection to my one session host

Choose applications in the console and press the plus sign.

image

Again we get a wizard which shows the options

image

image

So after we have finished the wizard and published the application we can head back to the client and try entering again.

And now we get the desktop icon and if we go into the downloads pane we get the option to download the vWorkspace connector

image

Now by clicking on the application will either download a *.pit file (If using Chrome) and with Internet Explorer it will automatic start the application (since it contains a quick url plugin)

Now when we have an active connection we can see that is uses the regular RDP port 3389
image

vWorkspace also has an quick tray plugin which allows to see active connections to a farm. (Which is shown in the screenshot above)

Now we have done a basic setup using vWorkspace. Some notes herethou.

* The web access site is quite customizable (from within the management console) and react quite snappy!

* There are connectors for mobile devices as well

* vWorkspace is equipped with EoP which has redirection features such as Print, USB, media and so on.

* It has profile customization and application delivery using App-V and MSI

* You can integrate it with Foglight monitoring for desktops

Now Dell vWorkspace for Linux connector supports

Rhel 5.9 and 6.4

CentOS 5.9 and 6.4

Ubuntu 12.04 and 13.04

and with support for Hyper-V and it can make a very benefical VDI solution as well. For instance if you are using Hyper-V server (Which is free when you are running non-windows virtual machines) you can use vWorkspace to provision Linux virtual machines for no-cost.

my 2 cents as of now Smilefjes

#dell-vworkspace