Published on 27 Jul 2012
In a centralized environment such as a XenApp farm, users share resources with one another. A thoroughly designed platform will be able to handle all prospected users as well as provide contingencies for failures and maintenance tasks. When sizing a XenApp farm, resources as well as licenses need to be calculated for the concurrently connected users (CCU) which may well be only a small fraction of the total number of users. From an architectural point of view, it is very desirable to free resources when they are held by idle users to make them available to other sessions.
XenApp offers several timeouts to manage inactivity and free resources. This article explains how they work (including session pre-launch and session lingering) and what this means for your design.
Published on 25 Jul 2012
Windows Recovery Environment (RE) is based on the Windows Preinstallation Environment (PE) and can be extended to be a minimalistic system to recover a somehow broken systen. Windows RE is configured in the boot configuration data to be the failover system for the primary boot entry. If the boot loader fails on the default entry, it will automatically try to boot into the recovery environment.
Published on 11 Jul 2012
I have recently published the shadow key companion which compiles all currently known information about shadow key in a single article. An important piece of information is the flag TS_AWARE for executables causing Windows not to produce shadow keys in install mode. Unfortunately, there is a downside to this flag that may well affect installation scripts.
Published on 03 Jul 2012
The most prominent reason for thinking about booting through UEFI instead of BIOS is the availability of large drives. BIOS requires a MBR (Master Boot Record) formatted drive which is inherently limited to 2 TiB. But there are more very good reasons for making the switch. In this article I will provide a brief comparison of BIOS and UEFI before explaining how to create bootable devices for UEFI and install Windows on an UEFI system.
Published on 22 Jun 2012
I decided to make my clumsiness of yesterday evening public to make myself suffer for the stupid mistake I made. When I was preparing a new VM as a new template, I executed SysPrep as the final step. Unfortunately, I did not realize it was running on the Hyper-V host instead of inside the VM. I’d like to share with you what happened and what I learned from this.
Published on 21 Jun 2012
Shadow Keys have been around for a very long time and many (including myself) have written about this topic. I feel it is time to compile all the information about shadow keys in one place to provide a comprehensive overview. This article will tell you about the concept of shadow keys, how they affect x64 and why some applications get around writing shadow keys at all.
Published on 14 Jun 2012
Traditionally remote desktop connections to Windows servers have been secured by authentication mechanisms based on username and password. Although current target servers provide the client with a certificate to proove their identity, most users are a certificate warning because hardly any server is configured with a certificate that can be successfully verified by the client. This article describes three measures to increase the security of an remote desktop deployment.
Published on 07 May 2012
In today’s world passwords are necessary for almost anything - this is especially true in a managed corporate environment. Whereas in the past a user was required to memorize many passwords for different applications and databases, IT departments are now expected to implement federated authentication mechanisms to reduce the number of passwords per user.
Consequently, Citrix offers Passthrough Authentication in addition to traditional explicit authentication. Unfortunately, the concept is widely misunderstood resulting in unexpected behaviour expecially in external access scenarios. This article provides a detailed description how Citrix passthrough authentication works, what it does and especially what it does not.
Published on 23 Mar 2012
Last year I started out on a quest for a new laptop. I had two important requirements for a new device: mobility and tablet capabilities. Why is that you may ask yourself.
Published on 13 Mar 2012
Since I have begun working in the virtualization business, customers have been asking for reasons why to spend money for Citrix XenApp and whether Remote Desktop Services (RDS) cuts it for them. For a long time, the answer was easy as hosted sessions on Windows Remote Desktop Services – formerly Terminal Services – have only provided basic functionality. But beginning with Windows Server 2008, Microsoft has put a lot of effort into that space. The underlying roles were steadily improved in every version, e.g. to support rich graphics and virtual desktops. With the public beta of the next Windows Server (8), Microsoft has improved the performance of RDP and built new management capabilities into Server Manager.