MVP 2012 for RDS

I am really proud to announce that I have been awarded Microsoft Most Valuable Professional (MVP) for Remote Desktop Services (RDS) in 2012. It has been for the third time in a row :-)

Slides (German): Warm anziehen Citrix! Windows Server 2012 Remote Desktop Services stehen vor der Tür

On 08.09.2012 I held a session at the ice conference in Lingen comparing the new Remote Desktop Services in Windows Server 2012 with Citrix XenApp. A big thank you to my audience for placing me second - after Nils Kacienski who became Speaker of the Year.

Deploying Windows Server 2012 without Running the Installer

With the release of Windows Server 2012, I wanted to upgrade my test and demo environment as quickly as possible. As with many hosting offerings, I do not have physical access to my dedicated server but do get two hours of remote console access for free. Therefore, I needed a way to deploy Windows Server 2012. This article documents how I successfully installed Windows Server 2012 on the second hard disk from a running Windows Server 2008 R2.

XenApp Session Timeouts Explained

In a centralized environment such as a XenApp farm, users share resources with one another. A thoroughly designed platform will be able to handle all prospected users as well as provide contingencies for failures and maintenance tasks. When sizing a XenApp farm, resources as well as licenses need to be calculated for the concurrently connected users (CCU) which may well be only a small fraction of the total number of users. From an architectural point of view, it is very desirable to free resources when they are held by idle users to make them available to other sessions.

XenApp offers several timeouts to manage inactivity and free resources. This article explains how they work (including session pre-launch and session lingering) and what this means for your design.

Windows Recovery Environment (RE) Explained

Windows Recovery Environment (RE) is based on the Windows Preinstallation Environment (PE) and can be extended to be a minimalistic system to recover a somehow broken systen. Windows RE is configured in the boot configuration data to be the failover system for the primary boot entry. If the boot loader fails on the default entry, it will automatically try to boot into the recovery environment.

The Issues Caused by TS_AWARE (Concerning Shadow Keys)

I have recently published the shadow key companion which compiles all currently known information about shadow key in a single article. An important piece of information is the flag TS_AWARE for executables causing Windows not to produce shadow keys in install mode. Unfortunately, there is a downside to this flag that may well affect installation scripts.

Making the Switch to UEFI

The most prominent reason for thinking about booting through UEFI instead of BIOS is the availability of large drives. BIOS requires a MBR (Master Boot Record) formatted drive which is inherently limited to 2 TiB. But there are more very good reasons for making the switch. In this article I will provide a brief comparison of BIOS and UEFI before explaining how to create bootable devices for UEFI and install Windows on an UEFI system.

Painful Real Life Experiences: Running SysPrep on the Hyper-V Host by Mistake

I decided to make my clumsiness of yesterday evening public to make myself suffer for the stupid mistake I made. When I was preparing a new VM as a new template, I executed SysPrep as the final step. Unfortunately, I did not realize it was running on the Hyper-V host instead of inside the VM. I’d like to share with you what happened and what I learned from this.

The Shadow Key Companion

Shadow Keys have been around for a very long time and many (including myself) have written about this topic. I feel it is time to compile all the information about shadow keys in one place to provide a comprehensive overview. This article will tell you about the concept of shadow keys, how they affect x64 and why some applications get around writing shadow keys at all.

3 Measures to Make Your Remote Desktop Deployment more Secure

Traditionally remote desktop connections to Windows servers have been secured by authentication mechanisms based on username and password. Although current target servers provide the client with a certificate to proove their identity, most users are a certificate warning because hardly any server is configured with a certificate that can be successfully verified by the client. This article describes three measures to increase the security of an remote desktop deployment.