Remote Desktop Commander WVD PowerShell Integration Beta

We’ve got some very exciting things brewing for our free Remote Desktop Commander Lite Client, which thousands of network admins use worldwide to manage their Remote Desktop Services deployments both on-premises and in Azure.

As announced recently, Version 4.7 of our Remote Desktop Commander Suite now supports deployment in Microsoft Windows Virtual Desktop (WVD) tenants based on our testing in the WVD public preview.

However, we’re very excited to share the next step of our solution’s integration with WVD, and encourage you to sign up below to try the beta version that will be available in a few weeks time.

Product Integration With The New WVD PowerShell Management Libraries

As some of you may already know, the current methods of managing WVD are through a set of PowerShell libraries and/or taking the time to deploy Microsoft’s REST API web-based management console. Both approaches have their limitations, and the management features provided in both do not offer feature parity yet with the management features for RDS in the Windows Server Manager.

So, we have started wrapping the WVD Powershell management library in our Remote Desktop Commander management GUI. Management actions in our GUI are passed internally to the PowerShell libraries without the admin needing to use PowerShell at all. Moreover, we are offering two modes of management for Windows Virtual Desktop.

Our new beta version dynamically queries the WVD Broker to get tenant host pools and hosts
Our new beta version dynamically queries the WVD Broker to get tenant host pools and hosts
Choose the management mode you want to use with WVD, based on whether you have installed our tool inside or outside of your Azure VNet.
Choose the management mode you want to use with WVD, based on whether you have installed our tool inside or outside of your Azure VNet.
Windows Virtual Desktop Management Local Mode

“Local Mode” allows you to install our software INSIDE the same Azure VNet as one or more WVD tenants you manage, and then provides you with full management feature parity we currently offer for traditional RDS deployments. WVD hosts are enumerated from the primary WVD broker service, but then are managed with native APIs from within the local Windows network inside Azure for rich functionality, including shadowing, performance counter access, etc. Admins are encouraged to deploy our management client as a RemoteApp in various tenants OR to use Azure Bastion to access our management tools that have been directly deployed on a VM in the VNet of one or more WVD tenants.

Full management feature parity is available when you deploy Remote Desktop Commander into the Azure VNet where your WVD hostpools are running.
Full management feature parity is available when you deploy Remote Desktop Commander into the same Azure VNet where your WVD host pools are running.
Windows Virtual Desktop Management External Mode

“External Mode” a.k.a “Outside Mode” provides a more limited set of management functionality based on the current version of the WVD Powershell library, such as logging off and disconnecting users, sending notification messages to users, and taking hosts in and out of drain mode. However, in this mode you can run our tool from any system that has Internet access to access the WVD broker service.

A subset of WVD management features are provided, based on wrapped WVD Powershell management libraries, when Remote Desktop Commander is installed outside the Azure WVD VNet.
A subset of WVD management features are provided, based on wrapped WVD Powershell management libraries, when Remote Desktop Commander is installed outside the Azure WVD VNet.

Other features in our upcoming beta release include our software’s ability to automatically install the WVD PowerShell Management libraries for you from the PowerShell Gallery, and the convenient caching of administrative credentials used by those PowerShell libraries.

Perhaps most importantly, our Remote Desktop Commander Management client now gives you the power to manage both your traditional on-premises Remote Desktop Services deployments, Remote Desktop Services deployments located in Azure, and new Windows Virtual Desktop deployments all in one interface. It can be instructed to query as many connection brokers or WVD tenants as required for RDS collection and WVD host pool information.

Remote Desktop Commander will automatically prompt you to install the WVD PowerShell Management libraries, and then will do so for you.
Remote Desktop Commander will automatically prompt you to install the WVD PowerShell Management libraries, and then will do so for you.

Installing WVD PowerShell Management Libraries

Sign Up To Be Notified When The Beta Release Is Available

Note – if our sign-up form is missing, please click here to go to the full post page and scroll down.

How Not To Lose Your A$$ When Deploying Windows Virtual Desktop

Hello my friends.  It’s now July, and Microsoft continues to lurch ever closer to a full, generally available, release of Windows Virtual Desktop in this back half of the year.  Lots of MSPs and hosters are extremely interested in it, with great uptake in the public preview, because ostensibly WVD is a lower cost way to deploy session-based desktops in the public cloud.  But is it really?  In my opinion, Windows Virtual Desktop is only affordable if you are extremely cautious about any extra Azure services you choose to deploy with it.  And, in all cases, stay the hell away from WVD overlays like Citrix Managed Desktop… unless you are an unrepentant spendthrift with money to burn! Let’s dive a little deeper and see why:

Why WVD Is Potentially Cheaper Than Hosting Regular Remote Desktop Services In Azure

In classic RDS deployments inside Azure, you need to allocate additional virtual machine resources to host the supporting Remote Desktop roles (such as the Remote Desktop Gateway server, the Connection Broker, RD Web Access, and Licensing). In some non-highly available deployment scenarios, it’s possible to combine some of these roles onto a single VM but, no matter how you slice it, you will be paying monthly compute costs for these additional VMs.

In Windows Virtual Desktop, Microsoft handles all of the infrastructure roles (Gateway, Broker, Web Access, etc) for you, encapsulating them into highly available Azure PaaS services that serve your tenants alongside all others. This theoretically saves you money, because you are now only paying for the compute costs associated with the session host VMs (e.g. Windows Server or Windows 10 Multisession), plus your RDS CAL or Windows/Office 365 licensing that allows access to the service..

Why WVD Is Not Necessarily Cheaper Than Hosting Classic RDS in Azure

Put simply, what you save by avoiding the compute costs associated with VMs running infrastructure roles, you can easily add back by deploying other “recommended” Azure services.

Hidden Azure Service Costs

For example:

  • Starting an Azure Security Center subscription for Just-In-Time VM Access (approximately $15 per VM per month)
  • Deploying Azure Log Analytics and Azure Monitor to do performance and health monitoring (variable pricing based on data volumes and logs monitored but easily $5 or more per VM per month)
  • Using Azure Active Directory Premium P1 or P2 OR the Enterprise Mobility Suite to provide multi-factor authentication, identity and access management, etc (approximately $3 to $9 per user extra per month)
Extra VMs Needed For Geographically Diverse Clients

There are other factors to consider as well.  As discussed in my purerds.org blog article, Windows Virtual Desktop does not currently support dual transport protocols for RDP – it is TCP only.  This makes distance between WVD clients and the WVD host pool in a specific Azure region highly relevant.  As I’ve written about at length, one of the greatest improvements ever made to the Remote Desktop Protocol was when Microsoft joined UDP with TCP for more responsive transfer of data, video streams, etc over lossy networks or higher latency/longer distance network links.  If WVD did support UDP transport in RDP to clients, Azure region choice would become less relevant because of the ability of UDP to adapt to those higher latencies caused by geographic distance.

What does this mean?  It means a greater likelihood of an MSP or hoster needing to establish multiple WVD host pools, in different Azure data centers, to serve the needs of geographically disparate clients/companies with worldwide offices.  True, the WVD internals may be able to use intelligent routing via Azure Traffic Manager, especially as Microsoft builds out the WVD control plane into all Azure regions but, until UDP dual transport is added back IMO, performance will suffer.  More host pools equal more money spent on VM compute.

Extra VMs Needed for Validation Host Pools

Update cadences are much faster when you leverage the Windows 10 Multisession OS in your WVD host pools, as compared to server operating systems like 2012, 2016, and 2019.  This means that there is a greater likelihood that a Windows Update might break an existing deployed app.  Microsoft’s answer to this problem is to deploy a validation host pool, which is a special set of VMs that get the Windows 10 updates applied to them first.  These effectively become the “canary in the coal mine”, to alert you to application incompatibilities post update- before all of your users call you up to air their grievances.  However, an additional host pool of VMs is an additional cost to you.

Deploy Citrix Managed Desktop For WVD If You Really Want To Hemorrhage Money Fast

Say No To Citrix Managed Desktop
Want to Lose Money? Deploy Citrix Managed Desktop.

As mentioned in my PureRDS.org article on the subject, Citrix Managed Desktop adds another $21 per user per month on top of your Windows Virtual Desktop costs.  That’s an insane level of extra overhead for an MSP, hoster, or SMB company to bear.  Frankly, there’s no need for it- especially if you are smart about what third-party software and services you choose to add to your WVD deployment.  Which leads me to…

Smart Ways To Keep Your WVD Deployment Within Budget

Here are some tips and tricks that you can use to keep WVD costs to the bare minimum, as you host your apps and desktops.

Managing Windows Virtual Desktop On a Budget

The web interface and PowerShell cmdlets for managing WVD are extremely basic and rather feature limited.  On top of that, attempting to monitor WVD by building your own queries with Azure Monitor and Azure Log Analytics gets expensive fast- especially when you factor in staff time to design everything.

Instead, you can publish our Remote Desktop Commander Client as a RemoteApp within one of your WVD host pools, and instantly have a robust management platform for WVD– including shadowing and remote support.  Or, if you don’t want to leverage RemoteApp, you can elect to deploy the new Azure Bastion service– which gives you secure access to all of the WVD VMs in your host pools, and connect to a VM with our Remote Desktop Commander Client installed.  Azure Bastion only costs a flat $68 per month plus data transfer, regardless of how many VMs you need to access from it, and our Remote Desktop Commander Client is free, with optional enhancements via Premium Management Features.  This is certainly much cheaper than paying $15 per VM per month for Just-In-Time access to VMs via raw RDP.

Monitoring Windows Virtual Desktop On a Budget

Of course, if you need to actively monitor your Windows Virtual Desktop deployments, you can leverage our Remote Desktop Commander Suite solution, and pair it with an Azure SQL Database (for data collection and storage).  As opposed to paying hefty data ingestion rates (plus per performance counter and per log monitoring costs via Azure Monitor and Azure Log Analytics), you can rapidly deploy our solution that: a.) already knows what items to monitor out of the box, b.) can monitor performance much more granularly than Azure Monitor, c.) has a built in reporting engine with scheduler, and d.) is priced at a flat $9.99 per WVD VM per month, with volume discounts.  Azure SQL costs for most deployments typically only run $30 to $60 per month, with up to 250 GBs of storage provided.  This is a much more economical way to monitor your infrastructure.  Moreover, if you’re a hoster/MSP/CSP, we offer a special multi-tenant version of our solution that allows you to keep tabs on all of your WVD deployments from a single access point.

Remote Desktop Commander Core Architecture
Remote Desktop Commander Core Deployments Allow You To Centrally Monitor and Report On Multi-Tenant Environments (e.g. MSP Private Clouds and WVD in Azure)
Consider Running Classic RDS in Azure Instead of WVD

Even with the launch of WVD, you can still deploy traditional RDS inside Windows Azure using Server 2012, 2016, or 2019; including the ability to run Office 365 on those server operating systems.  Doing so gives you complete control over the RDS architecture, and allows you to utilize RDP with UDP and TCP to provide a better experience to geographically diverse clients.

Partner With an Azure Expert

The sheer number of Azure services and pricing I covered in this article probably has left you feeling dizzy.  Given the speed at which new Azure services are offered, one of the smartest things you can do is to partner with an Azure services expert like MyCloudIT.
mycloudStacked_color

The folks at MyCloudIT constantly stay on top of the different Azure service offerings, and are experts at provisioning only the services you need.  They work hard to keep you within budget and on top of Azure service costs.  They’re also experts at deploying our Remote Desktop Commander Suite solution into RDS and WVD deployments, which they’ve already done for a number of their “RDS in Azure” clients.  Partnering with them is a much smarter option than going with an WVD overlay like Citrix Managed Desktop- at a fraction of the cost.

If you’ll be attending Microsoft Inpire next week, come visit them at Booth 3106 to see both their approach to hosting Remote Desktop Services in Azure AND how our Remote Desktop Commander Suite enhances their management and monitoring offerings. And please tell them Andy from RDPSoft sent you!

We Fixed Remote Desktop Shadowing (And Some Other Stuff)

Let’s Face It, Remote Desktop Shadowing Hasn’t Been a Great Experience For… Well, …Forever!

Greetings friends!

One of the continuous laments that we’ve heard from our customer base, for years now, is about user session shadowing in Remote Desktop Services.  This is a shame, because the internal architecture for shadowing from Windows Server 2012 R2 onwards is pretty amazing!  Using MSTSC to shadow however, has been less than smooth.  The litany of complaints includes problems like:

  • lack of proper shadowing support (zoom out) for multiple monitor sessions
  • dreaded permissions errors
  • the unfortunate requirement for help desk users to be administrators on the terminal servers they want to shadow
  • the inability for Windows 7 systems to initiate shadowing on Server 2012/2016/2019 systems and Windows 8 and 10 workstations.

There was also the small issue that there were no tools for shadowing/remote assistance inside Windows Virtual Desktop in Azure…until now!

As a result, admins and IT staff have been paying an arm and a leg for remote assistance tools to bridge this gap – tools that require heavy install footprints, hundreds or even thousands of dollars per technician per year, and tedious invitation URLs, etc are required to start helping users.

Which Reminds Us: Delegation of Administration Options for Remote Desktop Services Have Been Nonexistent For W a y  T o o  L o n g

The other need that we hear frequently from our customers, is to have the ability to precisely delegate Remote Desktop Services management permissions to their help desk and front line support staff.  To date, the only real option has been to give help desk staff admin rights on session hosts and connection brokers.  Not an ideal situation from a security, or a “whoops I just rebooted a terminal server with 30 user sessions running line of business apps” perspective.

We tried to resolve some of these issues with our RDSConfig utility, that allowed permissions reassignment for users and groups on session hosts.  However, in larger RDS collections, you need a way to apply those permissions to a huge swath of session hosts all at once – especially as new session hosts are brought online.  Also, to do their jobs, help desk staff need rights to query the Connection Broker to dynamically list RDS collections and the servers that are members of each, plus they should have the ability to read RDS-related performance counters on those session hosts, so they can troubleshoot things like network latency from the client to the server.

So, We Figured Out How To Make Shadowing Much Better AND Created a Wizard To Let You Delegate RDS Management Tasks To Your Help Desk Staff

We’re calling these new tools in the Remote Desktop Commander Client Premium Management Features.  For $99.99 per admin or help desk user per year, all of the aforementioned problems go away.  Want to shadow Server 2012+ systems from Windows 7?  No problem.  Want to monitor multiple user sessions at once in live view in one window?  We do that.  Do you have RDS users with multiple monitors that you haven’t been able to shadow before? Again, we’ve got you covered.

Watch this quick video on YouTube to see these new features in action.

Next, download the latest copy of the Remote Desktop Commander Lite client.  Once you install it, you’ll be able to preview the SuperShadow features for 15 days.  The RDS Management Delegation Wizard becomes available after you purchase a subscription from us.  And once you start your subscription, you’ll immediately be emailed a license file that will unlock all of those features.

SuperShadow

We value your feedback, and want to continue to enhance the remote assistance capabilities of our solutions, so please send us your thoughts and feature requests regarding this new offering.

**Note 1: With the release of Premium Management Features in Remote Desktop Commander Lite v4.7, legacy shadowing support for Windows Server 2008, and legacy shadowing through the MSTSC client have been retired. These features remain available in our Remote Desktop Commander Suite solution, however.

**Note 2: If you are an existing Remote Desktop Commander Suite customer who would like to test these new Premium Management Features, please install the new 4.7 client on a VM or system OTHER than the system running the core Remote Desktop Commander Suite components. We will be releasing an update to the entire Suite shortly that has this new client included.

Announcing Support For Windows Server 2019 and Windows Virtual Desktop

Friends,

We’re excited to announce that Remote Desktop Commander Version 4.5 has now been tested on and supports managing Server 2019 Remote Desktop Services deployments.

We’re also pleased to announce that based on preliminary testing in the Windows Virtual Desktop private preview, we are “Windows Virtual Desktop ready.” As WVD transitions into its public preview soon, we will continue to test against WVD and start adding WVD specific features, which will be announced at a later date. As part of our support for WVD, we will soon be releasing a new specialized installer of the Remote Desktop Commander Suite called the Remote Desktop Commander Core Install, which provides for completely scriptable, headless deployments of our software into WVD and other MSP / multitenant environments.

Need to monitor Windows Virtual Desktop in a planned roll out later this year? We’ll be ready to help!

Windows Virtual Desktop Officially Announced – My Take

This week at Ignite, Microsoft is announcing the introduction of Windows Virtual Desktop, a multi-user version of Windows 10 Enterprise that is deployable in Azure. Please see their blog post here about it.

I will have much more to say about this in future blog posts, but coupled with their heavy investments in “Remote Desktop Modern Infrastructure” (a.k.a RDmi for short) where RDS roles like the Connection Broker, Web Access, and Gateway are now simply PaaS components in Azure, this is going to upend the EUC/virtualization industry in an extreme way. The downward cost pressure Microsoft will place on user desktop and app hosting with this play will be tremendous. In the future at this blog and in webinars we host, we will analyze Windows Virtual Desktop licensing (with RDmi and compute costs factored in) versus traditional on-premise or datacenter-based Remote Desktop Services hosting on Server 2016/2019.

At first glance, I don’t think Windows Virtual Desktop will be good for Citrix, and I certainly think it will threaten Amazon’s DaaS offering. It’s also probably going to put a good swath of non-Azure based MSPs and CSPs out of business. I could be wrong, of course, but that’s my read on it right now.

Fortunately for our customers, we will be Windows Virtual Desktop ready in Q1 2019, and will be able to monitor multi-user Windows 10 instances just like Windows Server RDS session hosts. We look forward to continue to serving the Remote Desktop Services management and monitoring needs of all organizations, whether they run Windows Server or Windows 10 on premise, in the datacenter, or in Azure.