Your SlideShare is downloading. ×
  • Like
  • Save
Building Azure RemoteApp - Microsoft Campus Days 2014
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Building Azure RemoteApp - Microsoft Campus Days 2014

  • 446 views
Published

Azure RemoteApp is Remote Desktop-as-a-Service. It combines the Azure platform capabilities with the proven technology of Remote Desktop Sessions and the RDP Protocol. This is the session I gave at …

Azure RemoteApp is Remote Desktop-as-a-Service. It combines the Azure platform capabilities with the proven technology of Remote Desktop Sessions and the RDP Protocol. This is the session I gave at the Microsoft Campus Days 2014 in Copenhagen, Denmark.

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post
    Be the first to comment
No Downloads

Views

Total Views
446
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
0
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Title Slide – Insert session title, session code and speaker names
    Project this slide while attendees are arriving.
    Please do not add additional elements to this slide
    Why is 007FFF there?
  • Questions always welcome, don’t have prices, but offer hugs!
  • RemoteApp is Terminal Services!
    How many have an Azure Subscription?
    How many has something deployed in their Azure subscription?
  • Why do we need RemoteApp, this slide answers…
    The challenge of BYOD (Bring Your Own Disaster)
  • Sessions/VDI
    Formerly Terminal Services
    Shared hosts with Windows logon session separation (strong security boundary)
    RemoteApp offers Remote Desktop Sessions as a Server
  • Demo placeholder (Optional)
  • Demo placeholder (Optional)
  • Add troubleshooting apps and do most of the config in the image
  • MDT for automation?
  • All Microsoft Licenses included (OS, CAL, RDCAL, Office (if cloud))
    You are responsible for licenses to third party apps

Transcript

  • 1. Building Azure RemoteApp Data3007 Morgan Simonsen Principal Consultant, Lumagate #CampusDays #007FFF
  • 2. #CampusDays Morgan Simonsen • Principal Consultant Cloud and Datacenter Product Manager Microsoft Azure @Lumagate • P-TSP@Microsoft • MCSE, MCSA, MCT • MVP (Directory Services) • Twitter: @msimonsen • Email: morgan.simonsen@lumagate.com • Blog: morgansimonsen.wordpress.com • Blog: cloudpower.no
  • 3. #CampusDays Agenda • Welcome to Mohoro • RemoteApp; what is it and why do we need it? • Scenario walkthrough • Features • Demos • Cost • Questions and comments
  • 4. Today’s challenges • Deliver applications to mobile platforms (BYOD) • Respond to dynamic business requirements for IT: • Seasonal/temporary workers • Vendors • New employees (mergers and acquisitions) • Reduce infrastructure costs (move CAPEX to OPEX) • Provide access to legacy applications • Protect corporate resources and ensure compliance
  • 5. Tenant1 Cloud Service1 Other Tenant AD Desktop Hosting Service VM Public Internet Load Balancer/VPN RDLic RDCB RRDDSHSH VM File Server Services VM Storage Azure Fabric Network Azure Services ... RDGW RDWeb RRDDSSHH Session Desktop Collection VM RemoteApp Collection SSQQLL VM Compute Tenant1 Cloud Service2 Management Portal Traffic Manager Tenant 1 Premises Public Internet VPN AD Other Tenant On-premises Services Azure Desktop Hosting - Reference Architecture and Deployment Guides
  • 6. Azure RemoteApp Azure RemoteApp combines Windows application experience and powerful RDS capabilities on Azure’s reliable platform and helps IT to bring, scale, agility and global access to corporate applications.
  • 7. Introducing Azure RemoteApp Preview Remote applications delivered from the reliable Azure platform Delivered via Microsoft Remote Desktop Protocol and RemoteFX Scale without large capital expense Flexible hybrid or cloud deployment options User Access from Windows, iOS, Mac OS X, and Android devices
  • 8. #CampusDays RemoteApp Elastic Runtime • Azure RemoteApp blog storage with template images • Azure Infrastructure-as-a-Service (IaaS) Virtual Machines and Virtual Network (vNet) • Azure Machine Learning AutoScaling • Automatically maintained Remote Desktop components: • Connection Broker • Gateway • Azure Load Balancer Template Image Azure RemoteApp Blog Storage Remote Desktop Session Hosts Virtual Network Azure Machine Learning Autoscaling Azure Load Balancer Remote Desktop Gateway Hosts Remote Desktop Connection Broker Service Cert service certificate
  • 9. #CampusDays Azure RemoteApp Identity • Logon options • Microsoft Account (MSA) • Azure AD • MFA supported • MSA MFA • Azure AD MFA • ADFS MFA • Azure RemoteApp can only authenticate against default Azure AD directory for the subscription
  • 10. Windows Server 2012 R2 session virtualization Dynamic scalability Global presence High fidelity with RDP Secure, WAN-ready connectivity Clients for Windows, Mac, iOS, Android Two deployment choices RemoteApp cloud deployment Image available with Microsoft Office Professional Plus 2013 preinstalled Rapid provisioning: apps quickly available Automatic maintenance of platform image: OS and apps always up-to-date, Microsoft antimalware User logon with Microsoft account or corporate credentials federated with Azure Active Directory RemoteApp hybrid deployment Fully customizable apps, OS, and settings IT can manage template images and apply updates via Azure Portal Full access to on-premises network User logon with corporate credentials federated with Azure Active Directory
  • 11. Try it right now! A public demo of cloud deployment is available for everyone to try: • Visit remoteapp.azure.com • Install client for your platform • Log on with Microsoft Account
  • 12. Cloud deployment in detail Published apps RemoteApp Service Microsoft account Identity options RDP Elastic runtime … DirSync/Federation (optional) Persistent user data (50GB per user) Custom template image or prebuilt with Office On-premises network Windows Server Active Directory Azure Active Directory Authentication User
  • 13. #CampusDays Cloud Deployment Details • No access to internal corporate resources • Internet access • Access publicly available resources • Office 365 and SaaS apps • Your own systems if they are publicly exposed • Custom applications in template image
  • 14. #CampusDays Cloud Deployment Demo Accessing a Cloud Deployment Creating a Cloud Deployment
  • 15. Hybrid Deployment • Core technology: Azure Virtual Networking with Site-to-Site VPN • RemoteApp Virtual Networks built on Azure to seamlessly access on-premises resources • Core technology: Azure Active Directory with DirSync • RemoteApp leverages Azure AD to control user access and enable Single Sign-On • Core technology: Windows Server Active Directory on-premises • RemoteApp hybrid session hosts are domain-joined and conform to on-premises policies
  • 16. Hybrid deployment in detail RemoteApp Service Identity options RDP Authentication Domain Joined Subject to IT policy via GP, System Center, or other enterprise management tools On-premises network Corporate Apps DirSync User Persistent user data (50GB per user) Elastic runtime … Azure VPN Custom template image Maintained via Azure Portal Corporate apps Azure Active Directory
  • 17. #CampusDays Azure RemoteApp Hybrid Deployment network scenarios • ARA deployments run in Azure vNets • Cloud deployment vNets are invisible • Hybrid deployment vNets can be configured • Hybrid deployment VPN connections options: • Only supports one VPN S2S connection • ARA_vNet<->LocalSite • ARA_vNet<->Azure_vNet • Full Azure vNet2vNet functionality available: • Cross region/subscription etc. Azure RemoteApp Virtual Network DC File Server SQL Azure RemoteApp Virtual Network Azure Virtual Network
  • 18. #CampusDays Hybrid Deployment Details • Access to internal corporate resources • Internet access • Access publicly available resources • Office 365 and SaaS apps • Access internal resources • S2S VPN • Custom applications in template image • RemoteApp Session Host VMs joined to Active Directory domain • Group Policy • Folder Redirection • Logon scripts
  • 19. Selecting a deployment RemoteApp cloud deployment • Image with Office 2013 ProPlus pre-installed • Identity flexibility • Rapid provisioning • Automatic maintenance, turn-key • Integrating with back-end infrastructure is not required RemoteApp hybrid deployment • Secure access to data or resources on-premises • Corporate Active Directory-based identity required • Servers domain-joined and conforming to on-premises IT policy
  • 20. #CampusDays Hybrid Deployment Demo Accessing a Hybrid deployment Creating a Hybrid deployment Customizing a Hybrid deployment
  • 21. #CampusDays Scenario • The company Langskip builds viking longships • Hybrid network on-premises/Microsoft Azure • IAM using FIM • Hybrid Identity with Active Directory/Azure AD • MDM with Windows Intune • Data Protection with Azure RMS • Azure RemoteApp for app access
  • 22. #CampusDays Demo Setup Azure GW 168.63.16.53 Azure GW RPWLRNNM0000 WS2012R2 RRAS WAN NIC: DHCP LAN NIC: 192.168.131.1 Azure GW 137.135.206.252 Langskip-dc3 DC/GC/DNS ls-fs1 File Server RemoteApp Session Host RPWLRNNM0001 RemoteApp Session Host Langskip-dc1 DC/GC/DNS 10.1.0.4 Langskip-dc2 DC/GC/DNS 10.1.0.5 Ls-aadsync1 AADSync 10.1.0.6 Internet Azure West Europe Azure North Europe
  • 23. #CampusDays RemoteApp Template images
  • 24. Patching and updates Template Image Cloud deployment Automatically maintained Latest OS and application updates rolled out on an ongoing basis Custom Image Cloud deployment Hybrid Deployment Updates under IT control Always the latest version of Microsoft Office Professional Plus Hybrid deployment Only Ongoing updates: Update running RDSH VMs with GP, WSUS, SC, and other management tools from on-premises Image-based updates: Upload a new template image and apply it to a RemoteApp instance Updates rolled out automatically
  • 25. #CampusDays RemoteApp Template Image requirements • The image size must be a multiple of MBs (1024) • If you try to upload an image that is not an exact multiple, the upload will fail • The image size must be 127 GB or smaller • It must be on a VHD file (VHDX files are not currently supported) • The VHD must not be a generation 2 virtual machine • The VHD can be either fixed-size or dynamically expanding • A dynamically expanding VHD is recommended because it takes less time to upload to Azure than a fixed-size VHD file. • The disk must be initialized using the Master Boot Record (MBR) partitioning style • The GUID partition table (GPT) partition style is not supported. • The VHD must contain a single installation of Windows Server 2012 R2. • It can contain multiple volumes, but only one that contains an installation of Windows. • The Remote Desktop Session Host (RDSH) role and the Desktop Experience feature must be installed • The Remote Desktop Connection Broker role must not be installed. • The Encrypting File System (EFS) must be disabled. • The image must be SYSPREPed using the parameters /oobe /generalize /shutdown • DO NOT use the /mode:vm parameter
  • 26. #CampusDays RemoteApp Image build process 1. Install Windows Server 2012 R2 in a Hyper-V VM 2. Install the Remote Desktop Session Host (RDSH) role and the Desktop Experience feature 3. Install additional Windows features required by your applications • .NET Framework 3.5 4. Install and configure the programs and applications you want to publish through RemoteApp • Office • LOB • Java • Flash • RMS Sharing 5. Perform any additional Windows configurations required by your applications 6. Disable the Encrypting File System (EFS) 7. SYSPREP the image
  • 27. #CampusDays RemoteApp Image Upload • Install Azure PowerShell module • Register image in Azure portal • Download template image script • Upload-AzureRemoteAppTemplateImage.ps1 • Upload • .Upload-AzureRemoteAppTemplateImage.ps1 -SAS "?sv=2012-02- 12&sr=b&si=59174f0c-6dfb-4e5b-9171- afcaf2c60b0e&sig=DNdfCon4QaVsz0iSP4mWYcPrngtVecoxAPWav43bAE8%3D" -URI "https://cdvwe065826859rdcm.blob.core.windows.net/goldimages/59174f0c- 6dfb-4e5b-9171-afcaf2c60b0e.vhd"
  • 28. #CampusDays Image building tips • Include troubleshooting tools in your images by default • Add language packs • Try to make as many customizations in image as possible • Do not rely on Group Policy • PowerShell DSC • Create a copy before running Sysprep so you can start where you left off • Use version numbers in image names • Keep a change log for each image
  • 29. #CampusDays Azure RemoteApp Clients
  • 30. #CampusDays RemoteApp Supported Client platforms • Dedicated RemoteApp client • Windows 7 • Windows 8 • Windows RT • Client leverages underlying RDP client • Integrated into RDP app • Mac • iOS • Android • Windows Phone 8
  • 31. #CampusDays About profile disks • User profiles stored in VHDs attached to user profile directory via mount point in file system • WindowsAzureDrive • Profile disks are pr. Azure RemoteApp deployment • No way to wipe profile today • Common troubleshooting technique for Remote Desktops • Disks mapped by username, not GUID • User delete/recreate leads to profile permission issues
  • 32. #CampusDays RemoteApp Additional Info Features Optmizations Billing More Information
  • 33. #CampusDays RemoteApp Features (1) Price (per user) Free during preview Window Server version Windows Server 2012 R2 Microsoft Office Professional Plus 2013  Bring your own applications  (Cloud and Hybrid) Planned device/OS support Windows 8.x, Windows 7, Windows RT, Windows Phone 8.1, iOS, Android, Mac OS X Microsoft account support  (Cloud deployment) Active Directory, virtual network (optional)  Storage (per user) 50 GB Regions U.S. East, U.S. West, Europe North, Europe West, Asia Pacific East, Asia Pacific Southeast
  • 34. #CampusDays Features (2) Copy/paste support  Printer redirection  Drive redirection  Full desktop No (under evaluation) Sound and sound redirection  Assign app to group No Manage service via PS Probably Run an app based on local file association No Delete corrupt profiles Probably Golden image in Azure IaaS VM Planned Host reboot Cloud: No Hybrid: Manually Unified vNet Management Planned ClickOnce Application Support 
  • 35. #CampusDays RemoteApp Optimization • Network latency will impact end user experience • Get an estimate of latency using ping or azurespeedtest.azurewebsites.net • Optimizations: • Automatic network detection • Bitmap caching • UDP transport • RemoteFX • Use latest RDP client possible
  • 36. #CampusDays RemoteApp Scaling • Service never scales below 2 VMs • 10 users (5/VM) • While new instances are provisioned
  • 37. #CampusDays More information • Azure RemoteApp website: http://remoteapp.azure.com • Documentation: http://azure.microsoft.com/en-us/ documentation/services/remoteapp/ • Remote Desktop Services Blog: http://blogs.msdn.com/b/rds/
  • 38. #CampusDays The Riddle Azure is a variation of blue that is often described as the color of the sky on a clear summer's day. Its dominant wavelength is about 488 nm. On the RGB color wheel, "azure" (color #007FFF) is defined as the color at 210 degrees, i.e., the hue halfway between blue and cyan.
  • 39. EVENT SPONSORER TRACK SPONSORER EXPO SPONSORER
  • 40. #CampusDays Q&A #Ask me about everything! Join me at the Microsoft Booth the next 30 minutes @Meet The Experts Dont forget to: Evaluate this session!