Server virtualization has been adopted by most data centers today, even though it was not even on IT shops' agendas just a couple of years ago. Desktop virtualization is following that first act and will come on strong and quickly, because – believe it or not – it's not hard to deploy and will cure the many headaches desktop management causes today.
This article will show you how to easily deploy and publish a pool of virtual desktops in a test environment. I will be using Virtual Iron's Single Server Edition software along with Provision Network's Virtual Access Suite to build a Virtual Desktop Infrastructure. Virtual Iron provides a free perpetual license for up to 12 virtual machines on a single CPU, and -- because of its partnership with Provision Networks -- you are able to register for a five-desktop version of Provision Network's Virtual Access Suite.
Before we install Provision Network's Virtual Access Suite and begin configuring our VDI environment, we need to setup our virtual infrastructure. I will not cover how to deploy Virtual Iron, but will assume that Virtual Iron is installed on your physical server and ready to deploy new virtual machines.
Preparing the Virtual Infrastructure
We will need to create six virtual machines, which will include one Windows 2003 Server and five Windows XP virtual machines. Active Directory will need to be configured on Windows 2003 Server virtual machine. Once Active Directory is installed, create three new user accounts named User1, User2 and User3. Now create a new group call XP Users, and place your new users in this group. The last step is to create a user account that will be used as a service account for the Virtual Access Suite to control your virtual desktops. Name this account VAS and place it into the Domain Admins group or setup the VAS account to have administrative access over your virtual desktops.
Create five Windows XP virtual machines named XP1, XP2, XP3, XP4 and XP5. Join these virtual desktops to your new domain. A few things to remember when preparing your virtual desktops include:
- Configure your XP virtual machines to accept remote desktop connections.
- Make sure exceptions have been placed in the desktop firewall to allow TCP 3389 and TCP 5203.
- It is recommended that these settings be placed in a Group Policy Object within Active Directory, because these settings may change when the desktop is joined to the domain.
Prerequisites for Virtual Access Suite
All components of Virtual Access Suite can be deployed on a single server or individually onto separate servers for scalability. Provision Networks does a good job at providing different deployment scenarios in their documentation. For this example I will install Virtual Access Suite on the Windows 2003 Server virtual machine. Even though this configuration is possible it would not be recommended in a production environment.
There are a few prerequisites for the installation of Virtual Access Suite. All of these can be downloaded from Provision Networks website. First, install Java Runtime Environment 5.0 (Update 7, 8, 9, 10 or 11). Next we need to install .NET Framework 2.0. .NET Framework 2.0 is not required if you plan on running your Provision database on an existing database server. In this example we will need .NET Framework 2.0 because we will be installing SQL Server 2005 Express Edition and using it for our Provision database. After .NET Framework 2.0 is installed download SQL Server 2005 Express Edition and extract it to a temporary folder using the following command:
To install SQL Server 2005 Express Edition with the appropriate settings use this command:
SETUP.EXE /qb ADDLOCAL=SQL_Engine,SQL_Data_Files INSTANCENAME="PROVISION" SECURITYMODE=SQL SAPWD="Prvi$in1" DISABLENETWORKPROTOCOLS=0
Change the password to whatever you want, but remember it because you will need it later.
Installing Virtual Access Suite
Download the latest version of Provision Network's Virtual Access Suite. Run the executable on your Windows 2003 Server virtual machine and choose the following options:
- Select Standard Desktops Only (Desktop Services Edition) from the list of options.
- Select Connection Broker Service from the list of available features.
- Deselect all other options.
- Click Next and complete the installation.
Configuring the Virtual Access Suite
The first step in configuring the Virtual Access Suite is to create a new database. Start the Provision Management Console and then click the New Data Source button when you are prompted to configure the Provision database. Provide the following information to create your new data source:
- Server Name: servername (name of your Windows 2003 Server virtual machine)\PROVISION
- New Database: (accept the default)
- SQL Admin Name and Password: sa (and use the password from earlier. Example: "Prvi$in1"
- New Provision SQL Login Name: (accept the default)
- New Provision SQL Login Password: (accept the default)
- New Data Source (DSN): (accept the default)
- Click Create and confirm passwords
- Enter your company and contact information, click Save and Close.
Next expand the servers node in the left-hand pane of the Provision Management Console, right-click the Connection Brokers node and select New Connection Broker. On the General tab put the name or IP address of your Windows 2003 Server virtual machine.
Adding your Virtual Infrastructure to the Virtual Access Suite
We are now going to provision the XP virtual machines to complete our Virtual Desktop Infrastructure. In the left-hand pane of the Provision Management Console, right-click the Managed Desktops node and select New DataCenter and then select Create Manually. Name your new data center and click OK. Right-click the name of the new data center you just created and select New Managed Desktop Group. A wizard will guide you through this process.
When prompted for a domain administrative account, use the VAS account we created earlier in the Preparing the Virtual Infrastructure section. After you click Finish you will be prompted to add desktops to the new Managed Desktop Group. You can enter new desktops to the group by choosing one of the tabs labeled Browsing for Computer, Computer Name or IP Address Range. I used the IP address range option and entered the range containing the XP virtual machines. You should now see all your XP virtual machines listed in the Managed Desktop Group you created.
Next install the PNTools agent to your XP virtual machines. Select all your XP virtual machines listed in the Managed Desktop Group you created, right-click and select Install\Update. If this process fails, double check the VAS account to make sure it has admin rights to all your XP virtual machines and that the desktop firewall is not blocking communication between the Windows 2003 Server virtual machine and the XP virtual machines.
The last step is to publish your virtual desktops. In the left-hand pane, select the Managed Desktop Group you created. Select the tab Managed Applications in the right-hand pane. From the Actions menu select New Application and provide a unique name on the general tab for the published desktop. Click Change Type button and select Desktop. On the User Experience tab select a folder to display the published desktop to the client. In the Desktop Integration section check the Desktop box. Use the defaults on the Published On tab and lastly on the Access Control List tab add the XP Users group we created earlier.
The VDI environment is finally ready to test. Use a physical client computer which has network connectivity to your virtual infrastructure. Download and install the VAS client from Provision Networks website. After the client is installed, launch the Virtual Access Client. Select the Actions menu and then select Manage Connection. Click New and then Create Manually. Add the IP address of your Windows 2003 Server virtual machine and 8080 for the TCP port. Click the Test Connection button and enter the username and password for one of the users you created earlier. Click OK.
The Virtual Access Client should now be connected to your VDI, and you should be able to launch a virtual desktop.
For more information, you can check out the VAS Admin Guide 5.8 (doc. rev. 2).
About the author: Scott Floyd is currently director of security for a financial institution. He has over 10 years experience in designing, deploying and managing security, LAN/WAN, storage and server solutions in the financial, marketing, consulting and aerospace industries.