5.2. Microsoft Hyper-V and Remote Desktop Services

5.2.1. Microsoft Hyper-V
5.2.2. Microsoft Remote Desktop Services
5.2.3. Preparing a Windows Server

5.2.1. Microsoft Hyper-V

Oracle VDI provides users access to virtual machines hosted by Microsoft Hyper-V. Microsoft Hyper-V can be installed either as a free stand-alone product, or it can be enabled as the Hyper-V role in Windows Server.

The Microsoft Hyper-V desktop provider is remotely managed by Oracle VDI. To enable communication between Oracle VDI and the Windows Server hosting Microsoft Hyper-V, the Windows Server needs to be prepared using the same preparation as for a Microsoft Remote Desktop provider. See Section 5.2.3, “Preparing a Windows Server” for more details.

Because Microsoft software is not included as part of the Oracle VDI package, Oracle Support contracts do not cover third party software related issues.

5.2.1.1. System Requirements for Microsoft Hyper-V

The following are the supported virtualization platforms for the Microsoft Hyper-V desktop provider:

  • Microsoft Hyper-V Server 2008 R2

  • Microsoft Windows Server 2008 R2

System requirements for the Hyper-V server:

To install the Hyper-V role, please refer to the Microsoft Hyper-V Getting Started Guide.

To install the standalone product, please refer to the Microsoft Hyper-V Server 2008 site.

5.2.1.2. Storage Requirements for Microsoft Hyper-V

Microsoft's Hyper-V requires a storage server to store the virtual machines used by Oracle VDI. This server is in addition to the Hyper-V host itself.

Like the Oracle VDI Hypervisor, the Microsoft Hyper-V desktop provider takes advantage of iSCSI and ZFS as a part of Oracle Solaris and the Sun Unified Storage. Virtual disks can be stored on the Oracle VDI host, but for a production environment a Microsoft Hyper-V desktop provider requires a separate storage host.

See Section 5.6.1, “Supported Storage Server Platforms” for details of what is supported.

For detailed instructions on storage preparation, see:

5.2.2. Microsoft Remote Desktop Services

Oracle VDI provides users access to Terminal Services or Remote Desktop Services sessions provided by Windows Server 2003 and Windows Server 2008. Oracle VDI relies on some Microsoft tools being implemented along with Remote Desktop Services to provide advanced features such as farm or cluster of Remote Desktop Services hosts (RDS hosts) with load balancing and session reconnection.

Note

In Windows Server 2008 R2, Terminal Services (TS) has been renamed Remote Desktop Services (RDS).

5.2.2.1. System Requirements for Microsoft Remote Desktop Services

The following are the supported virtualization platforms for the Microsoft Remote Desktop desktop provider:

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Server 2003 Enterprise Edition

System requirements for the Remote Desktop server:

5.2.2.2. Microsoft Terminal Services on Windows Server 2003

Oracle VDI provides access to Terminal Services sessions delivered by:

  • A single server running Windows Server 2003

  • A cluster of servers with the following characteristics:

    • All servers running Windows Server 2003, any edition

    • The cluster is a Microsoft Network Load Balancing (NLB) cluster, which provides load balancing among servers

Microsoft Session Directory can be used to enable users to reconnect to existing sessions.

To install the Remote Desktop Services role on Windows Server 2003, refer to:

http://technet.microsoft.com/en-us/windowsserver/dd299436.aspx

Microsoft reference documentation:

5.2.2.3. Microsoft Remote Desktop Services on Windows Server 2008

Oracle VDI provides access to Remote Desktop Services sessions delivered by:

  • A single server running Windows Server 2008

  • A farm of servers with the following characteristics:

    • All servers running Windows Server 2008

    • Microsoft TS Session Broker is used to enable load balancing and enable users to reconnect to existing sessions.

As described in Microsoft documentation, preliminary load balancing may be provided using DNS round robin or Microsoft Network Load Balancing (NLB) or a hardware load balancer.

To install the Remote Desktop Services role on Windows Server 2008 refer to http://www.microsoft.com/windowsserver2008/en/us/rds-product-home.aspx.

Microsoft reference documentation:

5.2.2.4. Microsoft Remote Desktop Provider RDS Farm Management

If you have RDS hosts belonging to a farm or a NLB cluster, how you configure a Microsoft Remote Desktop provider depends on whether or not you want to be able to view session information or CPU and memory load information in Oracle VDI Manager or on the command line.

If you want to view session and load information in Oracle VDI, configure the Microsoft Remote Desktop provider as follows:

  1. Prepare each RDS host, as described in Section 5.2.3, “Preparing a Windows Server”.

  2. In the New Provider Wizard, add all the RDS hosts in the farm using the Specify New Host option.

  3. Specify the host name or IP address, SSL port, and administrator credentials for each RDS host.

    Oracle VDI needs to contact each individual RDS host in order to register the local administrator's credentials and the SSL certificate for that host so that the RDS hosts can communicate session and load information with Oracle VDI.

With this configuration, Oracle VDI detects the information about the farm by querying the first RDS host of the provider. The detected farm name is returned to the remote client when users try to access a session. The session can be started on any host participating in the farm.

If you do not want to view session and load information in Oracle VDI, configure the Microsoft Remote Desktop provider as follows:

  1. In the New Provider Wizard, select the Specify Remote Desktop Server Farm option.

  2. Enter the DNS name or IP address of the RDS farm or NLB cluster.

With this configuration, the configured farm name is returned to the remote client when users try to access a session.

5.2.2.5. Limitations of Microsoft Remote Desktop Providers and Pools

Due to the specificity of Remote Desktop Services compared to the other virtualization backends, some restrictions apply to the actions and settings offered by the desktop providers and pools:

  • The provider may contain multiple RDS hosts if they are members of the same Network Load Balancing cluster or Session Broker farm. See the section about supported platforms. In this case, Microsoft NLB or Microsoft Session Broker are responsible for the load balancing across the hosts. Oracle VDI does not perform any such load balancing.

  • The provider may contain a single stand-alone RDS host.

  • A given RDS host can only participate in one provider.

  • Each Microsoft Remote Desktop provider can have one pool only.

  • The pool does not offer any cloning capabilities. The Remote Desktop Services server or farm is responsible for opening new RDS sessions when new users connect.

  • The type of assignment in the pool is always flexible. Session reconnection will be offered if the RDS setup is correctly configured for it, but is not the responsibility of Oracle VDI. See section about supported platforms.

  • The list of desktops displayed for this pool correspond to the aggregated list of RDS sessions from all RDS hosts associated with the provider. All RDP sessions, whether they come from Oracle VDI or not, are displayed.

  • Groups or users may be assigned to RDS pools but you cannot manually assign a user to an RDS desktop.

5.2.3. Preparing a Windows Server

After installing Microsoft Hyper-V or Microsoft Remote Desktop Services you must prepare your Windows server to communicate with Oracle VDI. Oracle VDI does not require any agents to be installed on the Windows servers, instead Oracle VDI communicates with Windows servers using Windows Remote Management (WinRM) over HTTPS (a secure protocol). For HTTPS, WinRM requires a server certificate to operate properly. This certificate is used for encryption of the communication channel. For more details, see Windows Remote Management or Configuration and Security in the Microsoft documentation.

Preparing the Windows server for communication with Oracle VDI is a two-step process. First, you must generate the self-signed certificate using the Microsoft Internet Information Services (IIS) 6.0 Resource Kit Tools (Step 1, below). Then configure winrm to listen for HTTPS requests (Step 3, below).

Note

These steps are necessary for RDS (or Terminal Services) hosts so that critical information about the server (including CPU usage, memory usage, and number of user sessions) can be displayed in Oracle VDI Manager and on the command line. If you do not want to view session or load information in Oracle VDI, the following steps are not necessary, see Section 5.2.2.4, “Microsoft Remote Desktop Provider RDS Farm Management” for more details. The delivery of desktop sessions from RDS pools is still provided by a regular RDP connection. For information about how to configure the RDP settings per desktop pool, see Section 6.1.3, “How to Configure RDP Options Per Pool”.

Caution

Run the following commands in Command shell and not PowerShell.

  1. Generate a self-signed certificate on the Windows server.

    Use the selfssl.exe tool which is part of the IIS 6.0 Resource Kit and can be downloaded from the Microsoft Support web site.

    1. Copy selfssl.exe to your Windows Server.

    2. Create a self-signed certificate:

      C:\Program Files\IIS Resources\SelfSSL\selfssl /T /V:<days>

      The parameter /V: dictates the number of days the certificate will be valid. There is no maximum value.

    3. Run the certutil command, and make note of the Cert Hash of the new certificate:

      certutil -store MY
    Note

    If the Windows server and the Oracle VDI servers are not in time sync, you might not be able to connect Oracle VDI to the server because the certificate is not valid for the delta between both servers.

  2. (Windows Server 2003 only) Install WS-Man (WinRM).

    Note

    Windows Server 2008 and Hyper-V Server 2008 come with WinRM pre-installed.

    1. Download the WS-MAN v1.1. installation file (WindowsServer2003-KB936059-x86-ENU.exe) from www.microsoft.com.

    2. Proceed to the installation by running the installation file WindowsServer2003-KB936059-x86-ENU.exe.

  3. Configure Windows Remote Management for HTTPS.

    The winrm tool is used to configure remote management settings on the server. You must specify the certificate hash to be used, and the authentication settings to enable Oracle VDI to send requests.

    1. Create a listener on the Windows Server.

      In a command shell run:

      winrm create winrm/config/listener?Address=IP:<HYPER_IP>+Transport=HTTPS ^
      @{Hostname="<HOST>";CertificateThumbprint="<CERTHASH>";Port="443"}
      • Replace <HYPER_IP> with the IP address of the Windows Server.

      • Replace <HOST> with the Computer Name of the Windows Server.

      • Replace <CERTHASH> with the Cert Hash value, with no spaces, noted from the self-signed certificate created with selfssl.

    2. Open that port so that the Windows Server can receive requests from Oracle VDI:

      netsh firewall add portopening TCP 443 "Oracle VDI Remote Management"

      Port 443 is the port Oracle VDI listens on by default.

    3. Enable Basic authentication on the server by running the command:

      winrm set winrm/config/service/auth @{Basic="true"}
Note

If you use a port other than 443 for Oracle VDI communication with Microsoft Hyper-V or RDS, you must remember to specify this port when adding the host in the Oracle VDI Manager.