View
213
Download
0
Category
Preview:
Citation preview
(c) 2011 Microsoft. All rights reserved.
ENGINEERING A MED-V V2 SOLUTION
Samesh SinghPrincipal ConsultantMicrosoft
SESSION CODE: CLI305
(c) 2011 Microsoft. All rights reserved.
Agenda
IE 8+
Host – Windows 7
ESD Agent
Windows Virtual PC
MED-V Packager
MED-V Workspace
MEDV Guest Agent
ESD Agent IE 6
Guest – Windows XP SP3
MEDV Host Agent
Parent
Diff Disk
Redirection
Incompatible Apps
Incompatible Published Apps
RDP
Incompatible Apps
MED-V WorkspaceWindows XP VHD Enterprise Software Distribution Tool
Windows Components & Applications
MED-V Components
Session Objectives and Takeaways
► Objectives– Describe the difference between the MED-V v1 and V2
architectural models– Describe the process to engineer a MED-V v2 solution– Describe the basics of how MED-V v2 components can be
deployed with CM
► Takeaways– MED-V v2 scales along with its deployment mechanism– Scalable deployment and management platform for MED-V v2– MED-V is another desktop in your environment
The Evolution of MED-V
MED-V v1• Client/Server
architecture• Limited scalability• Management, database
and image servers required for deployment
MED-V v2• Application architecture• Unlimited scalability• Deployed as any other
application
(c) 2011 Microsoft. All rights reserved.
Product and Version ComparisonXPM MED-V v1 MED-V v2
Seamless AppCompat Environment
Seamless access to documents and data files
Support for USB devices – including Smart Cards
Automatic application publishing
Deploy your custom Windows XP image
Integrates with System Center or third party systems
Seamless redirection of URLs to Internet Explorer 6/7
Shared environment support
Wake-to-patch the virtual environment
Automated first-time setup
Easy-to-use packaging and configuration wizard
WMI monitoring interface
Automatically synchronise host network printers
New for MED-V v2
MED-V 2.0 Host Requirements
Windows 7 Professional, Enterprise or Ultimate
X86 or x64 RTM or SP1
Minimum 2 GB RAM
10 GB disk space recommended
Windows Virtual PC with non-HAV patch (KB977206)
Included in SP1
Internet Explorer 8 or 9 (Host)
Internet Explorer 6 or 7 (Guest)
MED-V 2.0 Workflow
An administrator creates a WindowsXP virtual machine image withWindows Virtual PC
She installs any applications, and systemmanagement/security agents, and sealsthe virtual machine with Sysprep
(c) 2011 Microsoft. All rights reserved.
Windows XP Service Pack 3 with all security patchesWindows Virtual PC Integration ComponentsRemoteApp for Windows XP SP3 – KB961742.NET 3.5 Service Pack 1.NET Framework Update – KB 959209Performance Update for Windows XP SP3 – KB 972435Internet Explorer 7 Blocker ToolInternet Explorer 8 Blocker ToolManagement & Security Application3rd party Applications if required
MED-V v2 Guest Requirements
(c) 2011 Microsoft. All rights reserved.
MED-V Image Best Practice
► Assess your corporate image for resourcefulness and not functionality
► MED-V is the usability engine – don’t configure usability in the virtualised system
► Empty recycle bin► Disable system restore points► Defragment and compact the virtual hard
disk
Sysprep.inf Overview
These are required for MED-V. The absence of these items will cause setup to fail.
These items are MED-V best practices and setup calls
These items may be configured by MED-V – set in the MED-V Workspace Packager
MED-V 2.0 Workflow
The administrator builds a MED-Vworkspace installation package using theMED-V Workspace Packager and thevirtual machine’s sealed VHD
MED-V on a Shared Computer
A Unique Workspace for Each User
► Overview– Recommended for knowledge-
worker and single-user machines
– Single parent VHD, unique differencing disk per user
– MED-V data and settings located in user space
– MED-V end-user setup run for each unique user
► Details– Each user is added as a
member of the remote desktop users group
– Could create multiple workspaces on a single machine
A Workspace that all users will share
► Overview– Recommended for task-
workers and multi-user machines
– Single parent VHD, one differencing disk for all users
– MED-V data and settings located in global location
– MED-V end-user setup only run once per machine
► Details– All authenticated users are
added to the remote desktop users group
– Guarantees a single workspace per machine
Internet Explorer Web Redirection
► Automatic redirection from the host browser to the workspace browser– Users type the URL in the IE host
browser, click a link, or access a bookmark
– MED-V evaluates the destination against the list of admin-controlled URL’s
– Matched URL’s are automatically open in the redirected guest browser
► Redirected Web Address Setup– Administrators can define a set of
redirected URL’s during the package setup
– Post-deployment, redirected URL’s can be easily removed and added by deploying a registry update
Examples
Wildcard Redirections: http://*.contoso.com
Site Redirections: http://intranet.contoso.com/HR
Page or Application Redirections: https://intranet.contoso.com/HR/benefits.asp
Port redirection http://vpn.contoso.com:1025
MED-V 2.0 Deployment Options
Manual installation
Windows 7 image Deployment
Electronic Software Distribution
MED-V 2.0 Deployment Options
Manual installation
End user or support engineer installscomponents from a network share orremovable media
► Windows Virtual PC► Windows Virtual PC QFE KB
977206 – Windows 7 RTM only► MED-V Host Agent► Internet Explorer should be
closed► MED-V workspace package
MED-V 2.0 Deployment Options
Windows 7 Image Deployment
Administrator creates a standard Windows 7 image including MED-Vprerequisites, MED-V Host Agent, andMED-V workspace
► MED-V Host agent is installed► MED-V pre-reqs & and workspace
install are included in the image► Distribute image as usual► MED-V First-time Setup runs► ESD is used to launch the install
MED-V 2.0 Deployment Options
Electronic Software Distribution
The MED-V 2.0 application modelallows it to scale to the extent of theexisting ESD solution
► Install components independently or together in a single script
► ESD can be used in workspace for ongoing management
► Test networking requirements (bridged vs. NAT)
Inverted order of installation andprerequisite skip allows installationwith a single reboot
Sample generic deployment scriptfor deploying MED-V from batch(assumes x64)
MED-V 2.0 Deployment Options
Electronic Software Distribution
:: MED-V Host Agent installationstart /WAIT MED-V_HostAgent_Setup.exe /qn IGNORE_PREREQUISITES=1 :: Workspace installationstart /WAIT .\setup.exe /qn OVERWRITEVHD=1 :: Windows Virtual PCstart /WAIT Windows6.1-KB958559-x64.msu /norestart /quiet ::Windows Virtual PC non-HAV patch, if requiredWindows6.1-KB977206-x64.msu /norestart /quiet
Distribution can be validated againsttechnical and logistical requirementsTask Sequences can assure order andIntegrity of component installs
MED-V 2.0 Deployment with CM
Target collections based on:
► Business and logistical needs► Operating system version► Disk space requirements
(c) 2011 Microsoft. All rights reserved.
CM client within the MED-V workspace
► Examine CM client deployment options:► If using NAT, consider pre-staging the SCCM
client in the MED-V image:
CCMSetup.exe /mp:{mpname} SMSSITECODE={auto|sitecode}net stop ccmexec
► Remove certificates from the local computer store
(c) 2011 Microsoft. All rights reserved.
CM Client Hotfix
► Required for MED-V workspaces using NAT► Applied to CM Site Server► Distributed to MED-V workspaces► NAT configured workspaces access closest
DPs► Not required if CM2007 SP3 is deployed (already
included)
MED-V 2.0 Deployment with CM
For Deployment: Run from Distribution Point or Download Locally
► Run from Distribution Point saves local disk space
► Download Locally provides reliable distribution, but temporarily uses more than 2x disk space
Ongoing: App-V and MED-V together
► App-V integration with CM can use CM cache
► Provides streaming from DP or Download and Execute
► May use extra disk space inside MED-V workspace
(c) 2011 Microsoft. All rights reserved.
Key Points when deploying MED-V with CM
► Create Packages, Task Sequences, & Advertisements► Utilise the “Run command line” for installs► A single reboot will require that you re-order the
installs► Suppress the reboots of the individual components► Include success codes & continue on error as required► Consider the client requirements x86 & 64bit
– The pre-requisites are specific to the architecture and may require either multiple task sequences or more complex steps
First Time Setup
► Configuration is done as part of MED-V First Time Setup (FTS)– The Workspace Setup publishes to the registry HKLM RUN key –
MedvHost.exe– When the MED-V client is launched it validates whether FTS has run been
for that user or workstation
► What happens during FTS– User prompted for domain credentials– Differencing Disk is created for the Workspace and launched– Mini-Setup is run w/ MED-V overrides (if applied)– FTScompletion.exe is run – Workspace is Started
• Applications are published• Web Apps are ready to be redirected
Updating MED-V Policy
► Use Workspace Packager to make desired changes to policy
► Create package containing resulting .reg► "regedit /s xxx.reg"► Run with user rights for "current user reg "and
Admin rights for "local reg"
Patching – MED-V Wake to Patch
► Fast Start► VM is always available as the host is available – patching
happens normally► Normal Start
► VM runs only as needed► Wake to Patch starts the VM for patching
► Default is midnight to 4am► Changes can only be made with PowerShell not the GUI► Note: The machine must be on with the user logged-in► PowerShell Example for Wake to Patch
New-MedvConfiguration –VmGuestUpdateTime 01:00 –VmGuestUpdateDuration 480 | Export-MedvConfiguration –Path c:\medv\MEDVUPDTime.reg
Desired Configuration Management (DCM)
► This MED-V Configuration Pack tracks the successes and failures of FTS using the Desired Configuration Manager in Configuration Manager 2007
► Monitors First Time Setup success of deployed workspaces
► Build collections of successful deployments► Download URL:
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=26219
Installing the DCM for MED-V
► Installation Instructions► Download and run the MSI
► Files are copied to the following location:► C:\Program Files (x86)\System Center Configuration Packs\MED-V
FTS Configuration Pack► Import the Configuration Pack
► In the Configuration Manager console, navigate to System Center Configuration Manager / Site Database / Computer Management / Desired Configuration Management.
► Right-click Configuration Items, Import Configuration Data to load the Import Configuration Data Wizard.
► Click Add, browse to the temporary directory containing the extracted files, select the .cab file, and then click Open.
► Follow the remaining Wizard instructions.
What is a successful configuration of MED-V?
► This MED-V Configuration Pack tracks the success and failures of FTS.
► During FTS MED-V does the following:1. The virtual hard disk is configured. Mini-Setup runs and expands the Windows XP
image. 2. Commands for additional configuration are run - such as installing ESD software
or configuring the image. 3. Ftscompletion.exe is run.
This adds the user to the RDP group, can add the user to local admin group, copies logs, signals MED-V that the MED-V workspace is ready.
4. The workspace is then restarted by ftscompletion.exe and the end user is logged on or prompted to log on.
5. The MED-V workspace is then started and configured for the user – this includes applying Group Policy.
MED-V Admin Toolkit
C:\Program Files\Microsoft Enterprise Desktop Virtualization\medvhost.exe /toolkit
In Review: Session Objectives and Takeaways
► Objectives– Describe the difference between the MED-V v1 and V2
architectural models– Describe the process to engineer a MED-V v2 solution– Describe the basics of how MED-V v2 components can be
deployed with CM
► Takeaways– MED-V v2 scales along with its deployment mechanism– Scalable deployment and management platform for MED-V v2– MED-V is another desktop in your environment
MED-V Resources
► MED-V Localisation Patch– Provides localised content in MED-V in 24 languages
► Deployment Guidance for Microsoft Enterprise Desktop Virtualization 2.0– Information on how to deploy MED-V
► MED-V Configuration Pack– DCM integration for Configuration Manger 2007 for MED-V first time
setup
► MED-V Team Blog– Information on MED-V from members of the MED-V community
Enrol in Microsoft Virtual Academy TodayWhy Enroll, other than it being free?The MVA helps improve your IT skill set and advance your career with a free, easy to access training portal that allows you to learn at your own pace, focusing on Microsoft technologies.
What Do I get for enrolment?► Free training to make you become the Cloud-Hero in my Organization► Help mastering your Training Path and get the recognition► Connect with other IT Pros and discuss The Cloud
Where do I Enrol?
www.microsoftvirtualacademy.com
Then tell us what you think. TellTheDean@microsoft.com
(c) 2011 Microsoft. All rights reserved.
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
(c) 2011 Microsoft. All rights reserved.
www.msteched.com/Australia
Sessions On-Demand & Community
http:// technet.microsoft.com/en-au
Resources for IT Professionals
http://msdn.microsoft.com/en-au
Resources for Developers
www.microsoft.com/australia/learning
Microsoft Certification & Training Resources
Resources
Recommended