Education and the Cloud

September 17, 2012

HowTo – Integrate Windows Apps into the Ubuntu Linux Desktop using Windows RemoteApp

HowTo – Ubuntu and Windows RemoteApp Use Guide

By: Brian Mullan  (bmullan.mail@gmail.com)

August 2013

Note:  update from the WinConn app developer…  good news !

I had sent Alex Stanev, the developer of WinConn an email some time ago asking about the possibility of getting WinConn updated for the release of Ubuntu 16.04LTS in April 2016.   Alex has done the upgrade/update and you can read the email below to find out where/how to install the new WinConn so it will work with the newer Ubuntu versions.

                                          = = = = = = = = = = = = = = = = =

Hi,
I’ve moved winconn to github:
https://github.com/RealEnder/winconn

With this version, I’ve moved to new xfreerdp commandline options and fixed dependencies.

Generally, you can build it with:

git clone https://github.com/RealEnder/winconn

then:

cd winconn
dpkg-buildpackage

If you have dependencies needed (it should cry for them), you’ll have the .deb packages built successfully and installable. This works with 15.10, but should work with other versions also.

The problem here is with current freerdp (2.0.0-dev) they have RemoteAPP regressions – partial window shown, window froze and etc.

Please let me know If you have stable RemoteAPP functionality with concrete freerdp version. There are bugs submitted against freerdp, I’ll keep checking their status.
Any dev  help with winconn is welcome.

Cheers!

Alex

= = = = = = = = = = = = = = = = =

Note:  updated April 2015 – RemoteAppTool now supports  Windows 7 Enterprise -or- Ultimate, Windows 8 Enterprise, Windows XP SP3, Windows Server 2008 and newer!

Preface:

A “How-To Guide” about going beyond WINE’s capabilities to enable a clean integrated Linux Desktop with all of the “necessary” Windows applications you still require or can’t live without.

Note:   Because I use Ubuntu, in this guide I reference Ubuntu as my linux system.   However, using the same approach in any Linux Distro should work the same !   

What is the Problem we are trying to Solve

I like many Ubuntu users are still saddled at times with the need to run that one or two critical Windows-only software that just cannot be made to run correctly in WINE.

Of course we all know we can use virtualization like KVM or VirtualBox to install a Windows operating system and then install the needed Windows application(s) there.

But that only presents us with another set of problems:

  1. You are running the Windows OS as a VM and thus see the whole Windows Desktop presented to you which in my mind at least clutters up my desktop… just for access to your needed Windows applications.
  2. Without resorting to installing/configuring something like CIFS/NFS/SAMBA there is no convenient way to share/exchange data/files created in the Windows Application with your Ubuntu applications or vice-versa.

This article is being written to describe what I think is a very nice working environment that addresses this problem and may introduce you to several technologies that you will find interesting in other ways.

My own problem Windows Application happened to be a great MindMapping tool called ConceptDraw  which is part of an integrated suite called ConceptDraw Office.

ConceptDraw Office is only available for Windows and Mac OS.

I’ve purchased and use the great CodeWeaver’s Crossover Ubuntu WINE environment.   CrossOver allows you to install many popular Windows applications and PC Games on your Ubuntu PC.

While Crossover let me easily install Microsoft Office into my Ubuntu system there are some applications that it still cannot help run fully/correctly in Ubuntu.

For me, one of those was ConceptDraw Office.    Using CodeWeaver’s CrossOver application I could successfully install ConceptDraw Office and 2 of the 3 applications in the Suite worked flawlessly (Project Manager and the Visio-like Designer).

However, the ConceptDraw MindMap application installs okay and all the menu’s were correct BUT… the mindmap drawing surface just would not correctly render the mindmap images correctly no matter what I tried so the…  Mindmap application was unusable and useless to me.

As I really like using that Mindmap tool for brainstorming new projects like integration of applications into cloud environments (AWS or OpenStack),  I wanted to have the Mindmap available to me on Ubuntu without resorting to booting Windows or being forced see the entire Windows desktop in a VM or separate PC… just to use the one application.

So I came up with a very usable solution which I’d like to share.

This guide explains what I did and how it was done so others might benefit from it as well.

Where to Start

This approach does not eliminate the need for a VM but it will make your Ubuntu desktop and working environment much more nicely integrated with the Windows Applications you need.

In my solution that I will present I will be using several technologies:

  • KVM (VirtualBox is certainly an alternative)
  • FreeRDP (opensource Ubuntu tool that supports Windows RemoteApp and RemoteFX)
  • Windows 7 Enterprise -or- Ultimate, Windows 8 Enterprise, Windows XP SP3, Windows Server 2008 and newer.
  • Microsoft’s RemoteApp capability

It is a assumed you have a working Ubuntu desktop environment and KVM installed.

Using your (licensed) CD or .ISO file copy of one of the above required versions of Windows, create a new KVM virtual machine and install Windows into it.

When you create the VM you should probably size it for:

  • minimum of 30-35GB disk space
  • initially for 2 CPU (if you can) which after installation you can reduce to 1 cpu.
  • I’d recommend giving that VM an initial 3074MB of RAM (again if you can)

All of the above is to simply to make the Windows installation go quicker.

Note:  some of the Windows specific steps below are assumed to be known by you already.   You will also either need to make your account Admin capable or have a separate Admin account you can access.

After you have Windows installed in the VM the fun part of this begins.

Steps to do in Windows  (screen shots are from Windows 7)

Create a User account for yourself in Windows

  1. Click on Start
  2. Right-Click on Computer
  3. Select & click on Properties

After clicking on Properties you will see the following menu on which you need to select/click-on “Remote settings” in the upper-left.

On the next screen that is presented click on the Tab labeled Remote.

Then select the option:

 “Allow connections from computers running any version of Remote Desktop (less secure)”

Click on the “Select Users” button and you will see this menu screen.

Next, click the Add button and in this menu enter your Windows 7 UserID.

Click Check Names.

Click OK to return to the previous menu and you should see your Windows UserID now listed as authorized for Remote Desktop.

Click OK to save this UseriD as a user allowed to use Remote Desktop.

Now we can start some of the interesting configuration for Windows.

Note:  The reason why it must be a Windows 7 Ultimate or Enterprise version is that both of those are “capable” of supporting Microsoft’s RemoteApp as a “RemoteApp Server” but unfortunately Microsoft  made the decision to not make that capability readily useable.

Some very smart Windows users/programmers figured out how to turn on the RemoteApp server capability in Windows.

They have also made it almost painless by creating a very nice GUI interface to “Publish” RemoteApps from Windows.

Enabling RemoteApp Publishing on Windows

You must make sure that you have Microsoft’s .NET installed on your Windows VM ….   if it is not already.

A google search for “Microsoft .NET” should give you multiple hits where you can download and install .NET into your Windows VM.

Do this now !

Next we need to download the GUI based tool that will not only enable RemoteApp publishing on the Windows VM but will also let you Publish … ANY…  Windows Application you install onto that Windows VM as a “RemoteApp”.

A person named Kim Knight built a GUI based application called RemoteAppTool that you can download from here:

http://www.kimknight.net/remoteapptool

Download and Install the RemoteAppTool into your Windows Virtual Machine (VM).

Note:  The RemoteAppTool requires .NET which is why we did that step first.

After installation of the RemoteAppTool you need to start installing your Windows Applications that you will want available on your Ubuntu system.

Do those Application Installations now !!

Publishing a Windows Application as a RemoteApp using RemoteAppTool

Now that you have installed all of the Windows Applications you want access to the next step is to “publish” them as RemoteApps.

Right-Click on the Windows Icon for Kim Knight’s RemoteAppTool program and select to start it as an Administrator.

Note:  this is why you need to be an Admin or able to log-in as an Admin on the Windows VM

After the RemoteAppTool starts you will see its GUI Menu.

Click on the “New” button

Enter any meaningful name for your RemoteApp

At the next screen (RemoteApp Properties Entry screen)   click on the 3 dots (…) to the right of the PATH entry which will bring up Windows Explorer.   Use Explorer to search your system for ANY application you want to associate with this RemoteApp “name”.

After you double-click on the .exe name of the Windows program you want to make a RemoteApp… all the rest of the fields in the RemoteAppTool menu should be filled in automatically.

When the form is complete REMEMBER to Click SAVE !

NOTE:  Once you click  SAVE your application is available from the Windows 7 VM as a Windows RemoteApp !

Now we need to go back your your Ubuntu desktop so leave your Windows 7 VM running but just minimize it off of your Ubuntu desktop.

Note:  As I’d mentioned earlier I have tested and used RemoteAppTool on Ubuntu 12.04 LTS and 12.10, Ubuntu 13.04, Ubuntu 14.04 LTS.

Install the Applications enabling use of Windows RemoteApps from the Ubuntu desktop

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.   FreeRDP is primarily the work of  Marc-André Moreau  who on January 16, 2012 announced  the stable release of FreeRDP 1.0 for Ubuntu but FreeRDP may have have also released newer versions.

Note:  FreeRDP can also be used on Mac OS and Windows clients also to connect to Windows Servers !

FreeRDP v1.x can be downloaded here.

You will only need to do this if your Ubuntu Distro does not have it available or you want the latest version of FreeRDP.

FreeRDP’s Key Features:

  • RemoteFX
    • Both encoder and decoder
    • SSE2 and NEON optimization
    • NSCodec
    • RemoteApp
    • Multimedia Redirection
      • ffmpeg support
      • Network Level Authentication (NLA)
        • NTLMv2
        • Certificate validation
        • FIPS-compliant RDP security

Note:  the 2 key features (my opinion) are the support on Ubuntu for RemoteFX and RemoteApp.

If you are unaware of what RemoteFX or RemoteApp do in a Windows architecture see these referensce:

For RemoteApp:  

        http://technet.microsoft.com/en-us/library/cc755055.aspx

For RemoteFX:    

        http://technet.microsoft.com/en-us/library/ff817578%28v=ws.10%29.aspx

        http://blogs.technet.com/b/virtualization/archive/2010/03/17/explaining-microsoft-remotefx.aspx

So check NOW your distro’s Repository to see if FreeRDP is there and  it is at least v1.0 !

Note:   For this Guide to work the repository must have at least version 1.0 of FreeRDP.   

If the repository does not yet have at least v1.0 then you may have to download the source and build and install FreeRDP yourself.

NOTE:   In Ubuntu 14.04 (which I use) the FreeRDP in the Repository is v1.02 which works with this process!

Install FreeRDP now!

Now that you have FreeRDP installed you are ready to run one of the Windows RemoteApp programs you previously configured.

FreeRDP itself is a command line tool and obviously you “could” run one of your Windows RemoteApp’s using a command line such the examples on the FreeRDP Wiki:

      https://github.com/FreeRDP/FreeRDP/wiki/RemoteApp

As they those TV Ads we all love late at night  say —   “But wait … there’s more”.

There was recently released an open source GUI application that makes running RemoteApps via FreeRDP almost too simple.

This application is called WinConn.

WinConn simplifies creation, management and desktop integration of remote windows applications in Ubuntu.  WinConn uses RemoteApp technology, implemented by the FreeRDP Project to provide a seamless user experience with Windows Applications on your Ubuntu system.

Each RemoteApp application runs in its own “window” on your Ubuntu Desktop.

This means the RemoteApp application can be used like any other locally installed Ubuntu application, without bringing the full windows desktop to the user.

You can download WinConn from the website:     http://stanev.org/winconn/

NOTE:  WinConn’s Launchpad PPA has not been updated beyond Ubuntu 12.10 (re Quantal release)!  So to use the PPA on a newer version of Ubuntu (13.04, 13.10, 14.04 etc) you will have to edit your /etc/apt/sources.list file and manually add the following 2 lines of text entry:

      deb http://ppa.launchpad.net/realender/winconn/ubuntu <your ubuntu version here – example = trusty> main
      deb-src http://ppa.launchpad.net/realender/winconn/ubuntu <your ubuntu version here> main

Save the edit of the /etc/apt/sources.list file and then do:

      sudo apt-get update && sudo apt-get install winconn -y

WinConn simplifies use of FreeRDP without resorting to the Command Line Interface.   It makes it easy to not only run your RemoteApps but also to specify a local “shared” directory where your Windows application can push/pull documents or files to/from your Ubuntu environment and those Windows applications.

So Let’s see a Movie and All of this in Action

Although I “could have” done a short video from my own Ubuntu desktop I’m basically lazy.

So I’m just going to show you what this Guide is all about….  via an existing Video which had been produced by Alex Staney (WinConn)  and posted on Vimeo.

IMPORTANT NOTE:  

The following video is an Ubuntu 12.04 Desktop PC running WinConn to present RemoteApps published from a WINDOWS 2008 server.

What this guide has been all about is accomplishing the very same function but instead of a Windows 2008 server publishing the RemoteApps you want to use this Guide shows you how to use a Windows VM to do the very same thing with the same if not better performance  !!

I did this because its more likely that people have a Windows 7 or WinXP license than an Windows 2008 server license handy.

Watch the following Video from  Alex Stanev demoing the WinConn RemoteApp manager on an Ubuntu 12.04 desktop:

http://vimeo.com/44984895

Ways to make this even more Productive

Up until now we’ve only discussed how you can make any Windows Application a RemoteApp and then run those apps in their own “window” on your Ubuntu desktop without seeing the whole Windows desktop.

There is a way to make this even more productive for yourself and actually avoid having to setup each and every Windows Application as a RemoteApp.

How do you do that?    Well, a unique capability of this approach  of using RemoteApp is that if you were to setup the Windows Explorer program itself as a RemoteApp and publish it then when you run it (using FreeRDP or WinConn) you will see Windows Explorer appear in its own window on your Ubuntu Desktop.

One capability that Windows Explorer brings to the table is that in Windows itself it allows you to find an executable .EXE program, .BAT batch file or .COM file and just click on it to run that program.

So as I’d said earlier … I’m basically a lazy kind of guy so if I can keep from doing extra work by doing something smarter, all the better.

So lets setup Windows Explorer, publish it as a RemoteApp and then run it.

RemoteAppTool First Use Screen with No RemoteApps

First we log back into our Windows 7 VM and again start the RemoteAppTool application (as Administrator).

Next click on the Create New button and and enter the form’s fields to begin the process of specifying Windows Explorer (explorer.exe)… as a remote app.   We’ll explain why  we pick Explorer.exe later.

remoteapptool new entry screen

    After entering a name for our RemoteApp (note: this “name” can be anything that is meaningful to you)… click OK.

RemoteAppTool New App Properties Entry Screen

RemoteAppTool New App Properties Entry Screen

Now to the RIGHT of the “PATH” entry there are 3 dots (…) – Click on those 3 dots.

This will bring up explorer and allow you to search on your system for the program you want to make a RemoteApp.

In our case we want to actually make Explorer.exe itself a RemoteApp so you can Click on Computer, Click on C: drive, click on Windows, then scroll down until you see explorer.exe then double-click on it and it will be added to the RemoteAppTool screen entries for you.

-OR-   you should be able to actually enter exactly what I have in this picture as  all Windows systems use the same %windir%  variable to specify where the location where Windows system applications live (%windir% =  the c:\Windows directory) where explorer.exe is located.

When you are done completing this form…  again, remember to hit “Save”.

Now you have published Windows Explorer (explorer.exe) as a RemoteApp !!!   Its that simple with RemoteAppTool.

Let’s go back to the Ubuntu desktop.

Now let’s create some directory in your Linux system that you might use for any and all exchange of files to/from Ubuntu and Windows 7.    If not in your home directory or “Documents” directory make sure you have READ/WRITE privileges to wherever you create it.

Let’s use /opt and so we remember what this directory is for lets just call it “win-share”.   Since we are using /opt you will have to use “sudo” to give you the permissions to create the new directory and to change its permissions for access.

$ sudo mkdir /opt/win-share

$ sudo chmod 777 /opt/win-share

and then start WinConn up again.

This time lets configure just a single entry for the explorer.exe   RemoteApp we just published.

!! Remember to click the Save button !!

Now before you exit WinConn lets do one more thing.

Click on the little menu Icon

If you just hover your mouse over it on the WinConn menu you will see that it lets you create a Ubuntu Desktop Launcher.

Let’s do that now !

After you’ve done this you will see a new Launcher Icon on your Ubuntu Desktop which is labeled appropriately enough… Windows Explorer.

If you’ve followed all these steps so far all you have to do now is click on that Icon to bring the Windows 7 – Windows Explorer (explorer.exe) onto your Ubuntu desktop in its own window which you again can resize, minimize etc.

I am going to assume everyone has used Windows Explorer so after it appears on your Ubuntu Desktop use Explorer to search for some other Applications you’ve installed on Windows 7 and click on any of them just as if you were in Windows itself.

Voila…

You will see the application you clicked on also appear on your Ubuntu Desktop and because you previously configured /opt/win-share and made it accessible you can use any application now and save or open files in the /opt/win-share directory.

NOTE:   if your application does not appear the Windows Ultimate or Enterprise edition installation “may” need a extra entry put into the Windows Registry using the “regedit” tool.   You may also see an error if you use FreeRDP from the command line that says:      error: RAIL exec error: execResult=RAIL_EXEC_E_NOT_IN_ALLOWLIST NtError=0x15

To fix this problem do the following simple steps MAKING SURE to follow them all.

  1. On your Windows 7 virtual machine, run Regedit from the “command bar” on the lower left side of Windows.
  2. When Regedit pops up, start clicking down the following path HKLocalMachine\SOFTWARE\Policies\Microsoft\Windows NT (re click HKLocalMachine, then click SOFTWARE, then Policies etc)
  3. once you are at Windows NT — check to see if  there is an KEY entry alrea dy named “Terminal Services” beneath it… if there is NOT then do steps 4 & 5.     If it already is there skip to step 6
  4. Right Click on Windows NT, select/click on NEW and then select KEY (note:  this will create a new “key” entry box underneath Windows NT 
  5. Change the name of that new KEY to “Terminal Services”
  6. Click on Terminal Services
  7. In the right hand window of Regedit “right click” add a DWORD 32 entry
  8. Under that, add a DWORD32 value named “fAllowUnlistedRemotePrograms” and set the value to 1

When you are done your Regedit screen should look like the following:

Regedit entry to fix problem with FreeRDP execution of RemoteApp ending in error15

Regedit entry to fix problem with FreeRDP execution of RemoteApp ending in error15

Now you are ready to try all of this out.     in WinConn double-click on the entry for Explorer and you should see your Windows Explorer pop up in a Linux Window all by itself (re without the rest of the Windows Desktop)

If you use Windows Explorer to find and launch the Microsoft Paint program (mspaint.exe) Explorer you will see something like this… with my great artwork

If you Click on the Paint program button that looks like a Floppy Disk you will see the “SAVE” AS menu appear.

Click on the “file sharing” directory we created earlier in /opt.

Note: Because we are using WinConn it will appear as a folder called something like:

            “winconn-on-”. 

In my case, the shared directory name is going to be labeled in the Windows Save AS menu in the left panel as:

“winconn on ubuntu-2tb”   … is called “ubuntu-2tb”

Why… because my Ubuntu system’s hostname is “ubuntu-2b”

Enter the File Name (My Cool Beans drawing) and Save as type (I chose JPEG) then click on the Save button.

Now go back to your Ubuntu desktop and click on Nautilus (in Ubuntu) or whatever file manager tool you use and go to the /opt/win-share directory and will now see:

Since we are on our Ubuntu system just click on the “My Cool Beans drawing.jpg” and open it with an appropriate application you will see:

This is…  Cool Beans … isn’t it !!!

Some Parting Thoughts

I hope some of you find this a useful approach to your own “required windows app” problem.

You now know how to:

  • run any Windows App as a Windows RemoteApp.
  • Share files between your Ubuntu and Windows VM

Now… WHY did we make Explorer.exe  itself a RemoteApp program??

Because Simplicity is our Friend

Go back and log into to your Windows 7  VM again.

Now create a directory in windows  (lets call it “WinApps”) then use Window’s own Explorer to find every application you want to use either copy the Application or create a “short-cut” for each and put them in our “WinApps” directory folder.

Now logout of Windows 7 and return to your Ubuntu system.   Click on your Windows Explorer Launcher that we created earlier using WinConn and then using Explorer change to our  new “WinApps” directory and you will see:

From now on to launch ANY of your Windows applications as a RemoteApp click on your Windows Explorer Launcher that we created earlier using WinConn.

Then in Windows 7, using Explorer,  change to our  new “MyWinApps” directory and click on ANY of those applications and it will appear on your Ubuntu desktop.

How simple can it be?   From now on at most you only have 3 steps to do.

Actually, once Windows Explorer has appeared on your Ubuntu Desktop there is only 1 step… clicking on the Application(s) you want.     You can launch multiple apps and    they will all appear in separate windows on your Ubuntu Desktop.

So to review….  On your Ubuntu desktop:

  1. Click on the Windows Explorer Icon to run explorer.exe as a RemoteApp.
  2. When Explorer appears change to your own  MyWinApps directory on your Windows Virtual Machine desktop
  3. Click on any application shortcut you’ve placed in the directory MyWinApps and it will be launched as a separate RemoteApp and appear in its own Ubuntu Desktop window !

Best of all, you only had to setup one RemoteApp while in Windows using the RemoteAppTool and now any Windows installed application is available to you from your Ubuntu Desktop !

Also, every Windows application will be able to open/save files to our Ubuntu systems /opt/win-share directory and so will any of your Ubuntu applications.

Note:  All of this approach  works because any Windows Application launched by Windows Explorer “inherits” the Windows Environment of Windows Explorer.    In our case any program started by our “RemoteApp” Windows Explorer… will “inherit” being a RemoteApp itself..!!

Every Windows application you launch  will appear on your Ubuntu Desktop in its own “window”.   

All because … Windows Explorer was setup as a RemoteApp … so any/all applications it launches will also be RemoteApp enabled.

Advanced Windows 7 Configuration Setup

Windows 7 has the ability to be extremely customizable by anyone with Administrator privileges.

To further customize our Windows 7 VM let’s go through some of these steps.

NOTE:   BEFORE…  we start this section of the Guide lets make a KVM Clone of our existing Windows 7 VM.

Login into the Windows VM and and do a SHUTDOWN.

When the Windows VM has terminated use the Ubuntu  KVM Virt-Manager to create a “clone” of your Windows 7 VM.   That clone will be a snapshot of the configurations we have done so far.

Note:  This clone will be our backup in case we make any mistakes in this advanced configuration section of the Guide and we don’t know how to reverse what we’ve done.

Next, restart your original Windows VM and login in again.

Once you are at the Windows Desktop  click the Start button in the lower left and in the pop-up enter the following Windows Global Policy Editor tool named:  gpedit.msc  then press Enter.

gpedit.msc is a very powerful tool as it will let you literally change any setting in Windows.

Note:   this is why we made a backup clone of all our previous work !!

A nice feature of gpedit.msc is that if you click on any configuration entry in the left side of its display you will see on the right-side an “edit” box which:

  • explains in plain language what the edit options are for that feature
  • provides a simple check-box type configuration entry to change that feature’s options
  • provides simple Previous/Next buttons to move either to the next feature to edit or the previous.

For this Guide the following is only to demonstrate HOW TO change Windows 7 feature settings using the Windows Global Policy Editor tool called “gpedit.msc”.

Just to illustrate how the gpedit.msc tool works I’ll show you how to find/change one Feature option related to RDP User Sessions.

Note:   this is not necessarily something you have to do but is a useful demo so you can see the displays that gpedit.msc will present to you.   

gpedit.msc is so useful to customize Windows that there are probably other Features/settings you will want to modify to customize your Windows application and RDP session use.

Lets demonstrate how to find/modify the Feature options for the number of  RDP connections a user can have.   This Feature setting is called:   Limit number of connections

To find this feature in order to change its settings:

1) In the Left-side Panel click on “Computer Configuration
2) Click on its sub-option “Administrative Templates
3) Click on the Administrative Templates sub-option for “All Settings
4) In the Right-side Panel you can scroll or page up/down until you see “Limit number of connections” then click on that entry to edit its feature settings.

When you click on “Limit number of connections”  you will be presented with the feature option editor that as we’ve mentioned earlier will explain in it’s “Help” box what each setting does so you understand what your changes will do.

In the case of  “Limit the number of connections” we want to change this to “unlimited” so enter 999999 into the RD Maximum Connections allowed field and then Click the Apply button.

Note:  After Clicking on Apply, the change becomes immediately active in Windows.

Click OK to return to the Group Policy Editor (gpedit.msc) so we can make more changes.

Note:  without buying Terminal Server licenses for multiple users (CALS) from Microsoft.. by default.. Windows will only allow 2 desktop connections!

Important Note:  When using FreeRDP the way we have set it up, the only RemoteApp is the Windows Explorer program.   This only requires one RDP connection but enables you to start many Windows Applications up concurrently that will appear on your Linux Desktop and look/act like any other Linux application.

But it will only use a single RDP connection for all applications launched from that Windows Explorer !!

There are so many Windows system configuration options available (literally hundreds) to edit in gpedit.msc that its almost impossible to go through all of the useful ones for your particular situation.

The Global Policy Editor (gpedit.msc) is so user friendly with it’s “help” display on each Feature entry that it is hard to mess up your Windows installation… but never say never … and you could do something that might cause you a problem.   Again, that’s why we created our snapshot KVM clone of our Windows VM.

Search through all of the editable Features presented in gpedit.msc and tune your Windows system however you like.   Some often configured items revolve around settings for:

Enabling/disabling non-admin users to Shutdown the Windows system

Setting a time limit for disconnected RDP sessions before terminating the User’s Session.

Specifying a program to be run each time an RDP connection session is created.

And many more….

So browse the Features settings and change what makes sense to you and your use of Windows .

Have fun….

You gotta love Open Source Software and Solutions it makes possible !

Brian Mullan

Raleigh, NC

Advertisements

August 21, 2009

A bit off topic but worth mentioning…

There is so many great things happening today with how we all use the Internet, computing devices, software that its just hard to keep up.

Lately I’ve had to look more into several things, some known for a while some just stumbled on.

The group producing TurnKey Linux applications has always been interesting in their approach to applications deployment.    Their collection to Open-Source applications has been growing steadily.   Take a look and try one out.   In just a few minutes you can have a top server/service application up and running.

An interesting product I also bought to play with was the Marvell electronics SheevaPlug Development kit… about $120 … I still wonder about all the things you could do with this technology.   Marvell is a leading custom silicon manufacturer and their Plug Computer technology is way cool to work with.    I got several and one was configured in 20 minutes as a Samba server for my house.  I’d connected a 250Gig mini usb hard drive to it with all my music and let the really tiny Plug computer serve music to all the devices in my house.

So my future plan involves a 6 Port USB 2.0 self powered hub connecting 3 – 500 Gig mini-USB drives to 3 PowerPlugs computers.

The 1Gig E port on each of the PowerPlug Computers connected to my hub on the back of my Wireless N router.

For my fooling,  this will basically become 1.5Tbytes storage with 3 – 1.2 GHZ ARM processors each with their respective 512Meg FLASH,  512Meg DDR memory.    Adding 16GB or 32GB USB Flash RAM  to each Plug Computer will give them plenty of intermediate speed memory and since Ubuntu Linux is preinstalled it can take advantage of it all.

Sort of like a poor-man’s mini data center. $100 ea for the PowerPlug Computers, $100 ea for the USB mini-drives, $40 ea for the 16GB Flash, $35 for the 6 port USB hub

TOTAL: around $700.00

OH… and for the GREEN of you…

Each Sheeva Plug Computer uses less than 5 Watts and since USB 2.0 offers 2.5W @ 5V to each connected device (in our case 3 USB mini-hard drives)…

Our $700 Mini-Data Center runs on less power than a 30 Watt Light Bulb !!

Imagine the kinds of things you could do with that kind of setup running this shoe-box size mini-server farm — say an Apache WWW server, Email Server, low-end SQL.    You might run for a brewski when the idea hits you but all that technology really did fit in a shoe-box… I only had to cut a hole in the side for the power & ethernet cables.    Think about that for a second.     I forgot to mention that included my Open-Mesh wireless G connectivity (described in a bit).

I’ll try to post a picture later.

Yes and for the neh-sayers…

  • Yeah the mini-USB 2.0 drives only provide thruput of SCSI or eSATA,
  • and the ARM processors don’t have arithmetic coprocessing capability
  • the DRAM is just 512M and additional currently has to be via slower FLASH memory

But less than 5 years ago you’d have paid thousands for these same capability and it would have taken a Rack to hold it all.

Again, I can’t begin to think of all the things you could do with this kind of stuff.

Check it out what a GlobalScale’s GuruPlug Server provides for $130.    GlobalScale uses the Marvell chipsets.

Whats in the GuruPlug Server Package

eSata, USB, Gigabit EthernetMarvell has released new chipsets/boards that are even adding Wireless LAN and BlueTooth.

GuruPlug Server System

Next on my piqued interest list was when I found Open-Mesh’s Open-Mesh“mesh” wireless technology products.


Open Mesh wireless router

Almost incredibly easy to setup (5 minutes tops) and based on Open Source and standards.     Thee devices are really inexpensive ($29-$59) but the Open-Mesh Wireless networking technology is another really cool idea that I think will have people inventing ways to utilize it more besides coffee shops where  you drink your hot Java and work or check Facebook and Linked-In.

What blew me away was how great their free wireless management system was.    Its Open-Mesh’s Wireless Dashboard … make sure you take a look and think about what you are seeing for a bit.

Open Mesh Wireless - Dashboard

It was great to set it all up then see a Google Map on my PC showing all the Open-Mesh nodes overlaid on the map as icons.

Open-Mesh provides a free administration, alerting and mapping system called the “dashboard”.  It allows you to configure the SSIDs, splash page, passwords, and user bandwith for your network.

Click on a red/yellow/green icon and get details of the Node’s status, traffic etc.   These Open-Mesh devices support only Wireless G now but I understand N is in the works.   Heck, hard to pass up at $29-$59 each considering the wireless capabilities & more importantly free wireless mgmt you are getting with the Mesh Wireless Routing.

But lets get back to my over all theme…

Maybe the mini-datacenter  will get wedded to the Open-Mesh wireless boxes and produce smarter kids by adding  computing capabilities to schools more inexpensively !!!

Maybe … get it ??    With this economy – Help your community and help your schools… it helps kids and as the old saying goes

Kids may only be 30% of the population BUT GUARANTEED they are 100% of tomorrow. !

Thanks.

Brian

August 3, 2009

Part 2 – Using Cloud & Virtualization Technologies for Education -or- how Education and the Cloud met, married and had smarter kids!

Here I continue my last discussion about K-20 education and how to use cloud technology to possibly do things.

Lately, I’ve been following this thread… and would like to share some ideas and thoughts with you all…

===============================================================================================================================================


Message: 1
Date: Thu, 30 Jul 2009 15:32:18 -0600
From: xxxxxxxxxxxxxx
Subject: Re: [Ltsp-discuss] Recommend Server for 25 clients
To: ltsp-discuss@lists.sourceforge.net
Message-ID:
Content-Type: text/plain; charset=UTF-8

On Thu, Jul 30, 2009 at 1:40 PM, xxxxx xxxxxxxxx<xxxxxxxxxx> wrote:
> xxxxxx xxxxxxxxxx :
>
>> How powerful server would you recommend for 25 users ?
>
> “Server sizing in an LTSP network is more art than science. Ask any LTSP
> administrator how big a server you need to use, and you’ll likely be
> told “It depends”.”
>
> http://www.ltsp.org/~sbalneav/LTSPManual.html#id2697011

===============================================================================================================================================

So I replied to that thread with the following response with I’ll share here on my blog…

I’ve been using Amazon Web Services (AWS) ie Amazon’s cloud for K-20 proof-of-concept work. So bear with me while I describe some things…

  1. Amazon’s Elastic Compute Cloud (EC2) service is very inexpensive and easy to use and provides 5-6 different choices for “compute resources” (ie servers).
  2. Amazon uses a “Utility” based pricing model (you pay only for how much of something you use like water or electricity) and only when you are using it.

ie.  need a bigger server… just pick one and start it up (ie Launch it in AWS terminology) migrate your apps (won’t go into that here)

Need 10 or 100 servers… easy… pick the server model (linux/windows, 32/64 bit etc) — this is called an AMI – Amazon Machine Instance — and when you LAUNCH the AMI just put the # of servers you need into the “Number of Instances” box that pops up when you select to LAUNCH the AMI you picked.

5 minutes later… they will all be running.

You manage all the startup/shutdown, IP address’s, Security Firewall/Access lists etc using Amazon’s web based AWS Management Console.

Now I’ve always wanted say this … But WAIT there’s MORE… it gets better yet <g> !!

You can take ADVANTAGE of Amazon’s Auto-Scaling and Auto-Load-Balancing features.

Since AWS costs are based like a Utility …  you can start off with just 1 server at 5am and if you set it up for auto-scaling …

As students/teachers (ie Load) starts to build say around 9am… the server “can” Auto-Scale UP by cloning itself and at the end of the day the servers will Auto-Scale DOWN by terminating
themselves when no longer needed (ie you don’t pay for them when they aren’t running).   You are the one to configure the parameters for the UP/DOWN auto-scaling.

try doing that in your school or data center where 1st you have to buy the servers, rack/stack/cable/ pay for HVAC, maintenance contracts, insurance, replace parts, etc.

I like letting Amazon worry about that stuff!

I will copy some information from the AWS web site.

You can sign up for an AWS account free (again you only get billed if you start using something).

As you can see below a “small” server costs just 10 cents/hr while the largest (8 or 20 core) just 80 cents/hr.

I learned about AWS by starting a “small” Ubuntu server, installing my applications, testing etc. then blowing it away when I was done.   I spent 4-5 hours a day ($0.50/day) to do this.
It was very easy to learn !

===============================================================================================================================================

Instance Types

Standard Instances

Instances of this family are well suited for most applications.

  • Small Instance (Default) (ie virtual server)
    • 1.7 GB of memory
    • 1 virtual core
    • 160 GB of instance storage
    • 32-bit platform
  • Large Instance 7.5 GB of memory, 4 core, 850 GB of instance storage, 64-bit platform
  • Extra Large Instance (ie virtual server)
    • 15 GB of memory
    • 8 core
    • 1.7 TB of instance storage
    • 64-bit platform

High-CPU Instances

Instances of this family have proportionally more CPU resources than memory (RAM) and are well suited for compute-intensive applications.

  • High-CPU Medium Instance 1.7 GB of memory, 5 core, 350 GB of instance storage, 32-bit platform
  • High-CPU Extra Large Instance
    • 7 GB of memory,
    • 20 core
    • 1.7 TB of instance storage,
    • 64-bit platform


===============================================================================================================================================

Pricing

NOTE:   as of 9/2010 AWS has introduced an approximately 18% price decrease for most of the AWS EC2 compute instance sizes.    The pricing below does NOT reflect this change.

AWS has also introduced a new “micro” instance which provides 640Meg of RAM,  1/2 a cpu for only  $0.02 cents per hour —  48 cents per day ??

Pay only for what you use. There is no minimum fee. Estimate your monthly bill using AWS Simple Monthly Calculator.

On-Demand Instances

On-Demand Instances let you pay for compute capacity by the hour with no long-term commitments.

This frees you from the costs and complexities of planning, purchasing, and maintaining hardware and transforms what are commonly large fixed costs into much smaller variable costs.

The pricing below includes the cost to run private and public AMIs on the specified operating system.

Amazon also provides you with additional instances with other option for Amazon EC2 running Microsoft and Amazon EC2 running IBM that are priced differently.

United States

Europe
Standard On-Demand Instances Linux/UNIX Usage Windows Usage
Small (Default) $0.10 per hour $0.125 per hour
Large $0.40 per hour $0.50 per hour
Extra Large $0.80 per hour $1.00 per hour
High CPU On-Demand Instances Linux/UNIX Usage Windows Usage
Medium $0.20 per hour $0.30 per hour
Extra Large $0.80 per hour $1.20 per hour

United States
Europe
Standard On-Demand Instances Linux/UNIX Usage Windows Usage
Small (Default) $0.11 per hour $0.135 per hour
Large $0.44 per hour $0.54 per hour
Extra Large $0.88 per hour $1.08 per hour
High CPU On-Demand Instances Linux/UNIX Usage Windows Usage
Medium $0.22 per hour $0.32 per hour
Extra Large $0.88 per hour $1.28 per hour

Pricing is per instance-hour consumed for each instance type, from the time an instance is launched until it is terminated. Each partial instance-hour consumed will be billed as a full hour.

Reserved Instances

Reserved Instances give you the option to make a low, one-time payment for each instance you want to reserve and in turn receive a significant discount on the hourly usage charge for that instance.

After the one-time payment for an instance, that instance is reserved for you, and you have no further obligation.

You may choose to run that instance for the discounted usage rate for the duration of your term, or when you do not use the instance, you will not pay usage charges on it.

United States

Europe
Linux/UNIX One-time Fee
Standard Reserved Instances 1 yr Term 3 yr Term Usage
Small (Default) $325 $500 $0.03 per hour
Large $1300 $2000 $0.12 per hour
Extra Large $2600 $4000 $0.24 per hour
High CPU Reserved Instances 1 yr Term 3 yr Term Usage
Medium $650 $1000 $0.06 per hour
Extra Large $2600 $4000 $0.24 per hour

United States
Europe
Linux/UNIX One-time Fee
Standard Reserved Instances 1 yr Term 3 yr Term Usage
Small (Default) $325 $500 $0.04 per hour
Large $1300 $2000 $0.16 per hour
Extra Large $2600 $4000 $0.32 per hour
High CPU Reserved Instances 1 yr Term 3 yr Term Usage
Medium $650 $1000 $0.08 per hour
Extra Large $2600 $4000 $0.32 per hour

Reserved Instances can be purchased for 1 or 3 year terms, and the one-time fee per instance is non-refundable.

Usage pricing is per instance-hour consumed.

Instance-hours are billed for the time that instances are in a running state; if you do not run the instance in an hour, there is zero usage charge. Partial instance-hours consumed are billed as full hours.
===============================================================================================================================================

Here’s how I make use of this.

On AWS you can pick from hundreds of pre-built “public” servers types (different flavors of Linux – Fedora, Ubuntu, Centos etc etc), 32 bit or 64 bit.

Some are “server” linux some are desktop linux.

Some have been built with apps already installed (Apache, MySQL, etc etc)

You get the idea.

So what have I been doing for kids/education… ?

Server Side:

I’m using AWS Desktop images where I’ve installed the x2go one-server.

x2go utilizes the NoMachine NX transport protocol libraries that are Open Source but x2go implements its own server-side and client modules.   The server side comes in a single user home version and also a x2go server implementation that is clustered and load balanced.

Unlike NoMachine’s current NX server/client …. where audio is a big problem.   x2go supports audio extremely well from server to client.    Local printing and sharing of folders between server and client is also supported.

Client Side:

Client side boots off of a Ubuntu USB thumb drive – preloaded with the x2go Open Source Windows, Mac or Linux clients.

x2go also has introduced a Web Portal capability for accessing the remote desktop.    Any user with a Browser that supports java can now access the Remote Desktop without installing any other client software on their local PC.

Each kid can have one and that way they can use it at school or — at home (same desktop, same cloud servers as at school).

Since the “real work” in terms of CPU and Storage is out on the AWS “cloud” it does NOT even matter what type PC they use…. all you use the local machine for is basically to boot off of
the USB and the local keyboard, mouse, screen and network connection (everything becomes a thin-client)

  • old pc, new pc
  • old laptop, new laptop
  • netbook
  • thin client

Since the “Desktop” that the students see is exported over NX from the AWS Desktop server where I can have from 1 – 20 CPU and I can have as many servers as I want… or can pay for <g>?

— and —

because storage using AWS’s S3 – Simple Storage Service and EBS – Elastic Block Storage is more or less infinite (at least as far as I’m concerned)

Now how’s performance.

Well you have to have a working and stable local network first of all but that’s true even if using a client/server model or a Thin Client model LTSP or Citrix etc.

The NX protocol is terrific and you can read about just how good it is here.

Here’s my basic process to create a server IF I start by using one of AWS’s Public Amazon Machine Image (AMI) that are  available.

  1. Launch the AMI instance I want
  2. Modify it by adding all the applications I need and configuring everything.
  3. Save the running “instance” using the free AWS EC2 AMI tools to what is called an S3 storage “bucket”.
  4. Re-register my now saved AMI “image” as a NEW Amazon AMI (once registered w/AWS I’ll be able to LAUNCH it from the AWS Management Console like any other AWS AMI.
  5. I then LAUNCH my new image like any other AWS AMI
    1. tell AWS how many “instance” … ie # virtual machines
    2. tell AWS what size server (32/64 bit small … up to Extra Large)
    3. Assign my firewall/access lists to the new instance
    4. Create and Assign an AWS Elastic IP address to MY “instance” (simple – takes 2 seconds)
  6. Once it’s in a “running” state.. just use the AWS cloud based server

Elastic IP Addresses – Elastic IP addresses are static IP addresses designed for dynamic cloud computing.
An Elastic IP address is associated with your account not a particular instance, and you control that address until you choose to explicitly release it.
Unlike traditional static IP addresses, however, Elastic IP addresses allow you to mask instance or Availability Zone failures by programmatically
remapping your public IP addresses to any instance in your account. Rather than waiting on a data technician to reconfigure or replace your host,
or waiting for DNS to propagate to all of your customers, Amazon EC2 enables you to engineer around problems with your instance or software by
quickly remapping your Elastic IP address to a replacement instance.

By the way, in case this isn’t obvious… got a new school that needs to be setup?

Other than the USBs for the kids and some kind of computer for them to use … the server can take only minutes to setup and there’s no physical installation involved !!!

Finally, I use my local machine with NX Client software to log in and I get a Desktop… and it’s all PFM …  magic !

Today (right now) I’m writing this while I have 4 AWS servers running that I am testing.

On my desk is a Lenovo T61p laptop

  • Dual Core
  • 4 Gig RAM

next to it I have an ASUS 1000HE Netbook

  • Atom processor
  • 1 G RAM

Both machines booted off of a USB.

I next used the  NX Client software to log into one of my AWS Desktop servers on each one and started working.

Performance is exactly the same on both clients (well  they ASUS display can only go 1400×600)

I wrote this on my AWS desktop server session using the ASUS while several of the  sessions on the Lenovo were doing some other things for me

I’d really like to get more in the Linux K-12 and K-20 community trying this so we can all share more of what we are doing for education of our kids.

Let me know if any of you would like some more pointers or information as I said I’d like some folks to work with on all of this.

I’ve also got some pretty cool AWS based solutions for the “Windows” in your life…

Hope you found this interesting!

Brian Mullan

June 18, 2009

Part 1 – Using Cloud & Virtualization Technologies for Education -or- how Education and the Cloud met, married and had smarter kids!

U.S. Education Secretary Arne Duncan wants to use some seed money in a Race to the Top to see what innovative States can come up with in regards to best ideas, concepts, implementations and results.   Good idea… kind of like prototyping and trialing then picking the best.

From my view there are many things that can be addressed in education.   Technology being just one of several approaches to the overall issues related to improving K-12 education.

I recently heard a short comment that made an impression.

In 1909 if you had gone into a classroom in a large city school you would have seen kids seated at desks with pencils and paper.

At the front of the classroom would be a teacher sitting facing the children with the teacher’s pencil and paper on her desk.

Of course books would be on the desks and a blackboard with chalk on the front wall.

Fast forward 100 years to 2009.

How much has that picture really changed ?

Ok… there may be some classrooms at some schools that have some “newer” technologies

  1. a projector ? some
  2. <lets skip a few era’s of technology here>?
  3. computer on every desk ? more rare than common
  4. networked servers/computers — rarer than #3
  5. maintained network computers – rarer than #4 and #5
  6. #5 & #6 maintained by someone other than the Librarian and Librarian assistant ???

Well you get the idea and if you work at or for a school you know the picture.

Click here to see some “Race to the Top” Slides

Geez where to start?

I am fairly certain that Cloud and Virtualization technologies are going to play major roles in some of the successes.

But what kind of Cloud ?   Private, Public .. hybrid and whats the Total Cost of Ownership (TCO) for each of those paths.

Private

  • the State or the LEA owns/manages/pays for a Data Center and support staff, electricity equipment, heat/air, safety, insurance

Public

  • Amazon Web Services (AWS), Rackspace, Google owns the infrastructure, etc but you may still be the “operator”

Hybrid

  • Private Data Center augmented by compute or storage resource provided by a Public cloud provider

Well lets make it more muddled?

Should you go with an Infrastructure-as-a-Service (IaaS) Cloud provider like Amazon.

or Amazon as a Software-as-a-Service (SaaS) yes… it does exist via 3rd party developers that are offering many services ranging from Db2, Oracle, Mail, WebServers, Video servers etc.

What about using Google as a Platform-as-a-Service (PaaS) where you write or rewrite you own applications using Java/PHP and then host them on Google.

or possibly Google as a Software-as-a-Service (SaaS) cloud provider (think gMail, Google Docs).

I don’t think there necessarily has to be one choice… or one Cloud Service…  after all it is the Internet.

To get started I think one of the first things that should be done is getting all the schools in all the LEAs on a level starting platform.   Why?

Some schools have

  • old Desktops
  • new Desktops
  • old laptops
  • new laptops
  • thin client (re using something like citrix)
  • maybe netbooks

The above computers may vary

  • CPU’s ranging from Pentium to Dual Core Intel to AMD to Atom processors
  • Memory ranges from 512Meg to 4 Meg
  • Hard disks (if they have them) 40G – 100 G

Network connectivity ability from

  • 10Mbps to 100Mbps ethernet
  • Wireless B, G or maybe N

For the most part those computers run Windows -but- that can mean anything from Windows 95 to  Windows 98, Windows 2000, XP  or Vista

Sorry Mac and Linux users … gotta focus here to make a point.  We’ll get to you later.

To level the starting platform you can’t just tell people to junk everything… and for the most part there isn’t a reason to if you think of clever solutions.

That’s enough to start the conversation… I’ll add more later but wanted to get my ramblings on this topic started.

Brian Mullan

Blog at WordPress.com.