Search This Blog

Monday, September 30, 2013

Shift Happens: Meet Tootie... the H is silent!

Q1Q42014 - Ubiquity Network
Virtual Desktop Deployment
Formerly H2T ("Here To There")

Project Goal: reduce the number of standalone PC client OS installs through the use of Remote Desktop Server and low-load virtual distributed desktop architecture.

Primary Benefits: reduction of dollar and time cost of standalone OS in maintenance and management ... extended deployment of existing client workstations with insufficient resources to run post-Win7 OS.

The Pitch:

With the challenging times facing our agency, we are having to ask staff to take on more, be many places and play many roles at once. Increasingly with the mobility requirements now facing these staff members, access to the information they need and the tools to process it must be "unlocalized" from their standpoint. In other words, their data and apps need to follow them, to be called up and look the same no matter where they are being accessed.

Enabling access to your desktop environment from a consistent interface on any internet-connected computer - independent of the OS, the location, or the network - is the intended outcome of this project.

This organization will continue the evaluation and promotion of remote desktop environments  - which it has already begun through the introduction of Microsoft Remote Desktop (Q2 2013) - for staff who need access to their work materials and tools from wherever they are. Previous to that it was LogMeIn (2008-2013), and so the remote desktop concept has been exercised for several years here in one form or another. 

The H2T - "Here To There" Ubiquity project is evolving out of that initiative. The goal is maximizing the value of our updated data service and reliability; and for desktops, not just extending the usable life of the current PCs in agency inventory, but also providing an extended access from non-agency PCs to make calling up "your" desktop a simple process of typing in a short web address (eg "") and using your email user and password to log in to your familiar Windows 7 workspace as you left it from the last time you logged in. Your stuff and your space, any place.

This is foundational infrastructure for a "secured anywhere desktop" initiative to enhance staff access to agency-critical computer resources, leverage existing hardware installations, enhance data security, and reduce administrative overhead inherent in Windows user/data security and management workload.


Thoughts and jots ... Updated 10-10-2013

I will be creating a proof of concept test environment with ESXi v 5.5 for a new client topology utilizing Cendio's Thinlinc (free 10 license pack) Windows Server 2012 and Hyper-V to centralize and virtualize a Windows 7 client experience at any internet-connected PC, including HTML5-capable web browser access.

POC Deliverable:

  • "Anywhere" Windows 7 desktop access with environment and data access spawned based on user, role, department, and organization variables submitted securely.
  • More IT security with integrated data access rules and centralized profile controls
  • Less effort to maintain standalone Windows 7 desktop installations as they are converted to Thinlinc native Windows 7 ThinPC "terminals".
  • The same access to unique applications (Boardmaker, CSS Databases) that require CD (or floppy!) media to function, as well as flash media, made available at the station they are using to log in.

Observation 09-30-2013: Really, after slogging through the desktop upgrades of XP machines, I think I would like to make this the last time I have to do bulk by-hand operating system upgrade for this agency. I will find out quickly what admin overhead this could either increase or reduce. 

I will explore: 
  • running the ThinLinc/RDP connections via native Win7 RD clients OR HTML5-enabled browsers on existing desktops
  • installing the ThinLinc "thin7" client on current Windows 7 installs
  • booting ThinLinc Client Operating System (TLCOS) Windows 7 ThinPC from a VHD on a few current Windows 7 machines and bridge the gap between OSes for awhile
  • building bare metal single OS (thin7) Here-To-There client "H2T" 
  • introducing non-MS desktop environments (Mint Linux?)
  • deploying TLCOS on Raspberry Pi hardware
  • deploying Linux OR Android clients on microPCs (MK802IV SE)
  • Alternatives to Active Directory that would play nice with Google Apps user management APIs
  • Alternatives to VNC for remote control of user session
    • 10-01: discovered how to use RD remote control and where to change permissions on users to allow viewing for server 2008).
    • Also found IntelliAmdin's Remote Control product, which has the added benefit of being able to choose among logged on users for both server 2008 AND WINDOWS 7!!! Much more stable than EchoVNC.
  • calling it Tootie (because the H is silent)
  • update 01.29.2014 - decided to rename this whole thing Ubiquity, well because it sounds cooler and has more meaning

The ThinLinc Windows Server 2012 HyperV server will be installed as a host OS on the ESXi host hardware (Intel i7 32GB), as well as an instance of our current Win7Prox64 image (as the virtual desktop host guest. I am hoping to set up the virtual desktop host (VDH) guest instances as NON-DOMAIN clients if it can be done. Taking on the Active Directory bull while attempting to shift the desktop paradigm might be biting off the unmanageable.

Much braining to do.


10-10-2013 - Having spent lots of time looking at platform options for both client and server, it looks like the most straightforward and cost effective way to go is Windows 7 ThinPC (or kiosk architecture such as thinkiosk) running on existing desktops (no less management needed; Software Assurance makes the OS "already paid for")., connecting to virtual machines running Windows 7 full desktop experience, with all the management features in place.

No comments:

Post a Comment