Break the Hardware Upgrade Cycle with Win4Lin Windows Virtual Desktop Server
Because provisioned users will receive a fresh copy of the master image each time they log in to the VDS, it's not critical that you fully customize your image right away. In theory, you can skip to creating your user profiles right now and then come back and customize your master image later. In practice, however, there are a few reasons why you probably should do it now:
Familiarity: it's quite likely that one of the reasons your organization is using VDS to swap out the infrastructure is to minimize the impact on users. Therefore, common sense seems to say that every effort should be made to provide users with the most familiar desktop and set of applications possible.
Security: because users' sessions are refreshed with a copy of the master image every time they log in to the VDS, it's easy to think that security can take a back seat. If the OS is refreshed back to the master image at least daily, how much damage can spyware, malware or a virus do? That's a good question, but consider what can happen if your master image contains malware or a virus. Lock it down, now (Figure 3).
Technical: the master profile cannot be running when any user profiles are running. Because you have to fire up the master profile in order to make changes to it, failing to customize it now might mean a lot of off-hours work in the near future—or significant work disruptions as all users are forced to log off and stay off while the master image is worked on.
Now is probably a good time to take another backup of your image. Every time you make a change to the master profile, it's wise to create another backup of the image. Remember that if your image becomes corrupted, a whole lot of users won't be able to get their work done until you've restored it. It takes only a few minutes to copy a 4GB image back to the master directory, but it takes a lot longer to re-install Windows or bring an old image up to date.
The Win4Lin VDS service should start itself. If it doesn't, or if you need to restart it from some reason, you can do so with:
Only provisioned users will be able to use the master profile. System users that are not intended to use VDS need not be provisioned, but the provisioning process must be done under each user's account. If you have only a few users, if might be quicker to su to each user account and run the import command manually. If you have many users, however, some clever bash scripting or log-on scripts might be in order to facilitate the process. In my example, this means I have to log in as both jwatson and dwatson and run the following command:
The master profile has been created, and users have been provisioned. The bulk of the server work is done now, and any changes made to the master profile from this point on (such as new applications being installed or patches being applied) will propagate on down to provisioned users each time they log on.
But, how will these users log on? It's time to install a client.
As mentioned before, there are several ways to connect to a VDS. I look only at the Win4Lin client as it is free and easily attainable.
Using the native Win4Lin client against the VDS server provides the best speed and feature set. The Win4Lin client can be downloaded from the Win4Lin site (www.win4lin.com/component/option,com_repository/Itemid,76/func,fileinfo/id,2) and comes in flavours for Linux, Solaris, Windows and source.
Strangely, although the VDS itself is available in both DEB, RPM and a tarball, the Linux client isn't available in DEB format. Because installing from source usually makes me lose my lunch, we're going to grab the RPM, use alien to convert it to a DEB and then use dpkg to install it on a Debian-based system. Here are the steps:
Download the RPM from Win4Lin.
Run sudo alien wtsclient_1.0.0-4_i386.rpm.
Run sudo dpkg -i wtsclient_1.0.0-4_i386.deb.
Run the wtsclient command to connect to the server.
The Win4Lin VDS can be configured to deliver a single application or an entire Windows desktop. We connected both configurations to the Win4Lin demo server and provided two screenshots. The first screenshot shows an entire Windows desktop configuration, and the second shows only Internet Explorer being delivered to our Linux desktop (Figures 4 and 5).
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- The Humble Hacker?
- Server Hardening
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- The US Government and Open-Source Software
- ACI Worldwide's UP Retail Payments
- Open-Source Project Secretly Funded by CIA
- Varnish Software's Hitch
- New Container Image Standard Promises More Portable Apps
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide