Hi, I’m Ben Meister from the Remote Desktop Virtualization team. We’ve been hard at work after the beta release earlier this year. This post highlights some of the features added and enhancements made in the Windows Server 2012 Release Candidate build. Special thanks to Snesha Foss and Shanmugam Kulandaivel for their major contributions to this post. By now there have been quite a few posts about Windows Server 2012 and the many features that Remote Desktop Services has introduced in this release. If you have not read them all, following are links to a few that are a must-read before delving further into this post. Klaas Langhout, Director of Program Management for Remote Desktop Services, posted an overview of Remote Desktop Services features earlier this month. Additionally, lab guides for deployment were posted on the Remote Desktop Services team blog with the release of the beta earlier this year. For an overview of new features in Remote Desktop Services in Windows Server 2012, please review the TechNet article What’s New in Remote Desktop Services . So what’s new? We’ve split this post into two sections to give you an overview of the additional changes in Remote Desktop Services in Windows Server 2012 Release Candidate. These are above and beyond all the changes introduced in previous builds of Windows 8 and Windows Server 2012. Core Infrastructure and Management RemoteFX Core Infrastructure and Management Windows PowerShell deployment Remote Desktop Services scenarios can now be deployed by using either Server Manager’s Remote Desktop Services management interface or the new Windows PowerShell cmdlets introduced with the Release Candidate (RC). The cmdlet interface can be used to build sophisticated automation to make the IT administrator’s life easier. Windows PowerShell deployments of Remote Desktop Services can still be managed with Server Manager if the servers in the deployment are added to Server Manager for monitoring and management. Nested OU Support In the Beta version of Windows Server 2012, only root organizational unit (OU) selection was provided in Server Manager when creating hosted virtual desktops. With the RC build of Windows Server 2012, Server Manager allows for virtual machine creation at sub-level OUs, allowing IT admins to create virtual machines for servers, desktops, and business units. Windows 7 SP1 as a guest operating system In the Beta version of Windows Server 2012, a little known fact was that virtual desktops could be created with a Windows 7 SP1 client guest operating system template. One requirement when using Windows 7 SP1 as a guest operating system is that you need to install the Hyper-V integration components for Windows 7 SP1 in the virtual desktop template used to create the virtual desktop collection. The User Profile Disk feature can be used with virtual machines created with Windows 7 SP1 to persist user state. Also, this feature allows Windows 7 SP1 virtual machines to be patched like a Windows 8 Release Preview client and managed similarly. However, since this is a Windows 7 SP1 client, the graphics enhancements in RemoteFX in Windows 8 Release Preview will not be available, and the user experience will be similar to that in RDP 7. User Profile Disks With the RC build of Windows Server 2012, user profile disks can now be stored on cluster shared volume (CSV) drives by using Server Manager or Windows PowerShell cmdlets. Additionally with this build, user profile disk share permissions, which had to be set up manually in the Beta by the IT admin, are now set up automatically on the shares in use with session collections or pooled virtual desktop collections. Updating the virtual desktop template In the RC build, when patching a virtual desktop collection, both software and hardware properties are now accepted. For example, if you created a collection with a 2-GB virtual machine and found that this was not sufficient for your user’s needs, you can now upgrade the memory setting on the virtual desktop template and patch the collection to enable all virtual machines in the collection with the new setting. All hardware settings are supported in patching your virtual desktop template. RemoteFX Metro-Style Remote Desktop App The Metro-Style Remote Desktop App in Windows 8 Release Preview is now available via the Windows Store, free of charge. The App features a variety of new improvements, including the Touch Pointer—a trackpad-like full-screen experience that makes interacting with legacy applications fun and easy by using touch in a remote session, no stylus required! WAN Experience Improvements We’ve made numerous performance improvements to RemoteFX features (such as RemoteFX Adaptive Graphics, RemoteFX Media Streaming, and RemoteFX for WAN) since the Beta release. The Release Candidate enables users on WAN networks to have a full fidelity experience—users can have a great experience not only with data-entry type applications, but even with graphically intensive and multimedia applications. In addition, the optimizations and improvements also result in lower network bandwidth consumption compared to the Beta release. Support for RemoteFX Graphics quality modes One size doesn’t fit all, and even more so when the needs of different types of end users differ dramatically based on the applications that they use. Keeping that in mind, we have added configurable quality modes for RemoteFX: Lossless mode for pixel perfect experience, High quality mode for near lossless experience at a lower bandwidth cost, and Medium quality mode for a visually identical experience at an even lower bandwidth cost. RemoteFX VGPU The RemoteFX virtual graphics processing unit (VGPU) now supports DirectX 11 graphics in remote sessions. Stay tuned for an upcoming post about further enhancements to the RemoteFX VGPU. Dynamic In-Session USB Redirection USB devices can now be selected for redirection even in the middle of a remote session, and can be swapped between remote sessions or to the local PC. When RemoteFX USB redirection is enabled, simply tap on the new “Devices” icon on the Connection Bar to choose which devices are redirected. Expanded USB Device Support Recently we released a KB article that enables the use of additional devices with RemoteFX USB redirection. Now you can use CD writers, specialty printers, phones, and much more in your remote session! Support for Changing DPI in Remote Sessions The Release Candidate supports changing DPI in a remote session. As an end user, you can log on remotely to another computer, RD Session Host server, or virtual desktop collection and change the DPI setting in the Control Panel, log off and log back on, and the remote session automatically adjusts to the desired DPI setting—a huge improvement for users that typically prefer the non-default DPI values. The DPI setting also gets stored in the user profile disks, enabling DPI customization for pooled virtual desktop collection users. Performance Counters We have added a number of performance counters that will enable IT Administrators to actively monitor their RD Session Host servers and virtual desktops and glean important performance information to troubleshoot user experience issues. The new performance counters can be found in the RemoteFX Graphics and RemoteFX Network categories in PerfMon. There are many more enhancements in this build which are not described here. We encourage you to deploy the RC build and preview the experience!
When you take Windows 8 Release Preview home and launch it, you’ll see a rich and immersive experience accelerated by a DX11 desktop. Your VDI solution should focus on bringing all of that to you, all while tackling the challenges of distance and connecting from anywhere. You’ll want a touch interface, smooth animations that give a tactile feel, and the richest set of applications and compatibility. You’ll want the ecosystem of software, hardware, and the Windows operating system to bring that together. When RemoteFX v1 released in Windows 7 SP1 early last year, we introduced a set of technologies for a rich PC-like experience for VDI. It was the first place where we introduced and emphasized host-side remoting, a render-capture-encode pipeline, a highly efficient GPU-based encode, throttling based on client activity, and a DirectX-enabled virtual graphics processing unit (VGPU). All these ideas proliferate more in Windows 8 Release Preview, and the VGPU gets better. The RemoteFX VGPU has invested in bringing the VGPU from DX9 to DX11, as well as in increasing the user experience through support for more monitors at higher resolutions. As hardware acceleration proliferates to more applications like the web browser, the VGPU will provide direct abilities to run applications at the higher levels of DirectX within Remote Desktop Virtualization Host (RD Virtualization Host). A DirectX11 experience is also available without a hardware GPU, through the software-emulated driver available in Remote Desktop Session Host (RD Session Host) and RD Virtualization Host. While this will provide a good experience, the VGPU will bring a hardware accelerated experience to virtual desktops. By using a VGPU, we are exposing the true acceleration of the physical GPU within virtual machines. Applications that leverage DirectX can operate with higher frame rates, behave as they would on a PC, and take advantage of the GPU. The VGPU desktop not only accelerates DirectX-based applications, but the desktop itself is on DirectX11, so it too will have all the responsiveness and smooth animations that you’d expect. We see this continued investment as bringing the richness of hardware acceleration to thin clients, as well as continuing the pathway for enabling GPU-backed experiences. As we work with partners to showcase the software in the best-in-class hardware, we will provide more communication about server models, GPUs, and drivers. That said, we’re eager for others to share their feedback with us via our RDS Web forum: http://social.technet.microsoft.com/Forums/en/winserverTS/threads . As users get started, we’d like to share some key requirements: As in SP1, we require a SLAT enabled CPU. For Windows Server 2012, we will require a Windows 8 GPU driver (DirectX11.1, WDDM 1.2) on the host, which will come from our GPU partners. For more information about the current AMD GPUs that support RemoteFX and their drivers, please see Mitch’s post here: http://blogs.amd.com/work/2012/06/13/taking-virtualized-graphics-to-new-heights/ . For more information about the current Nvidia GPUs that support RemoteFX and their drivers, please see Will’s announcement here: http://bit.ly/L4mxXs . As a final note, customers often ask me what the monitor resolutions are and how the maximum number of monitors has changed. So I wanted to provide the following tables to answer those questions. In a future post, we will add more about how the memory reservations have changed in Windows 8 Release Preview and other key changes. As always, we appreciate your feedback and enthusiasm. -eric han Maximum monitor resolutions in virtual machines in Windows 8 Release Preview: Maximum resolution Number of monitors per virtual machine Windows 7 SP1 Windows 8 Release Preview 1024 x 768 4 8 1280 x 1024 4 8 1600 x 1200 3 4 1920 x 1200 2 4 2560 x 1600 – 2 Monitor resolutions that can be in landscape and portrait modes: Resolution 640 x 480 1280 x 800 1600 x 900 2048 x 1536 800 x 600 1280 x 1024 1600 x 1200 2560 x 1440 1024 x 768 1360 x 768 1920 x 1080 1280 x 720 1440 x 900 1920 x 1200 1280 x 768 1400 x 1050 2048 x 1080
[Today's post comes to us courtesy of Shammi Dua and Charanjeet Singh from Commercial Technical Support and Guang Hu from Sustained Engineering] Update Rollup 3 for WSSG BPA (KB 2699813 ) is now available via Microsoft Updates, along with its installation tool (KB 2698659 ). There are 49 new rules added in this release of the WSSG BPA. With this, we now have 202 total number of checks. Small Business Server 2011 Standard 188 Small Business Server 2011 Essentials 107 Windows Storage Server 2008 R2 Essentials 51 Windows MultiPoint Server 2011 10 Small Business Server 2011 Standard ASRBackup – Backup fails because of a hidden partition ExchConsistencyBackup – Back fails because the Exchange transaction log is missing or corrupted SQLWriterBackup – Backup fails because of SQL writer issue BackupSuccessful – Last backup attempt failed OWAAppPoolIdentity – OWA app pool identity is not running under the default setting OWAAppPoolFramework – OWA App pool .NET Framework is not using the default setting OWAAppPoolPipeline – OWA App pool pipeline is not using the default setting OWAAppPoolBitness – OWA App pool bitness option is not set to the default ExchTransStartMode – Exchange transport start mode is not set to the default ExchTransStarted – Exchange Transport service is not running ExchTransStartName – Exchange Transport service account is not using the default account. OnlyUseLatestCLR – OnlyUseLatestCLR registry value is incorrectly set to 1 NTBackupInstalled – NT Backup is installed IISPortOwnership – IIS does not own port 80 (0.0.0.0:80) or 443(0.0.0.0:443) DefWebStarted – Default website is not running in SBS 2011 ReadScriptPerms – Read and Script permissions on the /remote virtual directory are incorrect HTTPRedirect – On the /remote virtual directory, HTTP Redirect is set or inherited HostHeaderDefWeb – Host header on default website for port 80 PowershellSSL – PowerShell virtual directory is not using the default SSL settings O365ProviderSvcStartName – Office 365 Provider service not using default account O365ProviderSvcStarted – Office 365 Provider service not started O365ProviderSvcStartMode – Office 365 Provider service not default start mode WSUSGPs – One or more WSUS Group Policies are missing RPCWebSite – Website registry value under RpcProxy set to “Default Web Site” KerbAuthModule – Default website has the KerbAuth module enabled WSManModule – Default website has the WSMan module enabled on it SPFarmADGroups – The account that is used as the SharePoint Farm account is missing one or more group memberships SPWebAppADGroups – The account that is used as the SharePoint Web Application account is missing one or more group memberships SPSearchADGroups – The account that is used as the SharePoint Search account is missing one or more group memberships SPFarmSQLSvrRoles – The account that is used as the SharePoint Farm account is missing one or more SQL Server roles WebConfigWWWRoot – Web.config file in the Default website’s physical directory MaxReceiveSize – One or more receive connector’s MaxMessageSize does not match the get-transportconfig MaxReceiveSize MaxSendSize – One or more send connector’s MaxMEssageSize does not match the get-transportconfig MaxSendSize EWSMaxReqLength – The /EWS virtual directories maxRequestLength doesn’t match the get-transportconfig MaxSendSize WSUSGroups – One or more of the default WSUS groups are missing WBEngineStartMode – The Block Level Backup Engine Services service is not using the default start mode WBEngineStartName – The Block Level Backup Engine Service service is not set to the default startup account ConnectCert – The common name on the certificate that is bound to the WSS Certificate Web Service website does not match the server name RDGatewayCert – The certificate for the Remote Desktop Gateway service seems to be bound incorrectly RemoteDomainExist – One or more email-enabled document libraries exist, but the Windows SBS Company Web Domain remote domain does not RemoteDomainTNEF – The Windows SBS Company Web Domain remote domain does not have TNEFEnabled set to $false Framework11 – .NET Framework v1.1 is installed Small Business Server 2011 Essentials ASRBackup – Backup fails because of a hidden partition BackupSuccessful – Last backup attempt failed NTBackupInstalled – NT Backup is installed IISPortOwnership – IIS does not own port 80 (0.0.0.0:80) or 443(0.0.0.0:443) DefWebStarted – Default website is not running in SBS 2011 ReadScriptPerms – Read and Script permissions on the /remote virtual directory are incorrect HTTPRedirect – On the /remote virtual directory, HTTP Redirect is set or inherited HostHeaderDefWeb – Host header on default website for port 80 O365ProviderSvcStartName – Office 365 Provider service not using default account O365ProviderSvcStarted – Office 365 Provider service not started O365ProviderSvcStartMode – Office 365 Provider service not default start mode WBEngineStartMode – The Block Level Backup Engine Services service is not using the default start mode WBEngineStartName – The Block Level Backup Engine Service service is not set to the default startup account ConnectCert – The common name on the certificate that is bound to the WSS Certificate Web Service website does not match the server name RDGatewayCert – The certificate for the Remote Desktop Gateway service seems to be bound incorrectly Framework11 – .NET Framework v1.1 is installed Windows Storage Server 2008 R2 Essentials NTBackupInstalled – NT Backup is installed IISPortOwnership – IIS does not own port 80 (0.0.0.0:80) or 443(0.0.0.0:443) DefWebStarted – Default website is not running in SBS 2011 ReadScriptPerms – Read and Script permissions on the /remote virtual directory are incorrect HTTPRedirect – On the /remote virtual directory, HTTP Redirect is set or inherited HostHeaderDefWeb – Host header on default website for port 80 WBEngineStartMode – The Block Level Backup Engine Services service is not using the default start mode WBEngineStartName – The Block Level Backup Engine Service service is not set to the default startup account ConnectCert – The common name on the certificate that is bound to the WSS Certificate Web Service website does not match the server name RDGatewayCert – The certificate for the Remote Desktop Gateway service seems to be bound incorrectly Framework11 – .NET Framework v1.1 is installed Windows MultiPoint Server 2011 MMSBeta – Microsoft MultiPoint 2011 Server appears to be a beta version Other than the rules, the update also includes some fixes . How to get BPA Update Rollup SBS 2011 Standard: By default, Microsoft Update points to the WSUS service in SBS 2011 standard. This update will show up in Admin Console’s Update tab to allow you to apply this update. Then this update will be shown available in Microsoft Update to be installed. You can also get this update by including Microsoft Update. In SBS 2011 Standard , launch Windows Update and select the option to Check online for updates from Windows Update . Then click the option for “Get updates for other Microsoft products” and complete the process to opt-in for Microsoft Updates. SBS 2011 Essentials: In SBS 2011 Essentials , you can simply go to Microsoft Update and click on “ Check for Updates” to get this update.
Update Rollup 3 for WSSG BPA (KB 2699813 ) is now available via Microsoft Updates, along with its installation tool (KB 2698659 ). Going forward, the current user experience related to BPA updates will change in the following ways: BPA updates will be visible and downloadable from Microsoft Update/WSUS. This requires an approval from the MU/WSUS. The original way of manually running the BPA tool and waiting for the notification of new updates is *not* applicable anymore. BPA tool is now available to be installed via Optional Updates from MU/WSUS for all SBS 2011 products which has no BPA installed. This update will also install MBCA silently during the patching.
The business-focused social networking website LinkedIn has this week confirmed that “ some ” user passwords have been hacked, stolen and compromised by what appears to be a Russian web forum. After initial reports suggesting that as many as 6.5 million properly encrypted passwords had been stolen, the company’s Vicente Silveira has detailed the steps taken by his company to rectify the issue. All members whose passwords have been compromised will now find that their LinkedIn account password is no longer valid. All these members will have received an email CONTAINING NO LIVE LINKS , but with instructions on how to “request password assistance” to then receive a subsequent email from LinkedIn with a password reset link. LinkedIn’s Silveira also reminds users that members whose passwords have not been compromised will still now benefit from additional security measures the company has put in place, which involve the “ hashing and salting ” of its current password databases. In his role as director at the San Francisco based social network, Silveira has also issued his own set of guidance on how to update your LinkedIn password and follow some industry-standard best-practice advice when it comes to security best practice. For those users who now want to visit the site and perform a basic password change, the BBC News website has provided the following instructions: Visit www.linkedin.com , and log-in with your details Once logged-in, hover over your name in the top right-hand corner of the screen, and select ‘Settings’ from the menu You may be asked to log-in again at this point On the next screen, click the ‘Account’ button which is near the bottom of the page Under the ‘Email & Password’ heading, you will find a link to change your password If you happen to use the same password that you use on LinkedIn for other sites, it makes very good sense to be sure to change those too. Email-based scams resulting from this high profile hack are reported to already include links to counterfeit drugs websites and data website e-Harmony. Users are reminded to be wary of all “warning” emails that differ from the format described above here. Users who want to continue to follow this story can follow official LinkedIn Twitter accounts at @ LinkedIn and @ LinkedInNews .