Thursday Feb 03, 2011

Moving/migrating/promoting a local Windows user profile to a Domain profile

You have installed a fantastic VDI setup on a single server and you are eager to test it.... But boy, all that work of putting together a Domain Controller is just too much - you don't have a Windows 2003/2008 server CD, nor the license, so you take the quick way out, cheat death and install OpenDS using QuickSetup.

Next, you import that good old Windows 7 VM you have been using on your laptop and enable it through VDI by using a Generic Desktop provider, and of course, as you don't have a Domain Controller, you manually make it work by having the same login and password on the VM and in OpenDS, great too, all works.

But eventually, you realise that you really want to clone VMs and test fastprep and get other users to test all this, and your OpenDS strategy starts looking not so good so you rack up the nerve to put it all together and install your Domain Controller and move your VDI install away from OpenDS. All good too, except you now find that through the domain, you can no longer login with your old user into your good old Windows 7 VM, because, well, Windows considers the local user and the domain user, different ones. So how do promote that local profile for your user to a Domain profile and live happily ever after?

I spent a fair bit of time doing research on the web to find the easiest solution, one out of Microsoft, if possible. I got close when I learned about Windows Management Instrumentation - User Profiles provider. But I failed at finding clear instructions for Windows 7, and then, I found MOVEUSER.

Needless to say, it worked. Thanks Ohio University, thanks Ron Williams!

Thursday Jul 24, 2008

A "USB Drive" daemon for Sun Ray sessions - AKA "usbdrived" (V2)

Hopefully you are reading this because you either have a need to better present USB disks via the Sun Ray platform or because you are an "existing customer" of version 1, first blogged here.

After looooong in the making and with careful analysis of requirements and listening to useful feedback from the likes of Brad Lackey, I am pleased to announce that "version 2" of the good old "usbdrived" is finally ready  (well, not really v2,  it has had more iterations than that...)

Features that you will find in this version are:

  1. Multiple mount partitions & drives connected to the same Sun Ray

  2. Mount point "unwriteability" (Yeah!)

  3. Address Gnome/JDS and Windows sessions from the same script, automatically

  4. Polished Disk icons on Gnome/JDS (instead of links)

  5. No stale mount points presented to the end user

  6. Usage documentation provided as text files on the desktop/mountpoint (this can be switched off)

  7. Installer for system-wide or single user with no root permissions

  8. Single point of aggregation for all Windows mounts (Drive "USBDRVS")

Simply download it, and then execute it (chmod +x first) on every Sun Ray server of your FOG, like so:

./usbdrived install

Option 0 will give you generic install instructions... Enjoy!


I get a lot of comments telling me "it doesn't work, can you help me?" - as it turns out usbdrived is actually a pretty simple beast, and if you think it's not working, you may be looking in the wrong place. Start with some of these hints:

  • Can you see usbdrived running in your Solaris session? (ps -ef | grep usbdrived)

  • Can you see a file called "Attaching USB Drives to your Sun Ray README.txt" on your Solaris desktop?

  • Did you install it properly? If so, can you see and what permissions does this have:
    It should be executable by everybody, something like rwxr-xr-x

  • When you plug in a USB drive, does it mount in /tmp/SUNWut/mnt/<username> under Solaris?

  • Under Windows, can you see in  "My Computer" a Network drive (In "Others") called "USBDRVS" and is there a file within that explains usage?

  • Have you hit refresh in file manager when looking at your USBDRVS mount?

  • Most important and useful of all: Do any mounts show up if on a Solaris Sun Ray session you issue:
    /opt/SUNWut/bin/utdiskadm -l

  • With Sun VDI 2.0, make sure that you have properly positioned your arguments in the kiosk call, as "-service hostname" needs to be the last parameter:
    -t 1800 -- -m -b -r disk:USBDRVS=$HOME/USBDRVS -service localhost

  • With Sun VDI 3.0, this works for me:
    -- -m -b -r disk:USBDRVS=$HOME/USBDRVS
    where the actual vda kiosk parameters go to the left of "--"

  • With the Sun Ray Connector for VMware View, this works for me:
    -s viewmanager-server -http -- -m -b -r disk:USBDRVS=$HOME/USBDRVS

  • Unfortunately, NOT ALL USB drives work. Some drives, Solaris refuses to mount (PCFS issues) either because the device is simply not "liked", or because Solaris can't read the file system. Look at "dmesg" for errors.

  • Is your drive FAT16/32 or is it NTFS? The latter does not work, the formatting mut be FAT.

  • Many people have asked me why passing the parameter does not work
    as explained within the script... It appears that people look at the guts of the
    script to understand the instructions and bump into the line that reads
    and assume that that is the literal context. Noooooo! That "\\" is there
    so that when you read the instructions offered via the command line
    option of "usbdrived install" and press "0", the actual HOME directory
    of the user is not displayed...

NOTE OF SUPPORT: This tool is provided as is. It is not supported by Oracle. If you find any issues, please contact me and will try to help!

    Thursday Mar 27, 2008

    Windows VM cannot connect to USB devices on a Keyspan USB Server?

    So you've built yourself a network treat: a Windows XP Pro VM (virtual machine). Now you have a desktop that you can take anywhere with you. Next thing you'll want to do, is get your USB devices back online, except you can't attach them to the VM, because, well, it's a VM after all.

    The best solution so far (I disagree with and have a distaste for USB devices plugged through your client) is still USB over IP. It's good for a number of reasons, such as, a device can be easily shared by a number of users without having to travel with it (think of a scanner) and because you can dettach your session from your client and the device stays connected to your session (think of a USB drive copying a large amount of data).

    That said, because you most likely built your VM from scratch (and not P2V), the Windows installer got really clever: it decided that since your hardware had no USB ports (it's a VM!) you wouldn't need USB support, right? Not anymore, unless you want to throw that Keyspan USB server or Digi AnywhereUSB server into the bin.

    What to do? Quite simple really...

    - Get hold of that Windows media one more time

    - Find in it this file: I386\\usbd.sy_

    - Copy it to your VM as: c:\\windows\\system32\\drivers\\usbd.sys

    - Reboot your VM

    - Enjoy having your devices on the network too.

    Friday Dec 07, 2007

    Sydney Business and Travel Academy - A Cool and Heterogenous Sun Ray Setup

    After running a little proof of concept (I spent less than half a day there) at the Sydney Business and Travel Academy (SBTA) I was surprised with the speed at which things moved there to make Sun Ray the desktop platform of choice. That's when it became obvious to me the amount of pain they were going through with their current setup of about 200 PCs and servers running Linux, LTSP and Windows. Enter Sun Ray, and all of a sudden, it's a fresh start for them - three servers for the whole joint, nothing to manage at the desktop nevermore, Windows using the Sun Ray Windows Connector for those who must, and only those who must, and mobility to become a given.

    For students, there's little change, except the open source desktop they use on the new "workstations" is Solaris' JDS with StarOffice. Better yet, the students got locked down to printed smartcards with their student details on them, and access to the system only with a registered smartcard, hard tied to their login (no card sharing!) At the end of their tenure, their card is de-registered to revoke access forever, and so the card just becomes a memento.

    But by far the most interesting thing about their deployment (let's face it, the above functionality is just standard functionality of the Sun Ray framework)  is how they physically locked the Sun Rays down to the desks, using a clever little bracket dreamed by the systems integrator and Sun partner, Noveix, and made by Argent . Check the pictures below for a simple and fantastic way of providing "locked-down" access to a workstation:

    So, in the face of this, I decided to re-acronym SBTA: Special Bracket is Totally Awesome! And, monitors screwed to the desk too. Sweet!

    In closing, this is what the same room looked like before - sorry I can't reproduce the noise!

    Friday Jul 13, 2007

    Enabling credentials pass-through to Windows TS running Novell Client

    It is often necessary (and useful) to be able to automate credentials pass-through from Secure Global Desktop and the Sun Ray Windows Connector to a Windows Terminal Server that uses the Novell login "GINA" (Graphical Identification and Authentication).

    Unfortunately, this doesn't work out of the box, unless you follow these instructions:

    1. Upgrade your Novell client to 4.91SP3
    2. Create the following registry entries in HKLM\\Software\\Novell\\Login
      TSClientAutoAdminLogon = 1
      DefaultLocationProfile = <LocationProfile> (Go for "Default")

    Thanks go to Jon Knight for this valuable information - and for putting it all together. I finally got a chance to test all this at a customer site and it worked instantly, and while some of this has been documented for other platforms, I wanted to make a special mention: it actually works flawlessly with both SGD AND the Sun Ray Windows Connector (which of course presents us with different challenges and opportunities!)


    A thin thinker down under


    « February 2017