Friday May 10, 2013

Reduce IT Help Desk calls when using Oracle VDI

Enjoying beach life in the Caribbean or hiking in the rolling hills of Tuscany. Blue skies, great temperatures, wine, fine food and spending some quality time with family and friends. All the great things you can do in the upcoming holiday season.

Is this an introduction for a Travel Blog or a serious article about Desktop Virtualization ? It is the latter, but it has to do with the former: the problem of the forgotten password after returning from the holidays.

What is the problem ?

After a relaxing holiday you turn on your Sun Ray or launch your OVDC application to connect to your virtual desktop in the data center. But then it happens, your holiday was so relaxed that you forgot your password and you are forced to pick-up the phone and call the IT Help Desk to ask the SysAdmin to reset your password.

With the introduction of complex password requirements, this is not an unusual scenario. IT staff is often burdened with resolving these calls, resulting in an increased administrative load for the IT department. At the same moment, the end user loses valuable work time because he is locked out of the network temporarily and unable to work.

With an average of 5% of the users who forgot their passwords after the holidays and an average cost of US $25 per help desk call, this can cost an organisation with 10.000 users around US $12.500 per two or three days when the holidays are over.

How can we solve this ?

Password expiration, forgotten passwords or other user access privileges are addressed by Identity Management systems. There are several solutions on the market and also Oracle has a nice solution which is called the Oracle Identity Manager.

Explaining Identity Management is outside the scope of this article, so I skip that. But with a recently added and less known feature of the Oracle VDI broker (the Helper Function for the Desktop Login Screen) I explain how users are able to connect very easily to any web-based Help Desk system to do a Password Reset for example.

How is it implemented ?

You can add an item to the More Options menu in the Oracle VDI Desktop Login screen to run temporarily an alternative kiosk session. In our Forgotten Password example this might be a kiosk web-browser connecting to the Identity Management system. The picture on the left shows the added entry in the More Options menu.

The Helper Function feature is very easy to implement. First you configure the helper application in the Sun Ray kiosk interface. In my Forgotten Password example I use a Firefox web-browser. I provide kiosk scripts at the bottom of this article (helpdesk.sh and helpdesk.conf) which I store in the helpdesk directory. And the second step is to configure the Oracle VDI broker to add the kiosk session as Helper Function in the Desktop Login screen. On all of your Oracle VDI broker servers you should do the following configuration steps:

  • Configure the name of a directory in the /etc/opt/SUNWkio/sessions directory, in my example helpdesk:
     # /opt/SUNWvda/sbin/vda settings-setprops -p client.kiosk.type=helpdesk
  • Configure the label that displays in the More Options menu:
     # /opt/SUNWvda/sbin/vda settings-setprops -p client.kiosk.label="Help Desk"
  • Configure any optional kiosk session arguments and settings that should be used when starting the kiosk session. For my kiosk web-browser it is the URL to the Identity Manager server:
     # /opt/SUNWvda/sbin/vda settings-setprops -p client.kiosk.settings=http://server.url/

In the following video I demonstrate the Forgotten Password use-case scenario. In my demonstration I used the Oracle Identity Manager server (very kindly provided to me by my Oracle colleague Rene Klomp) to reset the password. When the new password is entered in the Identity Manager system, it is automatically synchronized with the Active Directory server that is used by the Oracle VDI broker for user authentication.

Help Desk Kiosk scripts

Here are the kiosk scripts that I used on my Oracle VDI Solaris server. Beware that you have to setup the correct Firefox prototype settings to store in the /etc/opt/SUNWkio/prototypes/default directory. I leave that as exercise for the reader . 

# more /etc/opt/SUNWkio/sessions/helpdesk.conf 
KIOSK_SESSION_EXEC=$KIOSK_SESSION_DIR/helpdesk.sh
KIOSK_SESSION_LABEL="Helpdesk Kiosk Mode"

# more /etc/opt/SUNWkio/sessions/helpdesk/helpdesk.sh #!/bin/sh FF_EXEC=/usr/bin/firefox if [ -z "$1" ] ; then zenity --error --text="No server specified\nConsult your System Administrator" else URL="$1" fi exec /usr/bin/metacity & if [ -x "${FF_EXEC}" ] ; then $FF_EXEC -P Kiosk $URL else zenity --error --text="The Firefox Web-browser is not installed\nConsult your System Administrator" fi

About

I post here hands-on examples which I have used in my Oracle VDI Desktop Virtualization projects at customers and partners.

Search

Categories
Archives
« May 2013
SunMonTueWedThuFriSat
   
1
2
3
4
5
6
7
8
9
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
       
Today