Thursday Aug 19, 2010
Wednesday Aug 11, 2010
By Jaap on Aug 11, 2010
One of the new features in the recently released Oracle VDI 3.2 software is the addition of the Dutch language in the Oracle VDI Desktop Login screen. In this article I explain how to change the default Desktop Login language to your preferred language (I use Dutch in the examples, because I live in the Netherlands ;-)
As soon as you connect with your Sun Ray DTU or Oracle Virtual Desktop Client (OVDC) to the Oracle VDI server you get the standard Desktop Login window. Most of the time, this window defaults to the English language (see the below picture). Through the "More Options, Language" drop-down menu you see a list of supported languages. With a few simple steps you can change the default language of the Desktop Login to your preferred language.
The Desktop Login window is launched by the Kiosk interface scripts. This is the glue between the embedded Sun Ray server software and the Oracle VDI broker software. The Kiosk interface scripts determines the language setting for the Desktop Login window through the underlying operating system. In our Solaris 10 Oracle VDI server this is done with the locale parameters.
During the Solaris 10 Operating System installation, the English version of Solaris is installed by default. Most likely you only provided information about the timezone of your server and not the information for your geographic regions and software localizations. On the Sun Developers Network website you can check a list with locale settings in the Solaris Locale Chart. To use the Dutch language in the Oracle VDI Desktop Login we need the nl_NL locale which is part of the Western European Region (WEU) in Solaris 10.
Follow the next four steps to configure your preferred language for the Oracle VDI Desktop Login window:
1. Check the installed locales on your Oracle VDI server with the following CLI-commands:
# First check the current locales on the server (in this case it is the default) root@server:# locale -a C POSIX iso_8859_1 root@server:# # Or check if the Dutch locales are installed on your server root@server:# locale -a | grep nl nl nl.ISO8859-15 nl_BE nl_BE.ISO8859-1 nl_BE.ISO8859-15 nl_BE.ISO8859-15@euro nl_BE.UTF-8 nl_NL nl_NL.ISO8859-1 nl_NL.ISO8859-15 nl_NL.ISO8859-15@euro nl_NL.UTF-8 root@server:#
2. If your locale exists go to step 3, otherwise load your preferred locale from the Solaris 10 installation media (the Solaris 10 installation DVD or the downloaded Solaris 10 iso-file):
# Insert Solaris 10 DVD in your drive, it will be automounted under /cdrom # In my example we install the nl_NL locale root@server:# localeadm -a nl_NL -d /cdrom/sol_10_1009_x86/ ... ... root@server:# # Use the following CLI-commands if you installed from an iso file # Find your iso file (in my case /stage) and mount the iso into a directory /mnt root@server:# mount -F hsfs -o ro `lofiadm -a /stage/sol-10-u8-ga-x86-dvd.iso` /mnt root@server:# localeadm -a nl_NL -d /mnt ... ... root@server:# umount /mnt; lofiadm -d /dev/lofi/1 root@server:#
3. Configure the locale in the Sun Ray Kiosk general properties settings:
- Go to the Sun Ray sever Admin GUI (https://server:1661/) and login with root/passwd
- Select Tab Advanced, sub-Tab Kiosk Mode and select Edit to change the properties for the Oracle Virtual Desktop Infrastructure session type.
- In the Locale property configure your preferred locale as shown in the below picture and save the properties
4. Restart your DTU session to show the new Desktop Login Language setting:
- You can do this by selecting Quit in the Desktop Login window, or
- You can do this with the key sequence CTRL-ALT-BS-BS.
By Jaap on Aug 11, 2010
Hot off the press: Oracle VDI 3.2 is released today. Some of the new features in Oracle Virtual Desktop Infrastructure 3.2 are:
- Global hot-desking: to build multiple Oracle VDI clusters in different data-centers. This can be used for roaming of users over multiple locations (nation-wide or world-wide) or used in disaster recovery scenario's where users can be offered a guest-desktop in another data-center if there is a disaster in their home data-center.
- Multi-company capabilities: this especially is useful for service-providers who want to offer a Virtual Desktop service to multiple customers where every customer is using its own (Active/LDAP) Directory.
- For Windows (XP and 7) there is a Fast-preparation option instead of using the default Microsoft system prepartion. This is useful to speed-up your cloning process.
- Oracle branding and download from the Oracle e-delivery website.
See the following links for more information:
Stay tuned for more updates on this new release !!
Monday Jul 19, 2010
By Jaap on Jul 19, 2010
I wanted to test OVDC with the new smart card functionality to hotdesk my Desktop session between a Sun Ray DTU and the OVDC. But I encountered a small issue when using the smart-card (in fact I was to lazy to read the Release Notes :-)
Before using OVDC you have to enable access for it on the server. This is done automatically if you use the Sun Ray server software as part of the full Oracle VDI stack. But you can also do this manually via the Sun Ray Admin GUI. However, for enabling OVDC access with a smart card this option is not available yet in the Admin GUI. Below I explain what I did in my demo-server infrastructure.
I connected with OVDC on my Windows XP notebook with integrated smart card reader to the patched Sun VDI server and I did get the standard Oracle/Sun VDI Desktop Login screen. When I inserted a smart card in my Windows XP notebook, it connected to the VDI server, but it did not get the Desktop Login screen. Instead, I did get a little icon with a status code 47 in the lower right.
On the Sun Ray Wiki you can find a page with SRSS Troubleshooting Icons, where I found that status code 47 means No access for Sun Desktop Access Clients. The Release notes of OVDC helped me to find out that I can enable access for OVDC smart card sessions with the utpolicy CLI-command and the switch -u to specify the policy for card, pseudo or both (resp. smart card session, non-smart card session and both types).
I logged into my Sun VDI (or standalone Sun Ray) server as the root user and I changed the Sun Ray server policy with the following commands:
# First check the current policy on the server root@vdiserver:# /opt/SUNWut/sbin/utpolicy # Current Policy: -a -z both -k both -m -u pseudo # Change the policy (-u both) to accept card and non-card OVDC sessions root@vdiserver:# /opt/SUNWut/sbin/utpolicy -a -z both -k both -m -u both # Restart authentication manager (needed for policy change) root@vdiserver:# /opt/SUNWut/sbin/utrestart -c root@vdiserver:#
After the restart of the Sun Ray Server services and reconnecting OVDC to the server I could hotdesk my Virtual Desktop session between the Sun Ray DTU and the OVDC software client.
Thursday Jul 15, 2010
By Jaap on Jul 15, 2010
I continue with my articles about Solaris Administration for Oracle VDI Administrators, my first article was about adding Solaris Freeware packages, this article is about installing patches.
If you have a valid support-contract for your server software, you are able to download patches from the sunsolve.sun.com website. Sometimes (but not very often :-) there are patches released for Oracle VDI.
A good source to keep you up-to-date on Sun Ray and Oracle VDI patches is the Sun Ray Users Group website, where you can find
an overview of current and older versions of patches (Edit: better to use the official Sun Ray Wiki page with an overview of Sun Ray Software patches).
Recently a patch for Sun Ray firmware was released to support the new Sun Ray 3+ client in the current Sun Ray server software. For example, to check if you already installed
that 140994-02 patch (Edit: I just found out that there is a new revision of this patch: 140994-03) on your x86 Oracle VDI server, you can execute the followng CLI-commands on your Oracle VDI or Sun Ray server:
# To show patch versions of all the patches on your server root@vdiserver:# showrev -p # Check if a specific patch have been applied to a system, e.g. 140994 # There is no result when the patch is NOT applied, otherwise root@vdiserver:# showrev -p | grep 140994 # To check which Sun Ray Server specific patches are installed on your # server (output is a list with the installed patches) root@vdiserver:# /opt/SUNWut/lib/utspatches
I'm not going to tell how to patch the server, this information is provided in the README file of the patch description. Most likely before and after applying a patch with the patchadd CLI-command, you have to do some additional instructions.
Friday Jun 25, 2010
By Jaap on Jun 25, 2010
The core component of the Oracle VDI solution is the Oracle VDI broker/session manager which you deploy in your session management layer of your Virtual Desktop infrastructure. It is an integrated stack of software components with a single installer which you install on a Solaris server: one server if you want to demo or evaluate the software or in a cluster of servers for production use.
After initial installation and configuration the server behaves like an appliance, you administer the Oracle VDI platform through the web-interface. Also the Sun Ray server component is managed through the web-interface.
Although you do not need to be a Solaris expert (most VDI platforms are managed by administrators from the Windows domain) to manage a Oracle VDI broker/session manager server, some Solaris command line knowledge is a value add in managing the Oracle VDI platform.
I hope to write some articles in the future about common Solaris SysAdmin jobs that could be used in the daily life of Oracle VDI Administrator. In this post I like to show some commands that you use when you add additional software packages to your Solaris Server. I do not present the output of the CLI-commands, you are encouraged to execute the below instructions on your Solaris Oracle VDI server to understand the output.
Usually when I have installed a Solaris server, I add additional packages from the public domain that I have downloaded from Sunfreeware.com, the Freeware for Solaris package repository. An example of such a package is rdesktop, the X-windows client for Windows terminal servers. You may think why should I install this package (Oracle VDI has its own uttsc RDP-connector), but I explain that later.
# Decompress the downloaded package root@vdiserver:# gunzip rdesktop-1.5.0-sol10-x86-local.gz # Install and transfer the software package to the system root@vdiserver:# pkgadd -d rdesktop-1.5.0-sol10-x86-local # Check software package installation accuracy (before you add to the system) root@vdiserver:# pkgchk -d rdesktop-1.5.0-sol10-x86-local # Check if software package is already installed root@vdiserver:# grep rdesktop /var/sadm/install/contents # Or check if software package is already installed with pkginfo root@vdiserver:# pkginfo | grep rdesktop
If you do install this rdesktop package on your server, do not forget to install the dependency packages as described on the Sunfreeware.com website.
Sample rdesktop use-cases:
As you may know, the uttsc RDP-connector in the Oracle VDI server (or the stand-alone Sun Ray server software) only displays on a Sun Ray client. It does not work when it is executed from the console of the server or via a remote SSH session. For this purpose I use the rdesktop RDP-connector.
Consider you are working on a Apple or Linux notebook (or your Windows desktop with a local X-display) and you want to test the RDP connection from a remote Oracle VDI server to a Windows system (might be Windows XP virtual machine or Windows 2003 Terminal server) then these are the commands that you can use:
# Connect with RDP from VDI server to a Windows Terminal server jaap@notebook:# ssh -X root@vdiserver /usr/local/bin/rdesktop ip-address-wts # Assume you know Virtual Desktop VM IP-address via Oracle VDI # web-interface, connect with RDP from VDI server to a VM jaap@notebook:# ssh -X root@vdiserver /usr/local/bin/rdesktop ip-address-vm # This is cool: use the VDI server's RDP broker to test a Virtual Desktop VM # of an assigned user # Warning: passwd may be visible on vdiserver when tools like "ps" are used. jaap@notebook:# ssh -X root@vdiserver /usr/local/bin/rdesktop \\ -u username -p passwd ip-address-vdiserver # Same use-case, but you hide the passwd and have to enter the windows passwd # after you have entered the SSH passwd jaap@notebook:# ssh -X root@vdiserver /usr/local/bin/rdesktop \\ -u username -p - ip-address-vdiserver
That's it for now, please let me know if you have specific wishes for this series of articles. Or let me know what CLI-commands you are struggling with as a Oracle VDI administrator.
Tuesday Jun 15, 2010
By Jaap on Jun 15, 2010
During a Virtual Desktop deployment project there are always multiple groups in the organization that are responsible for parts of the architecture. This is the challenge for the project manager and the lead architect of the project: make sure these groups work together and streamline the communication and architectural decisions.
In one of our projects where we worked with the Oracle VDI software and Windows XP virtual desktops running in a VMware vSphere virtualization back-end we had a little issue that was caused by a lack of communication between the SysAdmins (in this case between the VMware SysAdmins and the Oracle VDI Admins, who were not in the same group).
As you may know the Oracle VDI session broker is assigning and connecting end-users to virtual desktops. When a user logs in to the desktop client, Oracle VDI requests a virtual desktop IP-address of the assigned user from the VMware vCenter server. When vCenter returns the IP-address, Oracle VDI establishes a session between the user's desktop client and the virtual desktop.
Back to our project. During a system maintenance window in the non-office hours, the Oracle VDI cluster was rebooted. When the system came back online again, the end-users couldn't login anymore into their virtual desktops. After some trouble-shooting we found out the connection between the Oracle VDI cluster and the VMware vCenter server failed (see the example screen-shot of the Oracle VDI GUI):
The reason the status was reported as Unresponsive had to do with a changed Administrator password in the Windows 2003 server where the vCenter software was running. The password change was implemented by the VMware vCenter Administrator several weeks before this issue happened, but it did not impact the connection between vCenter and Oracle VDI at that time.
Oracle VDI takes advantage of the web services API provided by the VMware Infrastructure SDK to communicate through HTTPS with VMware vCenter. When you setup a connection between the two components you have to verify that the servers are able to communicate:
- verify that the VMware vCenter Webaccess component is installed and configured.
- verify that Port 443 (HTTPS) is enabled in any firewall that may be active on the vCenter server system.
During configuration of the VMware Desktop Provider in the Oracle VDI GUI you specify the server properties and the administrator credentials of the vCenter server as shown in the left image.
At this time Oracle VDI opens a HTTPS connection to the VMware vCenter server for the first time (this open connection also happens during an Oracle VDI service startup after reboot).
This connection is cached and re-used as long as possible. In Oracle VDI there is a system thread that periodically checks if the connection is still usable. If it's not usable it tries to reestablish a new one.
The issue was solved when we updated the password of the VMware Desktop Provider settings in the Oracle VDI broker. This is done by the CLI-command vda and VMware DP as the name of my provider:
root@vdiserver:~# vda provider-vc-setprops --properties=password-prompt "VMware DP" Enter password for host vc.sunvdi.local: XXXXXXXX Updated Provider Settings root@vdiserver:~#
When the password was changed, Oracle VDI reported Status OK in the VMware vCenter Desktop Provider Summary overview and since that change all the end-users could connect again to their assigned desktops.
I leave it up to the imagination of the reader to conclude the moral of the story :-)
Tuesday Jun 08, 2010
By Jaap on Jun 08, 2010
The Oracle VDI server software is an integrated stack with a single installer. It installs several components in the Solaris server system such as the vdi-core, the embedded cluster database, the rdp-broker and last but not least, the Sun Ray server software.
After the installation and configuration of your Oracle VDI cluster, the Sun Ray server software is by default configured in kiosk mode policy with Oracle VDI as the standard application. When you connect a Sun Ray DTU device to the network it always displays the standard Desktop Login screen as shown on the left, both for smartcard or non-smartcard access.
When you enter your user credentials you are connected to your assigned virtual desktop. Wherever you are, wherever you go, you are always connected to your own desktop. This is perfect for the end-user, but the System Administrator always has more wishes to connect to the IT-system.
The SysAdmin responsible for the Oracle VDI cluster manages the infrastructure of the virtual desktop platform with the web-based Oracle VDI GUI. With the GUI the SysAdmin manages the following components:
- the connection to the user-directory (such as the Active Directory),
- the connection to the virtualization platforms (Virtual Box or VMware) and the storage infrastructure,
- the assignment of users to desktops,
- the pools where the virtual desktops resides on the platform.
For the more advanced features the SysAdmin has the possibility to access the underlying Solaris system and use CLI-commands or inspect log-files. Most likely, the SysAdmin desktop device or laptop is connected to a management network and he logs into the Oracle VDI server using the SSH-protocol.
I always find it useful to add another access mechanism for the SysAdmin. This is typically needed when you want to support the end-user at his desk in his office and want fast access to the Oracle VDI server to troubleshoot for example. I configure a smart-card which offers me a regular Solaris desktop on the Oracle VDI server (note: this is unsupported for end-users in the VDI model, but IMHO fine for limited use for SysAdmins).
Configuring the smart-card for Solaris access is very easy to do, a few CLI- commands on the Oracle VDI server while your smart-card is inserted in the Sun Ray DTU. First you discover your smart-card tokenID with utsession -l (in my case it is MicroPayflex.500406f700130100), you register the smart-card with utuser -a in the Sun Ray server data-store and then you override the standard smart-card policy with utkioskoverride -s regular for this smart-card tokenID:
# utsession -l Configuration for token ID 'MicroPayflex.500406f700130100': encryptUpType=ARCFOU encryptDownType=ARCFOUR authenticateUpType=DSA authenticateDownType=simple securityMode=hard clientAuthenticationMode=soft clientKeyStatus=unconfirmed clientKeyID=5f368b597f32fd5944229e5a676add14 terminalCIDs=IEEE802.0021281506de # utuser -a "MicroPayflex.500406f700130100,,,jaap," Added one user. # utkioskoverride -s regular -r MicroPayflex.500406f700130100 The session type has been successfully changed. Please note that changes will only take effect the next time a session is started for the specified token # utsession -t MicroPayflex.500406f700130100 -k #
The last CLI-command utsession kills your current Sun Ray session (the one with the Oracle VDI Desktop Login screen) and returns with a regular Solaris Desktop login as shown in the picture below.
The utkioskoverride is a very powerful CLI-command. One of the Sun Ray engineers has written a nice blog about Using different Kiosk Sessions for different tokens. Recommended to read if you need some more flexibility in Kiosk configuration settings.
I post here hands-on examples which I have used in my Oracle VDI Desktop Virtualization projects at customers and partners.
- Reduce IT Help Desk calls when using Oracle VDI
- Connect Oracle VDI with Oracle Enterprise Manager
- Oracle VDI 3.5 Installation notes for Solaris 11.1
- Scott McNealy and Sun Rays
- Oracle Virtual Desktop Client for iPad 1.1 is released
- White Paper: Design Proposal for Hosted Virtual Desktops
- New technical product guide for Sun Ray clients
- Oracle Virtual Desktop Client on iPad in action
- Oracle SGD 4.61 Released
- Sun Ray Software 5.2 Released