The Best Thing SinceSliced Bread & Velcro =Remote Access Computer LabsLabMan 2005 – Cornell University

Overview

• Goals of remote labs• Remote access strategies• Concerns• UWSP solution

Goals of Remote Labs

• Students no longer tethered to a computer lab desk• Save budget on equipment, computer lab space and

lab staff• Make computer lab services available 24 hours a day

from anywhere• Preserve “the XPerience” of using a computer lab PC

Current UWSP “XPerience”

• H: drive access• Roving network profile – email & Office & IE• Local machine software• Network software menu• Full power of PC for each user

Remote Access Strategies

• Citrix MetaFrame / Microsoft Terminal Server• Microsoft Remote Desktop

Citrix/Terminal Server Example

• Citrix MetaFrame access infrastructure solution:

Citrix/Terminal Server Example Cont’d

• At Purdue University:• Citrix® MetaFrame® Presentation Server running on 46

servers: HP Proliant DL580 servers with 4.5 GB RAM, Quad Xeon 700MHZ and Dell PowerEdge 2650 servers with 4GB RAM, Dual Xeon 2.2 GHZ

Concurrent Users: 1400 (approx. 30 users per server)•

Microsoft® Windows® 2000 Advanced Server

Connections include dial-up, broadband, DSL, cable modem, wireless LAN and Internet

Client devices include Macintoshes, PCs, Linux and UNIX® devices

Remote Desktop Examples

• UCLA

[VPN & Remote Desktop]• North Carolina State

[Reservation IP & Remote Desktop]• UW-Madison Engineering Labs

[PuTTY Tunneling & Remote Desktop]• University of Illinois-Springfield

[VPN & Remote Desktop]

Strategy Concerns

• Total Cost of Ownership (TCO)• Software• Bandwidth• Storage/Processing• Printing

Concerns – Total Cost of Ownership (TCO)

Citrix/Terminal Server:• Buy Terminal servers & server software• Learning curve for support technicians

• New hardware support• New software support

• Training end-user support staff on new service• Training end-users on new service

Remote Desktop:• Can use existing servers and software• Can use existing PCs and software• Low learning curve for end-user support staff & end-users• No learning curve for support technicians

Concerns – SoftwareCitrix/Terminal Server:

• Possibly can share existing application software licenses• Possibly can use existing application software license control

(e.g., Key Server)• Possibly can use existing software installation, maintenance

& upgrade systems (new learning curve?)

Remote Desktop:• Know we can share existing application software licenses• Know we can use existing application software license

control (e.g., Key Server)• Know we can use existing software installation, maintenance

& upgrade systems (no new learning curve)

Concerns – Bandwidth

• Citrix/Terminal Server/Remote Desktop technologies essentially the same, therefore, bandwidth concerns are similar

• On-campus users = no concern• Off-campus users = Internet pipe limitations:

• RDP settings can be somewhat limited to ensure the best overall experience yet still conserve bandwidth & experience of other users/protocols

• Allocation of bandwidth for university priorities to ensure QoS (e.g., Packeteer)

Concerns – Storage/Processing

Citrix/Terminal Server:• Local performance – multiple users saving large files on Citrix/Terminal

Server simultaneously = bottleneck?• Remote performance – multiple users saving large files on network

simultaneously = bottleneck?• Processor-intensive task – multiple users share one or more processors

= lesser performing environment per user

Remote Desktop:• Local performance – single user gets full performance of PC when

saving/processing large files• Remote performance – single user gets full performance of PC NIC

when saving/processing large files on network• Processor-intensive task – single user uses one or more processors

exclusively = highest performing environment per user

Concerns – Printing

• Citrix/Terminal Server/Remote Desktop technologies essentially the same, therefore, printing concerns are similar• We don’t allow printing using normal “terminal server”

printing services to home printer• May not natively support home printer• Don’t want ‘foreign’ drivers on terminal servers• Don’t necessarily know where the print job will print

• Easier to print to .pdf format and save on h: drive or email to self to print later

UWSP Solution – Birth of the Idea!• CIO envisions a “Virtual Computer Lab”• Lab manager wants lab usage web site like:

• Oregon or Oregon off-line• Off-warranty lab computers still able to run lab software• Excess space in campus server rooms to host a remote

computer lab• Available computers in closed campus labs after-hours• Necessary back-end servers (database, web) already available• Use “Security Service” which already knows state of PCs

“UWSP Remote Computer Lab”School days & 24/7

• ~75-100 off-warranty computers in server roomsAfter-hours

• ~300-400 additional PCs in closed computer labs added to available remote lab PCs

• PCs ranked in database by speed/quality – best assigned first

• Additional PCs available 30 minutes after lab closing time• Additional PCs no longer available 30 minutes prior to lab

opening time• Weekdays: 8:30pm – 7:00am Monday evenings – Friday

mornings• Weekends: 4:30pm Fridays – 7:00am Mondays

Web Accesshttps://remotelab.uwsp.edu

Interface Size & Access

Select the screen size for your connection• Size: [helps know where you are in cyberspace]

• 640 x 480• 800 x 600• 1024 x 768• 1280 x 1024

Then fill in your user name and password and click

Connect• User name: campus network logon• Password: user network password

User Guide – On Screen

• When you are done using the remote lab computer, please remember to log off by clicking on start,log off, and log off

• If you stay connected to a remote lab computer without using the connection for more than 30 minutes, your session will be automatically logged off

• If you disconnect without logging off, you may reconnect to the same remote lab computer againwithin 30 minutes. After 30 minutes your session will be automatically logged off

User Guide – cont’d

• A small number of remote lab computers will be available around the clock. Additional remote labcomputers will be available from 30 minutes after campus computer labs close each evening until 30minutes prior to the following morning opening time

• If you need assistance when using a remote lab computer, please call the LRC Computer Lab Assistant at x4773

• You can also e-mail your questions and any comments or suggestions to RemoteLab@uwsp.edu

Remote Lab Desktop

Desktop Features

• Web page notice about Remote Lab Connection to always know where you are

• Simplified background for quicker desktop display• Disabled shutdown command• Allow logoff or disconnect only• Otherwise, all features of normal lab computer

available to end-user!

Network & Local Software• ~150 applications available in local Programs or

Network Menu

Server Room Setups

LRCR Remote Lab

SSCR Remote Lab

Lab Assistance & Help Desk

Daytime help• Call 24-hour computer lab assistant

• 2 lab assistants on duty during the day• Call Help Desk

After-hours help• Call 24-hour computer lab assistant

• 2 lab assistants on duty during after-hours

How does it work????From Windows XP Resource Kits:

• “Using Remote Desktop Web Connection”• “Installing Remote Desktop Web Connection”

Microsoft Requirements• A host. Any server running Windows NT Server 4.0, a member of the

Windows 2000 Server family of products, or a member of the Windows Server 2003 family of products can host Remote Desktop Web Connection. The server must be running IIS 4.0 or later.

• A client that can download and run the Remote Desktop ActiveX control. Any client running Microsoft Internet Explorer 4.01 (preferably Service Pack 2) or later on Windows Server 2003, Windows XP, Windows 2000, Windows NT 4.0 SP4 and later, Windows Me, Windows 98, or Windows 95 can run the Remote Desktop ActiveX control.

• The user installing the software must have sufficient privileges to install software. For example, on Windows XP the user must be a member of the Power Users or Administrators groups.

UWSP Security Provider• aka "Security Service" • Homegrown program• Service that runs on all Windows XP Standard Campus Load

(SCL) computers• Originally developed to allow a computer "owner" to gain

administrative access over their computer for a limited period of time

• Also monitors local Administrators group and nightly randomizes local Administrator password

• Normally all users are only allowed to operate continuously with a priority of "Power User" if they "own" their Windows XP SCL computer, or as a normal "User" if they don't

• Security Service extended for remote lab

Connecting to Remote Lab• Home computer connects to Remote Computer Lab web site

with IE• Home computer downloads Remote Desktop Protocol ActiveX

control if not already downloaded (may require "loosening" of IE security settings)

• Web site returns modified login form requesting user name, password, and resolution

• Upon pressing Connect, home computer initiates database query via older "Remote Data Services" (RDS) to retrieve name of available remote lab computer (also may require "loosening" of IE security settings)

Use State Flags for Access• State flags set via security service and web site• If no remote lab computer available. (i.e., no remote lab

computer state set to "AV"), an "error" message is displayed to try again later

• If remote lab computer already in use by specified user, that remote lab computer name is returned (state set to "logged on" or "LO") so user can reconnect

• Otherwise if remote lab computer available, name of remote lab computer returned to home computer and "logon in progress" or "IP" flag set in database for specific remote lab computer

• Home computer then passes user name, password, resolution and remote lab computer name to "Remote Desktop Protocol" (RDP) ActiveX control

RDP Session• Remote lab computer RDP session is direct within the

constraints of the browser window (web site is essentially no longer a factor, but browser must be open to host RDP session)

• If user entered incorrect user name or password, the remote lab computer will stay on a "normal" login screen for about a minute before returning to the web site

• If logon successful, Security Service on targeted remote lab computer immediately changes state from "IP" to "LO" in database for its computer name

• Logon process proceeds as normal; desktop eventually appears; user does work on remote lab computer via home computer

Logoff or Close Session• When user initiates a log off, Security Service on targeted

remote lab computer immediately changes state from "LO" to "LF" until log off complete

• When log off complete, Security Service on targeted remote lab computer immediately changes state from "LF" back to "AV" (available for next user)

• If user closes browser window or is inactive for 30 minutes, Security Service on targeted remote lab computer will automatically log user off and change states as above

Lab Management Interface [IP]

• Manipulate remote lab database• Enter opening and closing lab times• Change opening and closing lab times for special

events, breaks, etc.• Add or remove available labs• Adjust PC rank for speed/quality selection process

• Think of new ways to manipulate the database to reflect availability of other resources like Oregon did

• Think of new ways to manipulate the Security Service

Lab Availability System [IP]• Spin-off of remote lab database to help students find available lab

computers similar to the Oregon system• Lab layouts created in Excel spreadsheets & saved as web pages• Cells automated to reflect state of each named PC in the database at all

times• State codes determine display color

• AV = green• LO = yellow• IP = blue• LF = purple• Unknown = red• Shutdown = orange

• Lab Manager maintains lab layouts on Lab Availability System web site

The Best Thing Since . . .

UWSP Remote Computer Lab

&

!

Contact Information

Colleen Andrews, Student Technology Services Manager

UWSP – Information Technology

900 Reserve St.

Stevens Point, WI 54481

715-346-3229

Colleen.Andrews@uwsp.edu

http://www.uwsp.edu/it/labs