the best thing since sliced bread & velcro = remote access computer labs labman 2005 – cornell...
TRANSCRIPT
The Best Thing SinceSliced Bread & Velcro =Remote Access Computer LabsLabMan 2005 – Cornell University
Goals of Remote Labs
• Students no longer tethered to a computer lab desk• Save budget on equipment, computer lab space and
lab staff• Make computer lab services available 24 hours a day
from anywhere• Preserve “the XPerience” of using a computer lab PC
Current UWSP “XPerience”
• H: drive access• Roving network profile – email & Office & IE• Local machine software• Network software menu• Full power of PC for each user
Citrix/Terminal Server Example Cont’d
• At Purdue University:• Citrix® MetaFrame® Presentation Server running on 46
servers: HP Proliant DL580 servers with 4.5 GB RAM, Quad Xeon 700MHZ and Dell PowerEdge 2650 servers with 4GB RAM, Dual Xeon 2.2 GHZ
Concurrent Users: 1400 (approx. 30 users per server)•
Microsoft® Windows® 2000 Advanced Server
Connections include dial-up, broadband, DSL, cable modem, wireless LAN and Internet
Client devices include Macintoshes, PCs, Linux and UNIX® devices
Remote Desktop Examples
• UCLA
[VPN & Remote Desktop]• North Carolina State
[Reservation IP & Remote Desktop]• UW-Madison Engineering Labs
[PuTTY Tunneling & Remote Desktop]• University of Illinois-Springfield
[VPN & Remote Desktop]
Strategy Concerns
• Total Cost of Ownership (TCO)• Software• Bandwidth• Storage/Processing• Printing
Concerns – Total Cost of Ownership (TCO)
Citrix/Terminal Server:• Buy Terminal servers & server software• Learning curve for support technicians
• New hardware support• New software support
• Training end-user support staff on new service• Training end-users on new service
Remote Desktop:• Can use existing servers and software• Can use existing PCs and software• Low learning curve for end-user support staff & end-users• No learning curve for support technicians
Concerns – SoftwareCitrix/Terminal Server:
• Possibly can share existing application software licenses• Possibly can use existing application software license control
(e.g., Key Server)• Possibly can use existing software installation, maintenance
& upgrade systems (new learning curve?)
Remote Desktop:• Know we can share existing application software licenses• Know we can use existing application software license
control (e.g., Key Server)• Know we can use existing software installation, maintenance
& upgrade systems (no new learning curve)
Concerns – Bandwidth
• Citrix/Terminal Server/Remote Desktop technologies essentially the same, therefore, bandwidth concerns are similar
• On-campus users = no concern• Off-campus users = Internet pipe limitations:
• RDP settings can be somewhat limited to ensure the best overall experience yet still conserve bandwidth & experience of other users/protocols
• Allocation of bandwidth for university priorities to ensure QoS (e.g., Packeteer)
Concerns – Storage/Processing
Citrix/Terminal Server:• Local performance – multiple users saving large files on Citrix/Terminal
Server simultaneously = bottleneck?• Remote performance – multiple users saving large files on network
simultaneously = bottleneck?• Processor-intensive task – multiple users share one or more processors
= lesser performing environment per user
Remote Desktop:• Local performance – single user gets full performance of PC when
saving/processing large files• Remote performance – single user gets full performance of PC NIC
when saving/processing large files on network• Processor-intensive task – single user uses one or more processors
exclusively = highest performing environment per user
Concerns – Printing
• Citrix/Terminal Server/Remote Desktop technologies essentially the same, therefore, printing concerns are similar• We don’t allow printing using normal “terminal server”
printing services to home printer• May not natively support home printer• Don’t want ‘foreign’ drivers on terminal servers• Don’t necessarily know where the print job will print
• Easier to print to .pdf format and save on h: drive or email to self to print later
UWSP Solution – Birth of the Idea!• CIO envisions a “Virtual Computer Lab”• Lab manager wants lab usage web site like:
• Oregon or Oregon off-line• Off-warranty lab computers still able to run lab software• Excess space in campus server rooms to host a remote
computer lab• Available computers in closed campus labs after-hours• Necessary back-end servers (database, web) already available• Use “Security Service” which already knows state of PCs
“UWSP Remote Computer Lab”School days & 24/7
• ~75-100 off-warranty computers in server roomsAfter-hours
• ~300-400 additional PCs in closed computer labs added to available remote lab PCs
• PCs ranked in database by speed/quality – best assigned first
• Additional PCs available 30 minutes after lab closing time• Additional PCs no longer available 30 minutes prior to lab
opening time• Weekdays: 8:30pm – 7:00am Monday evenings – Friday
mornings• Weekends: 4:30pm Fridays – 7:00am Mondays
Interface Size & Access
Select the screen size for your connection• Size: [helps know where you are in cyberspace]
• 640 x 480• 800 x 600• 1024 x 768• 1280 x 1024
Then fill in your user name and password and click
Connect• User name: campus network logon• Password: user network password
User Guide – On Screen
• When you are done using the remote lab computer, please remember to log off by clicking on start,log off, and log off
• If you stay connected to a remote lab computer without using the connection for more than 30 minutes, your session will be automatically logged off
• If you disconnect without logging off, you may reconnect to the same remote lab computer againwithin 30 minutes. After 30 minutes your session will be automatically logged off
User Guide – cont’d
• A small number of remote lab computers will be available around the clock. Additional remote labcomputers will be available from 30 minutes after campus computer labs close each evening until 30minutes prior to the following morning opening time
• If you need assistance when using a remote lab computer, please call the LRC Computer Lab Assistant at x4773
• You can also e-mail your questions and any comments or suggestions to [email protected]
Desktop Features
• Web page notice about Remote Lab Connection to always know where you are
• Simplified background for quicker desktop display• Disabled shutdown command• Allow logoff or disconnect only• Otherwise, all features of normal lab computer
available to end-user!
Lab Assistance & Help Desk
Daytime help• Call 24-hour computer lab assistant
• 2 lab assistants on duty during the day• Call Help Desk
After-hours help• Call 24-hour computer lab assistant
• 2 lab assistants on duty during after-hours
How does it work????From Windows XP Resource Kits:
• “Using Remote Desktop Web Connection”• “Installing Remote Desktop Web Connection”
Microsoft Requirements• A host. Any server running Windows NT Server 4.0, a member of the
Windows 2000 Server family of products, or a member of the Windows Server 2003 family of products can host Remote Desktop Web Connection. The server must be running IIS 4.0 or later.
• A client that can download and run the Remote Desktop ActiveX control. Any client running Microsoft Internet Explorer 4.01 (preferably Service Pack 2) or later on Windows Server 2003, Windows XP, Windows 2000, Windows NT 4.0 SP4 and later, Windows Me, Windows 98, or Windows 95 can run the Remote Desktop ActiveX control.
• The user installing the software must have sufficient privileges to install software. For example, on Windows XP the user must be a member of the Power Users or Administrators groups.
UWSP Security Provider• aka "Security Service" • Homegrown program• Service that runs on all Windows XP Standard Campus Load
(SCL) computers• Originally developed to allow a computer "owner" to gain
administrative access over their computer for a limited period of time
• Also monitors local Administrators group and nightly randomizes local Administrator password
• Normally all users are only allowed to operate continuously with a priority of "Power User" if they "own" their Windows XP SCL computer, or as a normal "User" if they don't
• Security Service extended for remote lab
Connecting to Remote Lab• Home computer connects to Remote Computer Lab web site
with IE• Home computer downloads Remote Desktop Protocol ActiveX
control if not already downloaded (may require "loosening" of IE security settings)
• Web site returns modified login form requesting user name, password, and resolution
• Upon pressing Connect, home computer initiates database query via older "Remote Data Services" (RDS) to retrieve name of available remote lab computer (also may require "loosening" of IE security settings)
Use State Flags for Access• State flags set via security service and web site• If no remote lab computer available. (i.e., no remote lab
computer state set to "AV"), an "error" message is displayed to try again later
• If remote lab computer already in use by specified user, that remote lab computer name is returned (state set to "logged on" or "LO") so user can reconnect
• Otherwise if remote lab computer available, name of remote lab computer returned to home computer and "logon in progress" or "IP" flag set in database for specific remote lab computer
• Home computer then passes user name, password, resolution and remote lab computer name to "Remote Desktop Protocol" (RDP) ActiveX control
RDP Session• Remote lab computer RDP session is direct within the
constraints of the browser window (web site is essentially no longer a factor, but browser must be open to host RDP session)
• If user entered incorrect user name or password, the remote lab computer will stay on a "normal" login screen for about a minute before returning to the web site
• If logon successful, Security Service on targeted remote lab computer immediately changes state from "IP" to "LO" in database for its computer name
• Logon process proceeds as normal; desktop eventually appears; user does work on remote lab computer via home computer
Logoff or Close Session• When user initiates a log off, Security Service on targeted
remote lab computer immediately changes state from "LO" to "LF" until log off complete
• When log off complete, Security Service on targeted remote lab computer immediately changes state from "LF" back to "AV" (available for next user)
• If user closes browser window or is inactive for 30 minutes, Security Service on targeted remote lab computer will automatically log user off and change states as above
Lab Management Interface [IP]
• Manipulate remote lab database• Enter opening and closing lab times• Change opening and closing lab times for special
events, breaks, etc.• Add or remove available labs• Adjust PC rank for speed/quality selection process
• Think of new ways to manipulate the database to reflect availability of other resources like Oregon did
• Think of new ways to manipulate the Security Service
Lab Availability System [IP]• Spin-off of remote lab database to help students find available lab
computers similar to the Oregon system• Lab layouts created in Excel spreadsheets & saved as web pages• Cells automated to reflect state of each named PC in the database at all
times• State codes determine display color
• AV = green• LO = yellow• IP = blue• LF = purple• Unknown = red• Shutdown = orange
• Lab Manager maintains lab layouts on Lab Availability System web site
Contact Information
Colleen Andrews, Student Technology Services Manager
UWSP – Information Technology
900 Reserve St.
Stevens Point, WI 54481
715-346-3229
http://www.uwsp.edu/it/labs