Desktop virtualization promises to save enterprises from rising data center costs and management headaches. IT administrators, however, have had to contend with immature technology, inconsistent terminology and executive and user reluctance. Fortunately, you can get the most out of virtualization by assembling a toolbox of assorted technologies.
One of the big promises of desktop virtualization is that virtual desktops are simpler to manage than traditional desktops. Sounds good, right? Unfortunately, when people make statements like that, they don't really explain exactly how that's going to happen.
So, I'll tell you here: A big way -- perhaps even the biggest way -- you can save money with desktop virtualization is by maintaining a single master disk image that all your users share. After all, if you have 500 users, what's cheaper to manage: 500 instances of Windows or one? This applies regardless of the type of desktop virtualization you're using, whether it's Remote Desktop, virtual desktop infrastructure (VDI), client-based virtual machines (VMs), client hypervisors, operating system streaming or a combination of all of them.
Of course, you'd like to manage just one image. This would be fine if all 500 of your users were identical to one another. If they all had the same apps, the same data and the same preferences, it would be a trivial task to build a disk image and to distribute 500 identical copies. But until we perfect cloning, we're probably going to have 500 different desktops for 500 users.
User personalization with roaming profiles
Fortunately, user personalization is nothing new to Windows desktop administrators. Microsoft introduced roaming profiles way back in 1994, and they have done a decent job of centrally storing user preferences, such as wallpapers and menu layouts.
But roaming profiles were designed more than a decade before desktop virtualization was even conceived. And now, 17 short years later, we're running up against its limitations.
The biggest problem with roaming profiles is that it captures only the files and settings that are saved in the actual user profile folder. And the unfortunate truth is that a lot of stuff in Windows isn't stored in that folder and is therefore invisible to the roaming-profile engine.
The gravity of this can be illustrated through a simple example: Think about your own personal laptop computer. What if I came in and said that I was going to take it away from you right now and replace it with a new one? You might protest, to which I'd answer, "Don't worry! I'll copy your user profile folder from your old laptop to your new one."
Would you be happy with that?
I know I wouldn't be. Sure, the user profile folder will include my personal registry settings and my Start menu. But what about the custom apps I installed? What about all my data? Are they there or somewhere else? (It depends on the configuration.) What about all the little things that I stored who knows where? What about all the machine customizations that aren't stored in my registry?
The list goes on and on. The reality of today's Windows desktop environment is that a lot of stuff is stored all over the place and the simple roaming-profile mechanism isn't robust enough to capture everything.
More roaming profiles limitations
You may be saying, "So what if roaming profiles don't capture everything?"
In the context of desktop virtualization, if corporate IT wants to save money by just managing a single image for all of its users, it has to ensure that users can work with their desktops in a way that they're used to. You can't say things like, "You can put your data there," or "You can't install that app," just because we can't capture it.
Remember, we're talking about their full, real desktops -- this isn't Terminal Services, where it's just an auxiliary desktop or a desktop for a few simple workers.
The other severe limitation of roaming profiles is the whole "last write wins" issue. The Windows roaming-profiles capability was designed in an era when a user was logged on to only a single computer at a time. So, the user logs in and his roaming profile is downloaded from a server. The user works throughout the day and then logs out and at that time, the profile is copied back to the server.
But in today's environments, we might have users with two, three or four desktops, all accessed simultaneously. This could include a local installation of Windows, a few Remote Desktop Session Host sessions and perhaps a client VM. All of these profiles can conflict and overwrite one another, depending on what the user changes on which desktops at which times.
Even though Windows 7 now "streams" profile changes back and forth, that streaming happens at the file level, so users who have multiple simultaneous settings can still screw up registry settings.
Enter profile management
All of these problems can be solved today with profile management or "user virtualization," as it's now called. Vendors such as AppSense, Immidio, RES Software, triCerat and Scense all provide user virtualization products. Much like application virtualization, each of these vendors takes a different approach to profile management/user virtualization. Some, like AppSense and RES, are complex, far-reaching solutions that give you a high degree of management. Others, such as Immidio, are simpler and solve a handful of singular problems.
Most of these products have similar architectures, where they run an agent on Windows that communicates with a back-end configuration and storage database. Admins can then specify which settings should be enforced for which users and specific changes the users make are stored centrally.
And when users make changes, the agents can capture everything, regardless of whether the user puts it in the right place. This means that an admin can replace the underlying Windows installation with a new one without losing anything the user has done. And for the ultimate solution, combine this user virtualization with app virtualization, and then take a step back and think about how complete your desktop environment is -- virtual or not!
Actually, a lot of companies deploy user virtualization products into their physical desktop environments before they ever consider desktop virtualization. Doing so allows them to get a handle on the existing environment now, making their ultimate migration to virtual desktops a relatively simple exercise.
ABOUT THE AUTHOR:
Brian Madden is an independent industry analyst and blogger, known throughout the world as an opinionated, supertechnical desktop virtualization expert. He has written several books and more than 1,000 articles about desktop and application virtualization. Madden's blog, BrianMadden.com, receives millions of visitors per year and is a leading source for conversation, debate and discourse about the application and desktop virtualization industry. He is also the creator of BriForum, the premier independent application delivery technical conference.