One of the biggest high points of getting the MCITP
enterprise-level certification is that it indicates you have the ability
to support a multifaceted, multiplatform, multiuser environment. Before
the release of Windows Server 2008, most of the IT implementations of
on-demand applications and services usually involved deploying many
different platforms. Certain programs would run only on Windows version
X, other ones required version Y, and so forth. Most enterprises ended
up with a collection of different computers and peripherals strewn
around the facilities. Although this solution ultimately did the job
(sort of), it didn't do it in a particularly elegant or cost-efficient
way.
Windows Server 2008 makes the
job of an enterprise administrator dual-pronged. On one hand, you have
to administer all your users. On the other hand, you have to do it
cheaply.
One of the tools at your
disposal for this process is called Application Virtualization, which
may be more familiar to you as Microsoft SoftGrid.
1. Application Virtualization Basics
The concept of application virtualization is simple in nature but more difficult in implementation. Effectively, all the words application virtualization
mean are that an application can be installed on a server and be
dynamically accessed by a user without needing to install a program or
any other additional software. Instead, the application is run off the
server in a dedicated server space. This allows for fewer user
connections, more flexible deployments, and great cost reduction in
terms of licensing, time, and technical difficulties.
1.1. The Application Virtualization Process
For an application to be
"virtual," it has to exist somewhere other than on the primary operating
system that resides on the user's computer. In the Windows enterprise
environment, this means it can exist in several places:
Locally
A locally
installed virtualized application is an application that is installed
only on the host-based computer. Normally, this occurs through the use
of other virtualization technologies, such as VMware or Microsoft
Virtual PC.
Web-based
Web-based
virtualization refers to any implementation of virtualization that
allows clients to access an application remotely via a website URL. This
includes technologies such as TS Web Access. When this is in use, the
user installs no local software; instead, the application is run purely
on the server side and is contained within an Internet browser.
Remotely
When an application can
be accessed only remotely, it exists somewhere between the realms of
locally installed and web-based. It isn't accessible via the web
browser, and the client doesn't have the application installed on the
host machine, but the client does have a configuration installed that
allows it to access the remote program, which is accessed via IP packets
across the network.
1.2. Anatomy of a Program
You can be pretty darn thankful
for some serious improvements over the years in both the design and
implementation or programs that make it unnecessary for you as an
administrator to understand every single aspect of a program. In the
"old days," when custom applications were made, teams of engineers would
spend hours, days, months, or even years trying to create a system that
would allow multiple users to access a program. They would create a
program by hand from the ground up and then put it in a place that could
be accessed by everyone in the organization at the same time, which
wasn't easy. This is because a program might comprise one of two types
of "libraries"—static libraries (.lib) and dynamic libraries (.dll).
Static libraries
A static library is a
collection of classes, compiled objects, and executable code that has
been created by a compiler for instantiation in a program in one area.
In simpler terms, it's a collection of code that is used for one place
at one time. At the enterprise level, you won't normally deal with this
type of library. However, it's useful for understanding the next type of
library, which is much more important—dynamic link libraries.
Dynamic link libraries (DLLs)
The main limitation of
static libraries is that they are, for lack of a better term, static.
They are created in one place and accessed by one program at a time.
With DLLs, Microsoft invented a new way for libraries to be dynamically
accessed by multiple processes at the same time. With a DLL, the same
piece of information can be accessed by multiple portions of the
program. So, if your program were accessing a particular piece of itself
that needed to be accessed by another portion of the program, if that
piece of information was in a static library, the other portion of the
program would not be able to access this information. By contrast, a
dynamic link library will happily let this happen.
At the enterprise level, you
are most concerned about DLLs for two very important reasons. The first
is that you are concerned about application deployment (where your
applications exist on your server). The second reason you are concerned
about DLLs is that they define the version of the program that your
software is using.
The primary
advantage of Application Virtualization is that it virtually (pun
intended) eliminates the concept of "DLL hell," meaning the inability to
find system libraries, or correct versions of system libraries, for
certain programs. Because SoftGrid is designed in such a way that
deployment throughout the enterprise can be universal, if an application
is deployed, you can organize it in such a way that it is deployed the
same throughout the entire enterprise.
1.3. MSI Files
The Microsoft .msi
file extension stands for "Microsoft Installer." MSI files comprise
executable code that contains installation wrappers for programs
installed on Microsoft platforms that include the program base code, its
required libraries, and other information required for the program to
function. Typically, this type of file is manipulated and shared by the
server as an application install file for clients or hosts.
Additionally, in traditional
Group Policy deployment, MSI files are used to assign or publish
applications throughout the network based on predefined policies set by
the administrator. For virtualization, it's important to be familiar
with MSI files because they are required for some forms of
virtualization in different locations, such as client or server side,
based on the type of install the administrator desires.
1.4. Line-of-Business Applications
Most of the programs that you'll deal with at the application virtualization level are what are called line-of-business applications.
A line-of-business application is one that is absolutely essential to
the production of a business and that is accessed by multiple employees.
For a sales company, one example of a line-of-business application
would be a custom utility that keeps track of large volume sales,
allowing multiple users to log in to the same program, access the same
data, make changes, and authorize certain actions, such as authorizing a
discount, changing the quantity of items, or modifying customer
information.
Line-of-business application is a catchphrase you'll see a lot, but if you are an administrator, you can just boil it down to two words: it's important.
1.5. Active Directory–Integrated Applications
An Active
Directory–integrated program is a program that has been designed from
the ground up to work alongside the data provided by Active Directory.
Chances are you may have run across these either in the field or while
studying for your application infrastructure exam for Windows Server
2008. A great example of something like this is an email client such as
Exchange Server 2007. Because it needs a way to send email information
from one Windows user to another, Exchange Server 2007 can query the
Active Directory database for information regarding users and what they
need to send information back and forth. The application falls right in
line with Active Directory, and the user never really notices the
difference.
2. Application Virtualization Components and Software
Application
virtualization technology requires particular components. I'll begin the
discussion of them by briefly touching on each of these concepts. Then I
will discuss each one in more depth as you begin to learn more and more
about application virtualization and the role it plays within a Windows
Server 2008 enterprise.
Microsoft SoftGrid
SoftGrid is the
overall technology that makes it easy to deploy applications in a
streamlined process, which in turn allows user to access various
programs with very little overhead. When referencing enterprise-level
deployment of applications, more often than not I'm referring to the use
of Microsoft SoftGrid, which contains within it many of the features
discussed later in this section.
Microsoft SoftGrid has
two different types of deployment—Microsoft SoftGrid Application
Virtualization for Universal Desktops and Microsoft SoftGrid Application
Virtualization for Terminal Servers. Which to use is up to you and will
be discussed in more detail later.
NOTE
SoftGrid is
capable of creating individual per-user instances of the system
registry, file system, COM/IPC, system libraries, process environment,
and fonts, making it highly scalable and easy for users to integrate
multiple applications in the same user environment.
Microsoft System Virtual Application Server
Microsoft System
Virtual Application Server (SVAS) is a component of Microsoft SoftGrid
that is responsible for streaming application data to users who have
requested that data throughout the enterprise. Normally, SVAS does this
through security tokens and identifiers (SIDs). When SVAS is running, it
runs a service called Microsoft System Center Virtual Application
Server. This is located by default in the Program Files\Softricity\SoftGrid Server\content directory.
Microsoft SoftGrid Client: SystemGuard
SystemGuard is what Microsoft
describes as a "sandbox." It allows applications to run in a framework
on an individual client computer using Microsoft SoftGrid. In
Application Virtualization, the user never fully installs the program
onto their own machine. Instead, only miniscule portions of the program
are transferred to the user. The majority of the program is housed on
the server. To protect the operating system and to communicate with the
server, Microsoft SystemGuard creates a "safe zone" that users can
operate from within without the risk of harming their machine.
Additionally, SystemGuard can store information regarding an application
for later use. Thus, if a user terminates a session, the session comes
back in full force at a later point when the application is
reinstantiated.
Microsoft SoftGrid Sequencer
SoftGrid Sequencer is
the portion of Microsoft SoftGrid that determines which INI, DLL, and
other files are required in the interaction between the operating system
and the application. SoftGrid Sequencer then interfaces with Microsoft
SystemGuard to determine what needs to be deployed to the end user and
moves whatever is appropriate in the form of an executable file that can
be used for virtualization. Ultimately, SoftGrid Sequencer "sequences"
the application onto the virtual server for management purposes, such as
the Management Web Services utility. To use SoftGrid Sequencer,
administrators have to place data required for certain programs into
"packages." These packages are then deployed based on administrative
criteria.
Microsoft SoftGrid Management Web Services
This is a snap-in
tool that integrates within the Microsoft Management Console. It is
capable of interacting with Active Directory and database-driven
applications for line-of-business or general virtualization purposes. It
can integrate with both local and virtualized applications.
Administrators can use Management Web Services through the Microsoft
Management Console, just like other snap-in tools, to create individual
groups, manage load balancing, or create fault tolerance. Additionally,
Management Web Services can both create and manage the three licensing
modes of applications:
Time-based
Concurrent
Unlimited access
The
primary use of Management Web Services is to directly assign
applications to users, groups of users, or organizational units within
Active Directory.
Microsoft System Center Configuration Manager
Microsoft System Center Configuration Manager (ConfigMgr)
is a high-end utility designed to administer an extremely large-scale
enterprise. To pass the 70-647 exam, you do not need to know how this
operates, but you do need to know that it's designed for high-end
administration purposes.
Microsoft Virtual PC 2004 and 2007
These are two versions of
one piece of software designed to allow machines to install multiple
different operating systems on one workstation. It is available as a
free download, and in the enterprise it is rarely used, except on an
individual user level.
3. Microsoft SoftGrid
Microsoft SoftGrid is a complex and highly scalable application
virtualization platform that uses SQL Server and Active Directory for
application availability. Within Active Directory, SoftGrid relies upon
three different user groups:
SoftGrid browsers
This is a read-only account type that is designed to allow users to browse SoftGrid applications to see what is available.
SoftGrid administrators
SoftGrid
administrators are granted access to the SoftGrid Management Console, as
well as the SoftGrid Management Web Services tool. Administrators can
also add, delete, and remove accounts within SoftGrid and manage
application-based software.
SoftGrid users
SoftGrid user accounts are used to access available SoftGrid applications throughout the infrastructure.
