EUC Toolbox: Regshotting across the end user universe

For managing applications and user environments it is very useful to know the way the application and the user behaves. And for application provisioning and user environment management it is necessary to know where the application and system stores the settings and personalizations options. We will need some form of application to use for capturing or monitoring the system for changes that the application or it’s settings are doing. For UEM for example we have the Application Profiler to use and create application configuration or predefined settings. But if you like to see where our Windows friend stores its changes, application profiler is not enough. We need other tools for the job. We can use Process monitor (https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx) or SpyStudio (http://www.nektra.com/products/spystudio-api-monitor/) to name a few. Or regshot.

The main difference of regshot to, for example the mentioned Process monitor or SpyStudio, is that this tool does not require admin permissions like Process monitor or installation on the system like SpyStudio. You can just download and run in the user context. This is what is the strong point is of Regshot, low footprint and no changes to the system that could influence your capturing. As long as the changes you want to monitor are within the user context, but wasn’t this the point in the first place….

What does regshot do?

In short regshot takes a first and a second shot of the registry, and shows you the differences between these. Next to this regshot also allows you to scan dirs. For example save the registry and APPDATA after you have changed that minor customization. Isn’t that what you would want to see?

In short take a first shot before your change. Change the system and take a second shot. Press compare and see what has been changed. And use that output in for example UEM configurations.

Options

First up the application is available in 32-bit and 64-bit, and in ANSI and Unicode encoding.

Regshot Files

The difference here is the program architecture and how the character encoding is handled. If for example your language settings include non-latin characters, you may want to use the Unicode version of Regshot. Else it will not matter which one you take as long as the processor architecture is right.

Secondly with the shots you can do your shot, or do and save your shot. When saved you can later use this with the load option.

Capture and shot

Third, want your output in HTML or text. HTML is friendlier on the eyes, however it will take some more time to output. Sometimes the external program connection to HTML is screwed.

Fourth is including a scandir. Default regshot will do registry, but a lot of application do save something in for example the AppData Local, ProgramData or other locations. I would recommend to include the scandirs where possible. To only downside is that you would need to know where an application stores its values, or put in the most likely suspects. Just going for all out C:\users is getting you a lot of background noises from other applications using the same space.

Fifth is setting an output path. Currently it is set to the administrators AppData profile path. If I am scanning dirs in that location it might be a better idea to redirect the output to another location not to mess up the output.

Do keep in mind not to let in a lot of cycles between the first and second shot. The system will continue to run and add up in changes between the shots. Do your required change and shoot again.

Where can I get Regshot?

RegShot is available on its Sourceforge project page at https://sourceforge.net/projects/regshot/. You can download Regshot as a compressed .7z file. You can open this with 7Zip or WinZip. Downpart of the 7z is that if you haven’t brought an additional zip application, native Windows can’t handle this. There goes my no changes to the system with using Regshot…..or just unzip it on another system 😉

Show me

Don’t mind if I do. First we are going to take our first shot. Just let the program count the keys and values, and the dirs and files, until the second shot button appears.

Regshot Shooting

I don’t mind the time it takes, my testlab is a bit on the slow hand. And including the scandir takes an even longer time than just browsing the registry. But I’m there for the results not the speed.

Next up do a change to the system. For this example I changed Chrome browser settings to show the home and always show the bookmark bar. Done with the change? Take the 2nd shot. And wait until the compare button is available. Than press that one. In the output is for example:

Keys Home

Now it is up to you to analyse what is needed..

We see that Chrome wrote to the \Software\Google\Chrome\PreferenceMACs in the USER SID key. However SIDs we cannot capture with for example UEM. We do know that this is the same as HKCU and can be captured from the HKCU\Software\Google\Chrome\PreferenceMACs. Just add the HKCU\Software\Google\Chrome\PreferenceMACs or HKCU\Software\Google\Chrome to be included in the UEM Configuration.

Now it is up to you to analyse what is needed.

– Happy shooting at your users…ermmm user environment I mean!

Sources: sourceforge.net/projects/regshot

EUC Toolbox: O Sweet data of mine… Mining data with Lakeside Software’s SysTrack

I have already covered the importance of insights for EUC environments in some of my blog post. TL;dr of those is: if not having some kind of insight your screwed. As I find this a very important part of EUC and EUC projects, and see that insights are often lacking when I enter the ring…. I would like to repeat myself: try to focus on the insights a bit more, pretty please.

Main message: to successfully move and design a EUC solution, assessment is key as designing, building and running isn’t possible without visibility.

Assessment Phase

The assessment phase is made up of gathering information from the business, such as objectives, strategy, business non-functional and functional requirements, security requirements, issues and so on. And mostly getting questions from the business as well. This gathering part is made up in getting the information in workshops with all kinds of business and user roles, having questionnaires and getting your hands on documentation regarding the strategy and objectives, and some current state architecture and operational procedures explanation and documentation. Getting and creating a documentation kit.

The other fun part is getting some insights from the current infrastructure. Getting data about the devices, images, application usage, logon details, profiles, faults etc. etc. etc.

Important getting this data is the correlation of user actions with the subjects. It is good to know that when a strategy is to move to cloud only workspaces, that there will be several thousands steps between how a user is currently using his tool set to support the business process and the business objective. An intermediate step of introducing an any device desktop and hosted application solution is likely to have a higher success rate. Or wanting to use user environment management, and the current roaming profiles as bloated to 300GB. But I will try to not to get ahead with theories, get some assessment data.

Data mining dwarfs

Mining data takes time

Okay out with this one. Mining, or gathering, data takes time and therefore a chunk of project time and budget. Unfortunately with a lot of organisations it is either unclear what this assessment will bring, there are costs involved and a permanent solution is not in place. Yes there are sometimes point-in-time software and application reports that can be made from centralized provisioning solution, but these often miss the correlation of that data to the systems and what the user is actually doing. And the fact that Shadow IT is around.

Secondly knowing what to look for in the mined data to answer the business questions

But we can help, and timing costs is more of a planning issue for example not being clear on the efforts.

The process: Day 1 is installation. After a week a health check is done to see if data is flowing in the system. Day 1+14 initial reports and modeling can be started. Day 30+ and a business cycle is mined. This means enough data point have been captured, desktops that not often are connected have had their connection and thus agents, and variation to have a good analytics. Month start and month closing procedures have been captured. What about half-year procedures? No there not in a 30 days assessment when this period doesn’t include that specific procedure. Check with the business if those are critical.

Assess the assessment

What will be your information need and are there any specific objectives from the business they would like to see? If you don’t know what you are looking for, the amount of data will be overwhelming and it will be hard to get some reports out. Secondly try to focus on what and how an assessment tool can do for you. Grouping objects in reports that don’t exist in the current infrastructure or the organization structure will need some additional technical skills or need to be place in the can’t solve the organization with one tool category.

Secondly check the architecture of the chosen tool and how it fits in the current infrastructure. You probably need to deploy a server, have a place where its data is stored and need some client components identified and deployed. Check whether the users are informed, if not do it. Are there desktops that not always connect to the network and how are these captured. Agents connect to the Master once per day to have their data mined.

Thirdly check if data needs to remain in the organization boundaries, or that it can be saved or exported to a secure container outside the organization. To analyze and report it will be beneficial for time lines if you could work with the data offsite, saves a lot of traveling time throughout the project.

Fourthly what kind of assessment is needed. Do we need a desktop assessment, server assessment, physical to virtual assessment or something else. What kind of options do we have in gathering data, do we need agents, something in the network flow etc. etc. This kinda defines our toolbox to use. Check if vendors and/or community is involved in the product this can prove to be very valuable for the right data and interpretation of data in reports. Fortunately for me the tool for this blog post SysTrack can be used for all kinds of assessments. But for this EUC toolbox I will focus on the desktop assessment part.

SysTrack via Cloud

VMware teamed up with Lakeside Software to provide a desktop assessment tool free for 90 days called the SysTrack Desktop Assessment. It will collect data for 60 days and keep that data in the cloud for an additional 30 days. After 90 days access to the data will be gone. The free part is that you pay with your data. VMware does the vCloud Air hosting and adding the reports, Lakeside adds the software to the mix and viola magic happens. The assessment can be found at: https://assessment.vmware.com/. Sign up with an account and your good to go. If you work together with a partner be sure to link your registration with that partner so they have access to you information. When registration is finished your bits will be prepared. The agent software will be linked to your assessment. Use your deployment method of choice to deploy agents to the client devices, physical or virtual as long as its Windows OS. Agents need to connect to the public cloud service to upload the data to the SysTrack system. Don’t like all your agents connecting to the cloud, you can use a proxy where your clients connect to and the proxy connects to the cloud service. Check the collection state after deploying and a week from deploying. After that data will so up in the different visualizers and overviews.

SDA - Dashboard

If you have greyed out options, be patience there is nothing wrong (well yet). These won’t become active until a few days of data have been collected to make sure representative information is in there before most of the Analyze, Investigate and report options are shown.

Have a business cycle in and you can use the reports for your design phase. The Horizon sizing tool is an XML export that you can use in the Digital Workspace Designer (formerly known as Horizon Sizing Estimator) find it at https://code.vmware.com/group/dp/dwdesigner. Use the XML as a custom workload.

SDA- User Visualizer

SysTrack On site

Okay, now for the on site part. You got a customer that doesn’t like its data on somebody else her computer, needs more time, needs customizations to reports, dashboards or further drill down options -> tick on site deployment. It needs more preparations and planning between you and the customer. If the cloud data isn’t a problem, let your customer start the SDA the have some information before having the onsite running, mostly it will take calls and operational procedures before a system is ready to install.

Architecture

Okay so what do we need? First get a license from Lakeside or your partner for the amount of desktop you want to manage. You will get the install bits or the consultant doing the install will bring them.

Next the SysTrack Master server. Virtual or physical. 2vCPU and 8GB (with Express use 12GB) to start with, grows when having more endpoints. Use the calculator (Requirements generator) available on the Lakeside portal. Windows server minimum 2008R2 SP. IIS Web Roles, .Net Framework (all), AppFabric and Silverlight (brr). If you did not setup the pre-requisites this will be installed by the installer (but it will take time). That is… not .Net Framework 3.5 as this is a feature on servers where you need some additional location of source files. Add this feature to the system prior installation. And while you are at it install the rest.
For a small environment or without non persistent desktops a SQL Express (2014) can be included in the deployment. Else use an external database server with SQL Server Reporting Service (SSRS) setup. With Express SRSS is setup by the way.

Lakeside Launch

You need a SQL user (or the local system) with DBO to the new created SysTrack database and a domain user with admin rights to reporting service and local admin on the Windows server. If you are not using a application provisioning mechanisme or desktop pool template, you can push or pull from the SysTrack Master. For this you need a AD user with local admin rights to the desktops (to install the packages) and File and Print Services, Remote management and Remote Registry. If SCCM or MSI installation in the template is used, you won’t require local admin rights, remote registry and such.

If there is a firewall between the clients (or agents or childs) and master server be sure to open the port you used in the installation, default you need 57632 TCP/UDP. And if there is something between the Master Server and Internet with the registration, you will need to activate by phone. Internet is only used with license activation though.

And get a thermos of coffee, it can take some time.

To visualise the SysTrack architecture we can use the diagram from the documentation (without the coffee that is).

SysTrack Architecture

Installation is done in four parts, first the SysTrack Master Server (with or without SQL), secondly the SysTrack Web Services, thirdly the SysTrack Administrative tools and when 1-3 are installed and SysTrack is configured, you can deploy the agents.

  • SysTrack Master Server is for the Master for the application intelligence storing the data from childs (or connecting to data repository), configuration, roles and so on.
  • SysTrack Web Services is for Front end visualizers and reporting (SSRS on SQL server).
  • SysTrack Administrative Tools for example the deployment tool for configuration.

You gotta catch them all.

SysTrack Install menu

And click on Start install.

The installers are straightforward. Typical choices are the deployment type, full or passive. Add the reporting service user that was prepared (you can do this later as well). Database type, pre-existing (new window will open for connection details) for an external database or the express version. Every component will need its restart. After restarting the Master Setup the Web Services installer will start. After this restart, the Administrative Tools don’t start automatically. Just open the Setup and tick the third option and start the install.

Open the deployment tool. Connect to the master server. Add your license details if this is a new installation. Create a new configuration (Configuration – Alarming and Configuration). Selecting Base Roles\Windows Desktop and VMP will work for a good start in desktop assessments. Set your newly created as default, or change manual in the tree when clients have been added to the tree. And push the play button when ready to start or receive clients. Else nothing will come in.

vTestlab Master Deployment Tool

Now deploy the agent via MSI. The installation files are on the Master Server in the installation location: SysTrack\InstallationPackages. You have the SysTrack agent (System Management Agent 32-bit) and the prerequisite C Redistributable’s VC2010.
With MSI deployments you add the master server and port to the installer options. If the Master allows clients to auto add themselves to the tree which is the default case with version 8.2, they will show up.

“Normally” the clients won’t notice the SysTrack agent deployed. There is not a restart required for the agent installation.
For strict environments you can have a pop-up in Internet Explorer about LSI Hook browser snap in. You can suppress this by adding the CLSID of LSI Hook to the add-on list with a value of 1. Or you can edit your configuration and change Web browser plugins to false. This in turn will mean that web data from all browser is not collected by SysTrack.

Configuration Web Browser Plugin.png

In any case be sure to test the behaviour in your environment before rolling out to a large group of client.

Conclusion

While the cloud is deployed within a snap and data is easily accessed within the provided tools and reports fit the why of the assessment, there is a big but.. Namely that a big chunk of organisations don’t like this kind of data to go into the cloud, even when the user names are anonymized. Pros for the on site version is that it will give you more customizations and reporting possibilities. Downside is that SysTrack onsite is Windows based and the architecture will require Windows licenses next to the Lakeside license. All the visualisers and tools can be clicked and drilled down from the interface, but it feels a little like several tools have been duck-taped together. You can customize whatever you want, dashboards, reports and grouping. You would need a pretty skill set including how to build SQL queries, SSRS reports and the SysTrack products themselves. And what about the requirement for Microsoft SilverLight, using a deprecated framework Tsck tsck. Come on this is 2017 calling….

But in the end it does not matter if SysTrack from Lakeside Software or for example Stratusphere FIT from Liquidwarelabs is used, that is your tool set. The most important part is to know what information is needed from what places and know thy ways to present these. Assess the assessment, plan some time and get mining for diamonds in your environment.

– Happy Mining!

Sources: vmware.com, lakesidesoftware.com

EUC Toolbox: Don’t wanna be your monkey wrench, use Flings

To remind some of whom have had previous experience with flings, or to explain flings to newbies if there still are any, in a few words Flings are apps and tools built by VMware engineers that are intended to be played with and explored. Even more, they are cool ideas worked out in cool apps and tools. Which are not only to play with but are very useful.
And, with no official production support from VMware.
This doesn’t mean the fling will tear a hole in the space-time continuum or your environment will randomly blow up at places, just be a little cautious when using a fling untested in production. Like with everything in production. Not official supported doesn’t mean the engineers stopped working on the products as soon as it is published on the Flings page. They do often respond to comments and with updates to make their cool ideas even better. And at times a fling makes it to the product like the vSphere HTML5 Web Client or ViewDBChk in Horizon.

Tools?

home_improvement

Anyway. Below is a list of my five most used EUC flings. Because well… it is an often overheard question: what do you or other customers use? And a listing disclaimer, don’t stop at number five, there are other very cool flings out there and new emerging ones coming. So keep an eye out. Hey I won’t stop at 5 either…..

VMware OS Optimization Tool aka OSOT

Guest OS systems are often designed for other form factors than virtual machines thus being very bloaty to include every variable choose and iniminie little device supported. When running these in virtual machines we have to optimize the OS so it won’t waste resources on unneeded options, features or services. Optimize to improve performance. One of these use cases is Horizon VDI or published. But personally I would like to see server components a bit more optimized as well.

With VMware OS Optimization Tool you can use templates to analyze and optimize Windows templates. Use the provided templates, make your own or use the public templates to share knowledge with the community. Made an oops and there is a rollback option.

OSOT.png

Get the VMware OS Optimization Tool here: https://labs.vmware.com/flings/vmware-os-optimization-tool.

Horizon Toolbox

The Horizon Toolbox is een set of helpful extensions to the Horizon Administrator page. The tools are provided at a Tomcat Web portal that is installed next to the Horizon Administrator. There the downside is visible straight away, yet another portal/console in the spaghetti western of the Horizon suite consoles. But the extensions for operations and no flash are worth it.

The Horizon Toolbox adds:

  • Auditing of user sessions, VM snapshots and used client versions.
  • Remote assistance to user sessions.
  • Access to the desktops VM remote console.
  • Power policies for Horizon pools.

Get the Horizon Toolbox here: https://labs.vmware.com/flings/horizon-toolbox-2.

VMware Access Point Deployment Utility

When we have use cases that need external access we have a design decision to use the Access Point in the DMZ to tunnel those external access sessions. The Horizon Access Point is an appliance that is deployed via a OVF. With the deployment you can use several methods to add the configuration options to the appliance, Web client, ovftool and Powershell for example. Another option is to use the Access point Deployment Tool fling. Especially when redeploying the appliance is faster than debugging or reconfiguring.

The VMware Access Point Deployment utility is a wrapper around ovftool. The utility let’s you input configuration values in a human friendly interface and PEM certificate format. It will create the ovf string, and will execute that string and deploy and configure Access Point. It will export the certificate and keys to the required JSON format. And it allows your input to be saved to XML and imported at a later time. This minimizes the amount of re-input required, and in result the amount of failures with reconfiguration or redeployment.

Get the VMware Access Point Deployment Utility here: https://labs.vmware.com/flings/vmware-access-point-deployment-utility.

App Volumes Backup Utility

App Volumes Appstacks are read only VMDK’s that are stored on a datastore and attached to a user sessions or desktop VM that has the App Volumes agent running. When we need to back up the appstacks we have the option to use a backup solution that backs up the datastore. But not all backup solutions have this option. A lot of VADP compatible backups look at the vCenter inventory to do their backup. Appstacks, and writeable volumes for that matter, are not available as direct selectable objects in the vCenter inventory. The Appstacks are only attached when a session or desktop is active, and non persistent desktop are not in the backup in the first place.

App Volumes Backup Utility to the rescue. In short what this tool does is connect App Volumes and vCenter, create a dummy VM object and attach the App Stack and writable volumes VMDK’s to that VM. And presto backup tool can do its magic. A little heads up for writable volumes, be sure to include pre and post actions to automatically detach, and re-attach any writable volumes which are in use while the backup is running. Utility for that is included in the fling.

Get the App Volumes Backup Utility here: https://labs.vmware.com/flings/app-volumes-backup-utility.

VMware Logon Monitor

VMware Logon Monitor fling monitors Windows 7 and 10 user logons. It reports a wide variety of performance metrics. It is firstly intended to help troubleshoot slow logon performance. But it can also be used for insights if you happen to miss vROPS for Horizon for example. Or when you want to find out how your physical desktop is doing in this same process when assessing the environment.

Some of the metrics categories include logon time, shell load, profile, policy load times, redirection load times, resource usage and the list goes on and on and on. VMware Logon Monitor also collects metrics from other VMware components used in the desktop. This will provide even more insight in what is happening during the logon process. For example what is that App Volumes AppStacks adding to the logon process……

Install Logon Monitor in your desktop pool and let the collection of metrics commence. Note that the logs are locally stored and not on a central location. The installer will create and start VMware Logon Monitor service.

logonmonitor

VMware Logon Monitor will log to C:\ProgramData\VMware\VMware Logon Monitor\Logs.

Get the VMware Logon Monitor here: https://labs.vmware.com/flings/vmware-logon-monitor.

And there’s more where that came from…..

And probably some that make your order of appearance a little bit different. Just take a look a https://labs.vmware.com/flings/?product=Horizon+View for the Horizon View tagged flings. And be sure to also check without this tag as for example the App Volumes related flings are not in this tag listing.

– Enjoy the flings!

Sources: labs.vmware.com/flings

EUC Toolbox: Helpful tool Desktop Info

As somebody who works with all different kinds of systems from preferably one client device, from the intitial look, all those connected desktops look a bit the same. I want a) to see on what specific template am I doing the magic, b) directly see what that system is doing and c) don’t want breaking the wrong component. And trust me the latter will happen sooner then later to us all.

dammit-jim

Don’t like to have to open even more windows or search for metrics in some monitoring application as it does not make sense at this time? Want to see some background information on what the system you are using is doing, right next to the look and feel of the desktop itself? Or keep an eye on the workload of your synthetic load testing? See what for example the CPU of your Windows 7 VDI does at the time an assigned AppStack is direct attached? And want to keep test and production to be easily kept apart in all those clients you are running from your device?

Desktop Info can help you there.

Desktop Info you say?

Desktop Info displays system information on your desktop in a similar way to for example BGinfo. But unlike BgInfo the application stays resident in memory and continually updates the display in real time with the interesting information for you. It looks like a wallpaper. And has a very small footprint of it’s own. Fit’s perfectly for quick identification of test desktop templates with some realtime information. Or keeping production infrastructure servers apart or….

And remember it’s for information. Desktop Info does not replace your monitoring toolset, it gives the user information on the desktop. So it’s not just a clever name……..

How does it work?

Easy, just download, extract and configure how you want Desktop Info to show you the …well.. info. For example put it in your desktop template for a test with the latest application release.

It can be downloaded at http://www.glenn.delahoy.com/software/files/DesktopInfo151.zip. There is no configuration program for Desktop Info. Options are set by editting the ini file in a text editor such as Notepad or whatever you have lying around. The ini file included in the downloaded zip shows all the available options you can have and set. Think about the layout, top/bottom placement, colors, items to monitor and WMI counters for the specific stuff. Using Nvidia WMI counters here to see what the GPU is doing would be an excellent option. Just don’t overdo it.

In the readme.txt that is also included in the zip there is some more explanation and examples. Keep that one closeby.

capture-basicinformation

Test and save your configuration. Put Desktop Info in a place or tool so that it is started with the user session that needs this information. For example in a startup, shortcut or as a response to an action.

Capturing data

You have the option to use Desktop Info with data logging for references. Adding csv:filename to items will output the data to a csv formatted file. Just keep in mind that the output data is the display formatted data.

– Enjoy!