Parallels Remote Application Server Training Manual

Parallels Remote
Application Server
Training Manual
V16
Copyright © 1999 – 2017 Parallels IP Holdings GmbH and its affiliates. All rights reserved.
Table of Contents
Parallels IP Holdings GmbH
Vordergasse 59
8200 Schaffhausen
Switzerland
Tel: + 41 52 632 0411
Fax: + 41 52 672 2010
www.parallels.com
Copyright © 1999-2017 Parallels IP Holdings GmbH and its affiliates. All rights reserved.
This product is protected by United States and international copyright laws. The product’s underlying
technology, patents, and trademarks are listed at http://www.parallels.com/trademarks.
Microsoft, Windows, Windows Server, Windows NT, Windows Vista, and MS-DOS are registered
trademarks of Microsoft Corporation.
Apple, Mac, the Mac logo, Mac OS, iPad, iPhone, iPod touch, FaceTime HD camera and iSight are
trademarks of Apple Inc., registered in the US and other countries.
Linux is a registered trademark of Linus Torvalds.
All other marks and names mentioned herein may be trademarks of their respective owners.
Version 16 – Last updated August, 2017
Parallels Remote Application Server Training Manual
2
Table of Contents
Table of Contents
Table of Contents....................................................................................................... 3
Introduction to Parallels Remote Application Server .................................................. 8
Terminology ................................................................................................................... 9
Parallels Remote Application Server Description ......................................................... 11
Installing Parallels Remote Application Server......................................................... 13
Planning and Implementing RAS ................................................................................. 14
System Requirements ................................................................................................. 16
Getting Started with Parallels Remote Application Server ....................................... 19
Configuring Parallels Remote Application Server ......................................................... 20
The Farm and Components ......................................................................................... 20
RD Session Hosts .................................................................................................... 25
RD Session Hosts Configuration and Settings ............................................................. 26
VDI Hosts ................................................................................................................. 38
Virtualization ................................................................................................................ 39
VDI Hosts and Configuration ....................................................................................... 45
Virtual Desktop Infrastructure ...................................................................................... 51
Remote PCs............................................................................................................. 71
Remote PC Agents ...................................................................................................... 72
Gateways ................................................................................................................. 79
Parallels Secure Client Gateways ................................................................................ 80
Configuring Multiple Gateways and Forwarding Gateways .......................................... 94
3rd Party SSL Certificates............................................................................................ 96
Publishing Agents .................................................................................................... 99
Parallels Remote Application Server Training Manual
3
Table of Contents
Publishing Agents ...................................................................................................... 100
Secondary Publishing Agents .................................................................................... 101
High Availability Load Balancer HALB ................................................................... 103
HALB - High Availability Load Balancer ..................................................................... 104
HALB Appliance Installation and Configuration .......................................................... 105
Adding an HALB Appliance from Parallels RAS ......................................................... 107
Farm Settings......................................................................................................... 114
Auditing ..................................................................................................................... 115
Global Logging .......................................................................................................... 116
Redirection ................................................................................................................ 117
Client Settings ........................................................................................................... 118
Load Balancing ...................................................................................................... 119
Resource Based ........................................................................................................ 121
Round Robin Load Balancing .................................................................................... 121
Session Options ........................................................................................................ 122
Advanced Settings ..................................................................................................... 123
Publishing .............................................................................................................. 124
Applications Publishing .............................................................................................. 125
Folders and Application Grouping .............................................................................. 136
Desktop Publishing .................................................................................................... 138
Predefined Application Publishing .............................................................................. 143
Document Publishing ................................................................................................. 145
Web Application Publishing ....................................................................................... 150
Folder on the file system publishing ........................................................................... 156
Publishing Containerized Applications ....................................................................... 162
Managing Published Items......................................................................................... 163
Parallels Remote Application Server Training Manual
4
Table of Contents
Universal Printing ................................................................................................... 164
Parallels Universal Printing ........................................................................................ 165
HTML5 Gateway and Chrome App Printing ............................................................... 167
Fonts Management .................................................................................................... 169
Universal Scanning ................................................................................................ 170
Universal Scanning Options ....................................................................................... 172
Configuring a Scanning Rename Pattern ................................................................... 173
Adding Scanning Applications ................................................................................... 174
Quick Keypads ....................................................................................................... 175
Connection and Authentication Settings ................................................................ 176
Authentication ............................................................................................................ 177
Settings ..................................................................................................................... 179
Second Level Authentication ..................................................................................... 180
Connection Policies ............................................................................................... 182
Configuring Client Policies ......................................................................................... 182
Client Manager....................................................................................................... 185
Devices ...................................................................................................................... 187
Windows Device Groups............................................................................................ 188
Managing Windows Device Groups ........................................................................... 189
Shadow a Windows Device ....................................................................................... 193
Desktop Replacement ............................................................................................... 194
Options ...................................................................................................................... 199
Scheduler .................................................................................................................. 200
Administration ........................................................................................................ 201
Multiple Sites ............................................................................................................. 202
Parallels Remote Application Server Training Manual
5
Table of Contents
Adding a New Site to the Farm .................................................................................. 203
Accessing Site Configuration ..................................................................................... 206
Configuring Administrators......................................................................................... 210
Mailbox Setup ............................................................................................................ 213
Sending Email Invitations and Settings to Users ........................................................ 214
Notifications ............................................................................................................... 217
Reporting ................................................................................................................... 218
Backup, Software Updates & Settings Audit .............................................................. 219
Administrator Chat ..................................................................................................... 222
Information ................................................................................................................ 226
Reporting ............................................................................................................... 228
Software Requirements ............................................................................................. 229
Install & Setup MS SQL ............................................................................................. 230
Parallels RAS Reporting Setup .................................................................................. 241
Parallels RAS Management Console Configuration ................................................... 244
Viewing Reports ........................................................................................................ 246
Available Reports....................................................................................................... 247
Licensing ................................................................................................................ 249
License & Activation .................................................................................................. 250
HTML5 Client ......................................................................................................... 255
What is the HTML5 Client? ........................................................................................ 256
HTML5 Client Themes ............................................................................................... 257
Open Parallels HTML5 Client .................................................................................... 257
Parallels Clients ..................................................................................................... 258
Parallels Clients ......................................................................................................... 259
Installing and Configuring Parallels Windows Client and RDP Connections ............... 261
Parallels Remote Application Server Training Manual
6
Table of Contents
Installing Parallels Linux Client .................................................................................. 268
Microsoft PowerShell Automation .......................................................................... 274
Quering RAS Roles using PowerShell ....................................................................... 276
Pushing RAS RDS Agent using PowerShell .............................................................. 277
Cloud Offerings ...................................................................................................... 278
Parallels RAS in Microsoft Azure ............................................................................... 279
References............................................................................................................. 286
Parallels Remote Application Server Training Manual
7
Introduction to Parallels Remote Application Server
SECTION 1
Introduction to Parallels Remote Application
Server
In This Section
Terminology ................................................................................................................... 9
Start...................................................................................................................... 10
Farm ..................................................................................................................... 10
Licensing Server Site ............................................................................................ 10
Publishing ............................................................................................................. 10
Publishing Agent................................................................................................... 10
RDS...................................................................................................................... 10
Site ....................................................................................................................... 10
Parallels Remote Application Server Description ......................................................... 11
Parallels Remote Application Server Training Manual
8
Introduction to Parallels Remote Application Server
Terminology
A category consists of a number of settings related to a specific task or operation. In the Parallels Remote
Application Server Console, the following categories are available:
• Start
• Farm
• Load Balancing
• Publishing
• Universal Printing
• Universal Scanning
• Connection
• Client Manager
• Policies
• Administration
• Information
• Reporting
• Licensing
Parallels Remote Application Server Training Manual
9
Introduction to Parallels Remote Application Server
Start
The start section consists of 3 sub-sections which will help in configuring Parallels Remote Application
Server. These sections are “Add RD Session Hosts”, “Publish Applications” and “Invite Users”. The “Add RD
Session Hosts” section configures and adds RD Session Hosts to Parallels Remote Application Server. The
second section, “Publish Applications”, consists of a wizard which sets up published applications for users.
Finally, the “Invite Users” section sends out invitations via email to specified users to guide them in using
and downloading all the necessary applications to allow them to use the published applications and
desktops they want.
Farm
A farm consists of a Parallels Remote Application Server installation on a site or multiple sites.
Licensing Server Site
The licensing server sit is where the main configuration database is stored. This manages all other sites in
the Parallels Farm. Other servers in a site can be upgraded to Licensing Server status if the main licensing
server is not available.
NOTE: Upgrades of the Parallels Remote Application Server MUST be applied to the licensing server site first.
Publishing
The act of making items installed on a Remote Desktop Server, VDI Host or Remote PC available to the
users via Parallels Remote Application Server.
Publishing Agent
The Publishing Agent provides load balancing of published applications and desktops.
RDS
RDS stands for Remote Desktop Services and is a server role in Windows Server that provides technologies
that enable users to connect to virtual desktops and session-based desktops. RDS replaced Terminal
Services as of Windows 2008 R2.
Site
A site consists of a publishing agent, a Secure Client Gateway or multiple gateways and the agents installed
on the RD Session Hosts, VDIs and PCs.
Parallels Remote Application Server Training Manual
10
Introduction to Parallels Remote Application Server
Parallels Remote Application Server Description
Parallels Remote Application Server enables people to work from anywhere with virtually any device. It’s a
powerful tool that allows businesses to leverage their existing applications on multiple devices with client
support for PC, Mac, Linux, iOS, Android, HTML 5, and Chrome.
Some of the key benefits of Parallels Remote Application Server are:
▪
▪
▪
▪
Centralized resources that can be more effectively managed from both a cost and security
perspective.
▪
The cost of software updates can be reduced with volume licensed copies that can be
shared instead of a full individual copy for every user.
▪
Users’ RD Session Hosts access can be strictly controlled with security groups and group
policies i.e. software cannot be installed or downloaded on RD Session Hosts. SSL
connections and Second Level Authentication can be used to create a secure environment.
Applications can be delivered to users on multiple OS platforms for both desktop and mobile
devices.
▪
The Parallels client is available for Windows XP, 7, 8, 10, Raspberry pi, OS X, Linux, desktop
operating systems.
▪
The Parallels client is available on iPhone, iPad and both Android tablets and phones.
▪
The Parallels HTML 5 client provides access from any device with an HTML 5 browser.
High Availability Load Balancer Appliance (HALB)
▪
The Parallels HALB is a software solution that sits between the user clients and two (or more)
back-end Parallels Remote Application Server gateways. Any number of HALB services can be
running concurrently, and, at any one time, one is set as the master while the others are set as
slaves.
▪
Not only does the Parallels HALB distribute the requests to the two back-end servers, it also
checks the health of the back-end servers. If one of them is down, all requests will
automatically be redirected to the remaining back-end server.
Load Balancer
▪
The load balancer nodes monitor each other using Keepalived, and if the master fails, a
slave becomes the master, which means that the users will not experience any disruption
of service.
Parallels Remote Application Server Training Manual
11
Introduction to Parallels Remote Application Server
▪
▪
▪
Parallels Desktop Replacement
▪
Parallels Desktop Replacement allows you to extend the lifespan of your hardware and delay
migration to the latest OSs to a time that suits you best.
▪
The Parallels solution allows you to be very flexible: you can lock machine configuration on the
user side, placing your corporate data in an extremely secure position, or you might decide to
allow users to run some local and remote applications.
▪
Parallels Client Desktop Replacement is able to reduce the operability of the local machine by
disabling the most common local configuration options, while guaranteeing the same level of
service and security afforded by thin clients directly from your existing PCs.
Parallels RAS Reporting Service
▪
Parallels Remote Application Server has a built-in reporting engine, which the
administrator can use to understand how the system is functioning. The information
provided can help in adjusting the system to perform better, and to be used in a more
efficient way. With it, you can detect bottlenecks that can lead to future problems, thus
avoiding them. You can also analyze how your users are using the system and extract
important statistics.
▪
The system provides 13 reports which are grouped into 5 categories. You can view the
available reports in a flat view by clicking the flat view button in the reports header as
shown in Section 16 of this document.
▪
The Reports are displayed in 2 chart types, giving you the ability to toggle between two
graphical configurations, either as a bar graph or as a pie chart.
Business Continuity and Disaster Recovery
▪
Application downtime is reduced with redundant systems and quick client build times.
▪
Parallels Remote Application Server also has built-in backup capabilities.
Parallels Remote Application Server Training Manual
12
Installing Parallels Remote Application Server
SECTION 2
Installing Parallels Remote Application
Server
In This Section:
Planning and Implementing RAS ................................................................................. 14
Basic Functionality................................................................................................ 15
System Requirements ................................................................................................. 16
Hardware Requirements: ...................................................................................... 16
Software Requirments .......................................................................................... 17
Parallels Remote Application Server Training Manual
13
Installing Parallels Remote Application Server
Planning and Implementing RAS
There are 3 major mechanisms required to deliver published items.
1
Servers – Connect users to applications, desktops, folders or documents. There can be a single or
multiple servers configured to deliver published items using the following agents using RDS.
▪
Gateway*
▪
Publishing Agent*
▪
Terminal Servers Agent (Used to publish applications using RDS)
▪
VDI Host Agent (Used to publish virtual desktops)
* Required.
2
3
Clients – May be a PC, tablet or phone which the Parallels Client is installed on and can connect to
the published items. A list of available clients is as follows:
▪
Windows XP, 7, 8, 8.1, 10 in 32bit and 64bit
▪
Mac OS X
▪
Linux
▪
iPad
▪
iPhone
▪
Android
▪
HTML 5
▪
Windows Mobile 8
Network – Which consists of a LAN or WAN connections.
▪
LAN connections are on port 80 by default.
▪
WAN connections can be made on port 80, but SSL on port 465 is recommended. Any
port available from outside the network that is forwarded to the gateway.
Parallels Remote Application Server Training Manual
14
Installing Parallels Remote Application Server
Basic Functionality
Figure 1 - Basic Functionality
The basic functionality of an environment consisting of clients and a server over a network is shown Figure
1. When clients request Applications, RDS Desktops, VDI Desktops, Folders, Documents or Remote PC
access, Parallels Remote Application Server delivers them to the client utilizing RDS.
Parallels Remote Application Server Training Manual
15
Installing Parallels Remote Application Server
System Requirements
Before installing Parallels RAS, please verify that your hardware and software meet or exceed hardware
and software requirements described below. Please note that although Parallels RAS can be used in
Workgroup environment, Parallels recommends using Active Directory to manage users, groups, and
machine accounts via group polices.
Hardware Requirements:
Parallels Remote Application Server is extensively tested on both physical and virtual platforms. The
minimum hardware requirements approved to run Parallels Remote Application Server are outlined below.
•
•
Physical Machines – Dual Core Processor and a minimum of 4GB RAM.
Virtual Machines – Two Virtual Processors and a minimum of 4GB of virtual hardware memory.
The server hardware requirements to install and configure Parallels Remote Application Server can vary
according to end-user requirements.
Typically for an installation of 30 users or under, Parallels Remote Application Server can be installed on
one high specification server and the resources published directly from it. For more than 30 users, multiple
servers may be required.
The below should be considered during the planning stage of a Parallels Remote Application Server
deployment:
•
•
•
•
•
High specification servers should be used, consisting of multiple CPU cores, a high specification
disk transfer rate and plenty of RAM.
A hypervisor-based virtual machine can be used as long as the resources required by the end-users
are calculated accordingly.
RD Session Hosts should not exceed 50 users per RD Session Host in usage.
The Secure Client Gateway should not exceed 200 users per server for incoming connections.
When planning VDI Hypervisor resource requirements, extra requirements such as RAM usage per
virtual machine and disk space should be taken into account.
For port requirements, please see the Port Reference section.
Parallels Remote Application Server Training Manual
16
Installing Parallels Remote Application Server
Software Requirments
RAS Publishing Agent and RAS Secure Client Gateway
RAS Publishing Agent and RAS Secure Client Gateway are supported on the following operating systems:
•
•
•
•
•
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
As a note, RAS Secure Client Gateway runs as a 64-bit process and takes advantage of multi-core and multiCPU hardware.
Note: Parallels Remote Application Server should NOT be installed on a domain controller or any other server
where a DHCP server is running.
RAS RD Session Host Agent
RAS RD Session Host Agent is supported on the following operating systems:
•
•
•
•
•
•
Windows Server 2003 SP1 and newer
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
RAS VDI Agent
RAS VDI Agent is supported on the following operating systems:
•
•
•
•
•
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
VMware, Nutanix, and Xenserver can use Windows-based VDI agent installed on Windows Server 2012 R2
and Windows Server 2016
Parallels Remote Application Server Training Manual
17
Installing Parallels Remote Application Server
Parallels RAS PowerShell
Windows Server 2008 with Service Pack 2. Windows Management Framework 3.0 must also be installed.
Parallels RAS Console
•
•
Windows Server 2008 and newer
Windows 7 and newer
RAS Guest Agent
•
Windows XP SP3 and newer
Remote PC Agent
•
Windows XP SP3 and newer
Parallels Client
Parallels Client is approved for the following operating systems (both 32-bit and 64-bit systems are
supported, where applicable):
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Windows XP SP3, Vista, 7, 8.x, 10
Windows Server 2003 SP1 and newer
Windows Embedded
macOS 10.7.3 and newer
iOS 7.0 and newer (iPhone and iPad)
Android 2.2 and newer
Chrome OS
Ubuntu 12.04 LTS
Ubuntu 14.04 LTS
Open Suse 12.3
OpenSuse 13.2
Fedora 20
Xubuntu 15.10
Raspbian OS Wheezy
Raspbian OS Jessie
Parallels Remote Application Server Training Manual
18
Getting Started with Parallels Remote Application Server
SECTION 3
Getting Started with Parallels Remote
Application Server
In This Chapter:
Configuring Parallels Remote Application Server ......................................................... 20
The Farm and Components ......................................................................................... 20
Parallels Remote Application Server..................................................................... 21
The Farm .............................................................................................................. 22
Publishing Agent................................................................................................... 23
Secure Client Gateway ......................................................................................... 23
Terminal Server Agent .......................................................................................... 24
VDI Host Agent ..................................................................................................... 24
Guest Agent ......................................................................................................... 24
PC Agent .............................................................................................................. 24
Configuring RAS ................................................................................................... 24
Parallels Remote Application Server Training Manual
19
Getting Started with Parallels Remote Application Server
Configuring Parallels Remote Application Server
After a default installation of Parallels Remote Application Server, the following services will be running on
the server.
▪
Parallels Publishing Agent – Provides load balanced applications and desktop publishing.
▪
Parallels Redundancy Service – Provides redundancy to Parallels Remote Application Server.
▪
Parallels Secure Client Gateway – Tunnels all traffic needed by Parallels applications on a single
port and provides secure connections.
▪
Parallels Terminal Server Agent – Provides terminal server information to Parallels Publishing
Agent.
Troubleshooting Tip: Check the service state when an agent status is “Not Verified”
The Farm and Components
There are several components that make publishing items possible, which include:
▪
Application Server
▪
The Farm
▪
Publishing Agent
▪
Secure Client Gateway Agent
▪
Terminal Server Agent
▪
VDI Host Agent
▪
Guest Agent
▪
PC Agent
Parallels Remote Application Server Training Manual
20
Getting Started with Parallels Remote Application Server
Parallels Remote Application Server
Parallels Remote Application Server is the collective components, systems and graphical interface of a
Farm setup. The Farm Design view shows all systems managed by the Publishing Agent.
Figure 2 - RAS Interface
The categories in the left pane of the console provide access to the individual systems of Parallels Remote
Application Server, as shown in Figure 2. Selecting an icon provides access to properties, options,
configuration settings, and the ability to enable and disable them depending on the system.
Parallels Remote Application Server Training Manual
21
Getting Started with Parallels Remote Application Server
The Farm
Figure 3 - Farm Info
The Farm contains sites or a site that is configured to deliver published items, manage thin clients and
access the properties of those components. From the Farm section of the console, administrators can:
▪
Change the name of the Farm.
▪
Add a Site.
▪
Change the Properties of a Site.
▪
Delete a Site.
▪
Check the Agent.
▪
Switch Sites.
▪
Change Licensing Server Site.
Parallels Remote Application Server Training Manual
22
Getting Started with Parallels Remote Application Server
Publishing Agent
The Publishing Agent (PA) controls all the communications between components and systems. There can
be only one PA active in a Farm. The PA controls the decision algorithm for Load Balancing,
Authentication, 2nd Level Authentication, Filtering and other processes. Other PAs are configured as
backup, and will take over when the Master PA fails.
Secure Client Gateway
The gateway provides clients with a connection point to Parallels Remote Application Server and an entry
point for the connection broker for Wyse terminals. The connections can come from multiple sources such
as a Windows, Linux, Macintosh, RAS Web Portal or Smart phone client. When a connection request is
received by the Secure Client Gateway, it will seek out information from all Publishing Agents to see if the
requesting user has permission to access the requested resources.
The gateway also delivers and installs Parallels Desktop replacement and Windows PC Client Management.
It can also tunnel HTTP traffic to an intranet.
This is processed in the following order:
1
Gateway receives a connection request.
2
Gateway forwards the request to the Publishing Agent.
3
Publishing Agent performs load balancing checks and looks up the active directory security to obtain
security permissions.
4
If the user is requesting a published resource and has been granted access, the publishing agent
returns the response to the gateway service and RD Session Host from which the end user can access
the service.
5
Depending on the connection mode, the client either disconnects from the gateway and connects
directly to the RDS Server (Direct Mode), or asks the gateway to open a tunnel to the RD Session Host
(Gateway Mode).
Parallels Remote Application Server Training Manual
23
Getting Started with Parallels Remote Application Server
Terminal Server Agent
The Terminal Server Agent is installed on RDS servers to provide a connection to the Farm, which allows
the PA to publish applications and manage them. From the Properties Tab, the Agent Settings, RDP Printer
format and Scheduler can be configured for the Terminal Server Agent.
VDI Host Agent
The VDI Host Agent is installed on the hypervisor host or appliance (i.e. vCenter) to connect the host to the
Farm. From the Properties tab, the Host can be removed from the Farm. Agent Settings, RDP Printer
format and Scheduler are located in the properties of the VDI Host Agent.
Guest Agent
The guest agent allows the PA to publish and manage guest virtual machines (VMs). In the advanced
settings, you can manage/control the Guests, change settings, or update agents.
PC Agent
The PC agent is used to connect physical (vs. virtual) PCs to the Farm and gives users access to those PCs.
From the Properties tab, the Remote PC can be removed from the Farm. The Agent Settings and RDP
printer format are also found in the Remote PC Properties.
Configuring RAS
After installing Parallels Remote Application Server, depending on the environment there are specific
components that need to be configured. For Publishing, a Gateway and Publishing Agent are required as
well as a Terminal Service Agent, VDI Host Agent or Remote PC Agent depending on what is being
published. The most common use of Parallels Remote Application Server is to publish applications from a
RDS server to a client. This scenario requires a Gateway, PA and TS to deliver applications to clients. The
following sections will describe the configuration process which would allow each of these agents to
publish.
Parallels Remote Application Server Training Manual
24
RD Session Hosts
SECTION 4
RD Session Hosts
In This Chapter:
RD Session Hosts Configuration and Settings ............................................................. 26
RD Session Hosts Properties ............................................................................... 27
Groups ................................................................................................................. 33
Sheduler ............................................................................................................... 34
Session Management ........................................................................................... 36
Parallels Remote Application Server Training Manual
25
RD Session Hosts
RD Session Hosts Configuration and Settings
For publishing applications or remote desktops from a RDS server, a Terminal Server Agent must be
installed. The agent may be removed from the Farm from the Properties tab which is useful during
maintenance.
The Parallels Terminal Server Agent Port (default TCP 20003) is used to communicate with the Parallels
Terminal Server Agents which should be installed on the RD Session Hosts. The Parallels Terminal Server
Agent provides information to Parallels Remote Application Server over this port.
Troubleshooting Tip: Use the netstat – a command can be used to test if the Publishing Agent has established
connections to ports 20002 (Gateway) and 20003 (RDS).
Parallels Remote Application Server Training Manual
26
RD Session Hosts
RD Session Hosts Properties
Properties
Figure 4 – RD Session Hosts Properties
The Properties tab allows you to configure the RD Session Hosts. Below you may find the explanation of
the different configuration prorperties.
Server – Specifies the server name.
Description – Specifies the server description.
Change Direct Address – Select this option if you need to change the address that the Parallels
Client uses to estabilish a direct connection with the RD Session Host.
Parallels Remote Application Server Training Manual
27
RD Session Hosts
Agent Settings
Figure 5 – RDS Session Hosts Agent Settings
Each RD Session Host in the farm has a RAS Terminal Server Agent installed to provide a connection
between the Parallels Remote Application Server and the RD Session Host.
To use default settings, select the Inherit default settings option. To view or modify the default settings,
click the Edit Defaults link.
You can also edit custom settings for a particular server. This is done by clearing the Inherit default settings
option and speficing the following options
Port - Specifies a different remote desktop connection port number if a non-default port is
configured on the server.
Max Sessions - Specifies the maximum number of sessions.
Publishing Session Disconnect Timeout - Specifies the amount of time each session remains
connected in the background after the user has closed the published application. This option is
used to avoid unnecessary reconnections with the server.
Publishing Session Reset Timeout - This feature allows you to control how long it takes for a
session to be logged off after it is marked as "disconnected".
Parallels Remote Application Server Training Manual
28
RD Session Hosts
Allow Client URL/Mail Redirection - Select this option to allow http and mailto links to be opened
using a local application on the client computer rather than the server’s resources. To configure a
list of URLs which should not be redirected, navigate to the URL Redirection tab in the Settings
node of a site.
Allow 2XRemoteExec to send command to the client - Select this option to allow a process
running on the server to instruct the client to deploy an application on the client side. More about
2XRemoteExec in the Using RemoteExec subsection below.
Enable applications monitoring - Enable or disable monitoring of applications on the server.
Disabling application monitoring stops the WMI monitoring to reduce CPU usage on the server and
network usage while transferring the information to RAS Publishing Agent. If the option is enabled,
the collected information will appear in a corresponding RAS report. If the option is disabled, the
information from this server will be absent from a report.
Use RemoteApps if available - Enable this option to allow use of remote apps for shell-related
issues when an app is not displayed correctly. This feature is supported on the Parallels Client for
Windows only.
Parallels Remote Application Server Training Manual
29
RD Session Hosts
User Profile Disks
Figure 6 – RD Session Hosts User Profile Disks
User profile disks (UPD) store user and application data on a single virtual disk that is dedicated to one
user’s profile. Virtual disks are reattached at logon and are completely transparent to the user, so the user
can save their data or change and save their app settings on what appears to be a local disk. All personal
data and settings persist when connecting to different computers in a virtual desktop collection or session
collection.
To use default user profile disks settings, select the Inherit default settings option. To view or modify the
default settings, click the Edit Defaults link.
Follow the folling steps to use specific settings:
1
Clear the Inherit default settings option.
2
Select the Enable user profile disks option.
3
Specify a network location where the disks should be created using the Microsoft Windows UNC
format (e.g. \\RAS\users\disks).
4
Specify the maximum allowed disk size (in gigabytes) in the Maximum size field.
Note - The server must have full control permissions on the user profile disk share.
Parallels Remote Application Server Training Manual
30
RD Session Hosts
Dekstop Access
Figure 7 - RD Session Hosts Desktop Access
The Desktop Access tab page allows you to restrict remote desktop access to certain users. By default, all
users who have access to remote applications on an RD Session Host can also connect to the server via a
standard RDP connection.
Parallels Remote Application Server Training Manual
31
RD Session Hosts
RDP Printer
The RDP Printer tab page allows you to configure the renaming format of redirected printers. The format
may vary depending on which version and language of the server you are using.
Figure 8 – RD Session Host RDP Printer
To use the default RDP printer settings, select the Inherit default settings option. To view or modify the
default options, click the Edit Defaults link.
The RDP Printer Name Format drop-down list allows you to select a printer name format specifically for the
configured server.
Select the Remove session number from printer name and/or the Remove client name from printer name to
exclude the corresponding information from the printer name.
Parallels Remote Application Server Training Manual
32
RD Session Hosts
Groups
Figure 9 - RD Session Hosts Groups
RD Session Host groups can be used to specify from which group a published resource should be published
when using the Publishing wizard. It is highly recommended to use groups in a multiserver environment to
ease the management of published resources.
After you create a group and publish resources from it, you can view the list of resources by rightclicking a
group and choosing ‘Show’ published resources.
Parallels Remote Application Server Training Manual
33
RD Session Hosts
Sheduler
Figure 10 – RD Session Host Scheduler
The scheduler is used to provide administrators with a tool for creating maintenance windows to reboot TS
servers or limit the access to published items during the specified time of the day. Select the ‘Add’ option,
to enter time, date, duration and repeat information.
Parallels Remote Application Server Training Manual
34
RD Session Hosts
Figure 11 - Disable RD Session Hosts Schedule
The ‘On Disable’ option is used to change the session state of the client connections. This is useful when
changes have been made to the RDS servers and sessions need to be updated.
Parallels Remote Application Server Training Manual
35
RD Session Hosts
Session Management
Figure 12 - RD Session Hosts Session Management
The Session Management tab page allows you to view and manage current sessions for RD Session Host
servers. To view the page, navigate to Farm / Site / RD Session Hosts / Session Management.
Note: You can also open the Session Management tab page by right-clicking a server on the RD Session Hosts tab
page and choosing Show Sessions. This will open the Session Management tab page with a filter applied to it to
display only the sessions that belong to the selected server.
The Sessions lists displays current sessions and includes the following info for each session:
• Server. RD Session Host server name.
• Session ID. Session ID.
• User. Session owner.
• Protocol. Protocol used: Console (Parallels RAS Console connection), RDP (remote user connected
via RDP).
• State. Session state: Idle, Active, Disconnected.
• Logon Time. Last date and time the user logged on.
• Session Length. Total sessions duration.
• Idle Time. Total session idle time.
• Type. Session type: Admin, Published Application, Published Desktop
Parallels Remote Application Server Training Manual
36
RD Session Hosts
• Resolution. Client display resolution.
• Color Depth. Client display color depth.
• Device Name. Client device name.
• IP Address. Client IP address.
You can sort the Sessions list by any session property. Simply click on a desired column heading to sort the
list in ascending or descending order.
You can also filter the list using a single or multiple session properties as a criteria. To do so, click the
magnifying glass icon (top right) and then type a desired string in a desired column. The list will be filtered
as you type.
To manage a session (or multiple sessions at the same time), select one or more sessions and then use the
Tasks drop-down menu to choose from the following actions:
• Refresh. Refresh the list.
• Disconnect. Disconnect the selected session(s).
• Log Off. Log off the session(s).
• Send Message. Opens the Send Message dialog where you can type and send a message to the
session owner(s).
• Remote Control. Remotely control the selected user session.
• Show Running Processes. Display and manage running processes. See below for details.
Parallels Remote Application Server Training Manual
37
VDI Hosts
SECTION 5
VDI Hosts
In This Chapter:
Virtualization ................................................................................................................ 39
VDI Hosts and Configuration ....................................................................................... 45
Virtual Desktop Infrastructure ...................................................................................... 51
Parallels Remote Application Server Training Manual
38
VDI Hosts
Virtualization
Virtualization Definition
Virtualization is the process of multiple systems sharing resources. This allows the system to achieve
increased utilization of the resources, and consequently an increased return on investment. The increased
utilization also resolves other issues such as space, power and a controlled climate in data centres.
In hardware virtualization, the host machine is the actual machine on which the virtualization takes place,
and the guest machine is the virtual machine.
Parallels Remote Application Server Training Manual
39
VDI Hosts
Virtualization Layers
Starting with a bare bones server, a hypervisor is installed and then virtual machines are created and
managed with the hypervisor. Then, Parallels Remote Application Server can be installed on the virtual
machines using Windows Server 2003, 2008, 2008 R2 or 2012 and 2012 R2. Applications and desktops can
then be published and delivered to devices. Desktop OSs can also be installed on the hypervisor to publish
VDI desktops.
Published Applications
Parallels Remote
Application Server Farm
Work Stations
Hypervisors
Windows Server
Bare Metal
Figure 13 - Virtualization Layers
Parallels Remote Application Server Training Manual
40
VDI Hosts
Hypervisors
Determining the hypervisor plays a key role in the configuration of a system ready to publish applications
or desktops as it determines the features and functionality the system will have. The 5 most prevalent
hypervisors on the market today are:
•
VMware ESXi up to 5.5
•
Hyper-V 2008 R2
•
Hyper-V 2012
•
Hyper-V 2012 R2
•
Citrix Xen Server up to 6.2
When choosing a hypervisor, consider the following:
•
The number of VMs that can be installed on a single instance of hypervisor.
•
Functionality (How easy is it to manage VMs).
•
Tools (Clustering, Failover, Backups).
These hypervisors are built on different OS platforms and differ greatly in functionality. Parallels Remote
Application Server can function with these platforms.
Planning and Implementing Hosts
The planning and implementation of a virtual environment has many considerations and choices that need
to be made before the decision is affected, since an informed choice would greatly benefit the eventual
setup. These considerations are:
▪
Virtual Storage
▪
Virtual Networking
▪
Memory Allocation
▪
CPU Management
Parallels Remote Application Server Training Manual
41
VDI Hosts
Virtual Storage
Virtual storage differs from physical machines, in that it is more likely for a separate storage device to be
used in conjunction with VM drives, as opposed to local storage on the actual server. It is critical to the
success of a virtual environment to choose the right storage device because of disk I/O, array configuration
and provisioning. If these three characteristics of storage devices are not properly chosen, VM
performance will suffer.
Concerning disk I/O, consider the following characteristics of storage arrays:
▪
NAS – Low Disk I/O
▪
iSCSI – Moderate Disk I/O
▪
Fiber Channel - High Disk I/O
In addition to disk I/O, another consideration to virtual storage is array configuration. There are three
predominant types of storage devices which are: NAS, iSCSI and Fiber Channel. Each has different
characteristics for the provisioning of disk arrays. For optimum performance, ensure that the device can
create separate RAID arrays and therefore separate LUNs over logical LUNs. Logical LUNs are stripped
across all the drives in and array because the drive is a single large array. The LUNs are created with the
management software and do not physically isolate storage to specific drives as RAID does. If multiple
VMs with high disk I/O are on the same array, there may be significant performance issues.
Provisioning of VM drives can be static or dynamic and depending on the naming convention is unique to
the hypervisor. For example, VMware calls static provisioning “Thick” and dynamic provisioning “Thin”.
Static provisioning is operantly the same as creating a physical machine drive, in that when the
administrator provides the drive for a VM, that space is set aside for that VM only. Dynamic provisioning,
on the other hand, allows the administrator to set the maximum drive size, but only the necessary drive
space that is needed at the time of creating the VM is used on the disk as it grows. This allows for
oversubscribing the hard drive space. This makes dynamic drive provisioning a poor choice in a
production-oriented environment.
The biggest issue with dynamic provisioning is that the VMs’ OS will not know if it has run out of space for
writing to the disk. This might cause an unrecoverable crash. If this happens, a backup may be used to
restore the VM, but this can be avoided using static provisioning.
Parallels Remote Application Server Training Manual
42
VDI Hosts
Virtual Networking
Virtual networking follows some of the same practices as physical machines, only implemented in a virtual
environment. To ensure strong VM performance, separate the storage network from the other networks
with a separate NIC that is configured on a separate VLAN and virtual switch. Additional NIC’s may also be
needed if there are VMs that have high bandwidth utilization i.e. email and SQL servers.
Another consideration is segmenting the network environment. The industry standard for network
segmentation is no more than 300 devices on a single VLAN. This is due to broadcast domains and the
amount of chatter that is generated by devices. If the network has mixed protocols such as VOIP as well as
IP, the number of devices should be reduce to 100 – 150 or they should be isolated to different VLAN if
possible.
Memory Allocation
To ensure suitable VM performance, memory must be allocated and managed properly. Some key
considerations are:
▪
Avoid over subscribing memory in production environments.
▪
Monitor memory utilization on VM after creation.
▪
Maintain OS versions and patches as similar as possible.
▪
Use monitoring tools to create alerts for memory issues.
Over subscribing memory is possible in a virtual environment, though it is not recommended as it will
invoke the use swap files.
Most of the time, memory allocation is an educated guess on the administrator’s part and should be
monitored after the VM is created to determine if the appropriate amount has been allocated.
Adjustments should be made if the memory is underutilized or over utilized.
Hypervisors can optimize memory by examining memory files and allowing multiple VMs to utilize the
same memory page if they are the same. Maintaining servers with the same builds and patch versions
assists in allowing memory page sharing.
Motoring tools should be set up to alert administrators when memory issues arise to avoid swap file use
and prevent degradation in VM performance.
Parallels Remote Application Server Training Manual
43
VDI Hosts
CPU Management
CPU management is another vital part of virtualization, and should be considered in planning and
implementing a virtual environment. Each of the three hypervisor brands mentioned has their own unique
considerations to manage CPU’s. For example, in VMware, the main consideration is CPU % Ready. CPU %
Ready increases when processors have to wait for instructions sets to be processed. This is a result of VMs
consisting of different processor configurations, some being single core, some dual and others quad core.
The quad core VMs must wait until 4 processors are available to execute code. If the CPU % Ready is high,
VM performance will suffer.
Look up the best practices of each hypervisor, to better optimize the CPU management system your
hypervisor prefers.
Configuring Virtual Machines
Once the planning and implementation of the virtual host has been configured, the next step is to
configure VMs for deployment. With regard to Parallels Publishing Agents, Secure Client Gateways and
RDS servers, here are the recommended practices for VM configuration:
▪
Install the Hypervisor tools.
▪
Sysprep Templates.
▪
Turn off UAC.
▪
Configure Firewall Settings with Appropriate Ports Open or Off.
▪
Configure Anti-Virus Exclusions for Parallels Remote Application Server and Related Services.
Hypervisor tools are used to manage VMs from the hypervisor console and are also needed by the Parallels
Remote Application Server for VDI.
Syspreping templates is important since it ensures that the SID is unique to the VM being created.
Turning off the UAC ensures that various services can function properly, such as activating Parallels
Remote Application Server.
Configuring the firewall appropriately will ensure proper communications between Parallels services.
Anti-virus programs may interfere with the functionality of Parallels Remote Application Server and its
services. It may be necessary to add Parallels Remote Application Server and its services to an exception
list in the anti-virus software.
Parallels Remote Application Server Training Manual
44
VDI Hosts
VDI Hosts and Configuration
A VDI Host (host machine) is defined as the computer on which a hypervisor is running one or more virtual
machines. Each virtual machine is called a guest machine. The hypervisor presents the guest operating
systems with a virtual operating platform and manages the execution of the guest operating systems.
Multiple instances of a variety of operating systems may share the virtualized hardware resources.
Parallels Remote Application Server supports HyperV, Citrix XEN, VMware VCenter, VMware ESXi.
By adding the VDI Host to Parallels Application Server, you can manage the virtual machines on the VDI
Host, create guest clones and publish virtual desktops and applications from virtual guests.
The Host Agent is installed on the hypervisor host to publish VDI desktops from Parallels Remote
Application Server. From the VDI Host section of the Farm, select “Add” and choose the Hypervisor type
being used to host clients.
Figure 14 - Add a VDI
For some of the Hypervisors such as VMWare ESXi server, you must configure and run an appliance instead
of the running the Parallels Agent. An appliance is a pre-configured virtual machine (including the
operating system and other relevant settings) which you can add to the list of virtual machines running on
the hypervisor to act as a Parallels Agent.
Parallels Remote Application Server Training Manual
45
VDI Hosts
Properties
Figure 15 - VDI Properties
From the Properties tab, choose the VDI version type and enter the credentials to allow the host access.
Parallels Remote Application Server Training Manual
46
VDI Hosts
Credentials
Figure 16 - VDI Credentials
Enter the crednetials to access the VDI Host server. Click on the Check Credentials button to confirm the
credentials inputted are correct.
Parallels Remote Application Server Training Manual
47
VDI Hosts
Agent Settings
Figure 17 - VDI Agent Settings
The Agent Settings tab allows the direct address to be changed. A description can be added and the
number of connections can be changed. The Publishing Session Timeout field is used to set the amount of
time that each session will stay connected in the background after the user has closed all published
applications. This is done to avoid unnecessary reconnections with the server. The maximum number of
connections possible is 1000.
Enabling the Allow Client URL/Mail Redirection box allows http and mailto links to be opened using local
applications instead of using RD Session Host resources.
Parallels Remote Application Server Training Manual
48
VDI Hosts
RDP Printer
Figure 18 - VDI RDP Printer Settings
RDP Printer settings are used to change the name format of RDP printers in all Windows Server versions
before 2008 and MS Easy Print.
Parallels Remote Application Server Training Manual
49
VDI Hosts
Scheduler
Figure 19 - Scheduler Entry
The Scheduler tool provides administrators with a tool for creating maintenance windows for VMs or for
the host itself. Select ‘+’ button under the Scheduler tab to configure a time, date, duration and how often
this information should be repeated.
Parallels Remote Application Server Training Manual
50
VDI Hosts
Virtual Desktop Infrastructure
Installing the VDI Guest Agent
To publish VDI desktops, a Parallels Host Agent must be installed on the hypervisor host server. Each
hypervisor has a specific manual for utilizing VDI which can be found at:
http://www.parallels.com/eu/products/ras/resources/
Installing the Parallels Guest Agent will give the Publishing Agent the ability to publish VDI guests.
Configuring Pools
Configuration pools offer administrators more flexibility when managing an extensive number of Guests,
especially when they are implemented in large company infrastructures. The Parallels Remote Application
Server console provides the framework and tools needed to create a complete Pool Management
foundation.
Figure 20 - Pool Management Interface
Parallels Remote Application Server Training Manual
51
VDI Hosts
Adding Pool Members to a Pool
Figure 21 – Adding members to a pool
Select the Pool that you want to add Members to, and then click on the Add button from the Task menu.
Choose from the following types of Guests:
▪
All Guests in Farm: All guest VMs on all VDI hosts that are located on the site
▪
All Guests in Host: All guest VMs that are located on a particular VDI host. After clicking this
option, you'll be able to select a VDI host
▪
Guest: A specific guest VM located in the farm. After clicking this option, you'll be able to select a
guest VM from the list
▪
Native Pool: Group of guests that have been previously configured from the hypervisor
management tool. Please note that the hypervisor may use a different terminology to these pools
(e.g. resource pools). After clicking this option, you'll be able to select a native pool from the list, if
any are available.
▪
Pool: An existing pool in the Parallels Remote Application Server (pool nesting). After clicking this
option, you'll be able to select an existing pool from the list
▪
RAS Template: Guest VMs that are automatically created from a RAS Template. After selecting this
option, you'll be able to select a RAS template.
Parallels Remote Application Server Training Manual
52
VDI Hosts
Wildcard to Filter VMs
Use the Wildcard input field at the bottom of the Pool management tab to specify a wildcard to indicate
which guest VMs should be available for users. If a VM name matches the wildcard, it will be available. If
not, the users will not be able to use it. Use the the asterisk operator (*) to specify a wildcard (e.g. ABC*,
*ABC*).
Pool Guests
Figure 22 - Virtual Guest List
The Pool Guests button allows you to view and manage Guests in a particular Pool. Select a Pool and the
Guests that are included in that Pool will appear in the Virtual Guests List.
Parallels Remote Application Server Training Manual
53
VDI Hosts
Guest Advanced Settings
Figure 23 - Guest Advanced Settings
When the Guest Advanced Settings dialog box appears, you can further configure each Guest in the Pool.
▪
Enable Do not use this guest checkbox so the system ignores the particular Virtual Guest.
▪
The Computer Name field allows you to set the network name (domain name / IP address) of the
computer that the system will use to connect to the Virtual Guest.
▪
The Port field contains the port number that the system will use to connect to the Virtual Guest.
▪
Use the Connection Timeout field to set a time limit on the attempts of a Parallels Remote
Application Server connecting to a particular Virtual Guest.
▪
Protocol is the method used for Parallels Remote Application Server to communicate with the
Virtual Guest.
▪
You can set what actions the guest will take if a user disconnects from a session by choosing an
option from the If session disconnects drop down list. You can configure the amount of time that
needs to pass before the selected action is brought into effect.
▪
A session can be terminated after the user disconnects from the session. You can choose the
amount of time that needs to pass before the disconnected session is terminated. The user can
reconnect to a previous session if that session is still available.
Parallels Remote Application Server Training Manual
54
VDI Hosts
RAS Templates
Parallels RAS Templates are used to automate the creation and deployment of guest VMs in Parallels
Remote Application Server. A RAS Template is created as a copy of an existing guest VM but cannot run as
a regular virtual machine. You can customize a RAS Template for use with Parallels Remote Application
Server according to your needs. Once a template is ready, you can use it to create guest VM clones (copies)
that will inherit all of the properties of the template. Guest VMs can then be used to serve applications,
documents, and desktops to your Parallels RAS users.
RAS Templates can be created with the following versions of Windows as a guest OS:
• Windows XP SP3
• Windows Vista
• Windows 7
• Windows 8
• Windows 10
Maintenance Mode
The RAS Template maintenance mode is used to update software inside a RAS Template. For instance, if
you want to install a Windows server pack or a software update, you need to use the maintenance mode.
Depending on whether a RAS Template is configured for full or linked clones, the maintenance mode is
used slightly differently.
Parallels Remote Application Server Training Manual
55
VDI Hosts
Parallels Template Properties
General
Figure 24 - RAS Template Properties
• RAS Template. Specify a name for the template.
• Maximum guest VMs. Specify the maximum number of guest VMs that can be created from this
template. Once the number of existing guest VMs exceeds this number, a VM is deleted to comply
with the limitation.
• Pre-created guest VMs. Specify the number of VMs that will be automatically created in advance.
This is done in order to have some VMs ready right away. If all pre-created VMs are already in use
and another one is needed, it will be created on demand.
• Virtual machine name prefix. Specify a name prefix for guest VMs. A VM ID will be appended to it
to make the final VM name unique.
• Delete unused guest VMs after the following period. Enable this option to automatically delete
VMs that haven't been used for a specified period of time. Use the drop-down list to specify the
time period.
• Clone method. Specify whether virtual machines should be created from this template as full or
linked clones (see the Note and the Full vs. linked clones section below for more info). These
options are only available when you create a new RAS Template; they are disabled when you
modify the configuration of an existing template.
Parallels Remote Application Server Training Manual
56
VDI Hosts
Full vs. linked clones: Guest VMs are created as clones (copies) of a RAS Template. A full clone is a
complete copy of a template. As such, it occupies as much space on the physical hard drive as the
source template and takes a significant time to create. A linked clone is a copy of a template made
from a snapshot that shares virtual disk with the source template, therefore it takes much less
space on the physical hard drive and it takes only a couple of minutes to create. Linked clones have
other advantages, such as simplified disaster recovery, added security, single image management,
to name a few.
Advanced
Figure 25 - RAS Template Advanced Settings
On the Advanced page, specify the following options:
• Folder. Specify the folder where guest VMs created from this RAS Template will be stored. This
option is available if you are using Hyper-V, Hyper-V Failover Cluster, VMware vCenter, Citrix
XenServer, KVM, or Nutanix.
• Native Pool. Specify the native pool to add the VMs to. This option is available if you are using
VMware ESX and VMware vCenter.
Parallels Remote Application Server Training Manual
57
VDI Hosts
Preparation
Figure 26 - RAS Preperation Settings
On the Preparation page, you can select and configure an image preparation tool. First, select
whether you want to use RASprep or Sysprep.
RASprep is the Parallels RAS tool, which prepares Windows in a VM after cloning it from a base
image. RASprep performs the following tasks during the initial startup of each new VM:
• Creates a new computer account in Active Directory for each guest VM.
• Gives the guest VM a new name.
• Joins the guest VM to the Active Directory domain.
Parallels Remote Application Server Training Manual
58
VDI Hosts
Compared to Sysprep, RASprep works much faster because it modifies a lower number of configurable
parameters and requires less reboots. The following table lists the main differences between RASprep and
Sysprep:
OPERATION
RASPREP
SYSPREP
DELETE LOCAL ACCOUNT
No
Yes
GENERATE NEW SIDS
No
Yes
UNJOIN THE PARENT GUEST VM FROM THE
DOMAIN
No
Yes
CHANGE COMPUTER NAME
Yes
Yes
JOIN THE NEW INSTANCE TO THE DOMAIN
Yes
Yes
LANGUAGE, REGIONAL SETTINGS, DATE AND
TIME CUSTOMIZATION
No
Yes
1
2 (seal, mini-setup and
domain joining)
NUMBER OF REBOOTS
After selecting the preparation tool, specify the following options:
• Computer name. A name pattern that should be used to assign a computer name to a VM. For
example, Windows10-RAS-%ID%.
• Owner name. Owner name (optional).
• Organization. Organization name (optional).
• Administrative password. Local Windows administrator password.
• Join domain. Name of a domain for the VM to join.
• Administrator. Domain account.
• Password. Domain account password.
• Target OU. Full DN of an organizational unit. Click the [...] button to browse Active Directory and
select an OU.
Parallels Remote Application Server Training Manual
59
VDI Hosts
License Keys
Figure 27 - Adding a license key
On the License Keys page, specify the license key information that will be used to activate virtual
machines created from this template.
First, select the license key management type that you are using in your organization (KMS or
MAK). Parallels recommend to use KMS because MAK has limited activations.
Key Management Service (KMS): If you are using KMS, click the Finish button to save the
template configuration information. Virtual machines that will be created from this template will
look for KMS in DNS (at the end of the OS mini-setup and domain joining) and will be activated
accordingly.
Multiple Activation Keys (MAK): If you are using MAK, do the following:
1
2
3
Click the Add button and type a valid key in the License key field.
In the Max guest VMs field, specify the maximum number of VMs that can be created
from this template.
Click OK.
Note: Parallels RAS does not keep the old MAK key in guest VMs if it was updated in the Parallels RAS Template
properties.
Parallels Remote Application Server Training Manual
60
VDI Hosts
Parallels RAS Test Template Wizard
Figure 28 - RAS Test Template Wizard
If you selected the Launch Parallels RAS Test Template Wizard on completion option on the last page of
the template configuration wizard, the Parallels RAS Test Template Wizard opens allowing you to test the
health of the RAS Template. The wizard allows you to see upon completion that all post-prep activities
complete correctly. This includes checking DHCP settings, DNS registration, correct VLAN, joining the AD
domain, correct target OU, etc.
Parallels Remote Application Server Training Manual
61
VDI Hosts
How Guest VMs Are Created From a Template
After a RAS Template is created, Parallels RAS begins creating guest VMs from it, one virtual machine at a
time. The number of VMs is determined by the value specified in the Pre-created guest VMs field on the
Properties page.
As soon as a user connects to an existing guest VM, Parallels RAS begins creating a new guest VM from the
template, so the number of pre-created VMs remains unchanged. Please note that creating a new guest
VM from a template takes some time, especially when a template is configured to create full clones (linked
clones are created much faster). If a guest VM is in the middle of being created, and no other VMs are
available, the user will have to wait until the VM is ready.
If a guest VM encounters a problem during the preparation stage (for any reason), it remains on the server
but cannot be used. You can identify such VMs in the Template Guest VMs List dialog by the "Preparation
failed" value in the Status column. Unless a VM like this is repaired or recreated, it will be automatically
removed after the time period specified in the Auto remove guest VMs which failed preparation after
field on the VDI Hosts > RAS Templates tab page.
When a guest VM is no longer in use, and if the number of existing VMs exceeds the "pre-created" value, a
VM is deleted after the time period specified in the Delete unused guest VM after field on the Properties
page. If you didn't select that option, a VM is never deleted, but the total number of VMs will never exceed
the value specified in the Maximum guest VMs field on the Properties page.
Parallels Remote Application Server Training Manual
62
VDI Hosts
Persistent Guests
Figure 29 - VDI Persistent Guests
When a published application from a guest is set as persistent, the first time a user launches the
application the publishing agent will create a persistent guest rule. The publishing agent will always
connect the user to the same guest when the persistent rule is used.
The Persistent Guests can be viewed and managed on this tab. The information that is provided includes
the Guest name, Host IP address, the last time this guest was used, and both the date and time this
persistent guest rule was created as well as the state of the persistent rule.
Click on the headings and you can choose to show or hide any of the column headings.
Parallels Remote Application Server Training Manual
63
VDI Hosts
Figure 30 - VDI Persistent Guests Options
Click on the “Refresh” button to view new additions to the Persistent Guests list. To delete a persistent
guest entry, select and click on “Delete”. To delete all the existing persistent guests in the list click on
“Delete All”.
Choose to automatically remove “persistence” if the guest is not used for the specified amount of time.
The options available are 24 hours, 1 week or 30 days.
Parallels Remote Application Server Training Manual
64
VDI Hosts
Publishing VDI Desktops
Now the Guest can be published by selecting “Desktop” from the top menu.
Figure 31 – Publishing Desktop Step 1
Select Virtual Desktop and click “Next”.
Parallels Remote Application Server Training Manual
65
VDI Hosts
Figure 32 – Publishing Desktop Step 2
Select the type of desktop you would like to publish and click on the “Next” button to continue.
Parallels Remote Application Server Training Manual
66
VDI Hosts
Figure 33 – Publishing Desktop Step 3
Next, you will need to name the Guest to be published. A description may also be added, to explain the
Guest’s purpose.
Parallels Remote Application Server Training Manual
67
VDI Hosts
Figure 34 – Publishing Desktop Step 4
From the “Connect to” menu, select what type of Guest to publish next. “Any Guest” and “Guest” will give
the option to choose what pool to get a Guest from.
Figure 35 – Publishing Desktop Pools selection
Then, choose the Pool to publish the Guest from and select “OK”. Note that all Guests are in the Default
Pool, but other Pools can be created for organizational purposes.
Parallels Remote Application Server Training Manual
68
VDI Hosts
Figure 36 – Publishing Desktop Connection Type
If a Specific Guest is chosen, then a list will be presented from which the Guest specification may be chosen
from.
Figure 37 - Virtual Guest List
Parallels Remote Application Server Training Manual
69
VDI Hosts
Figure 38 - Select Users/ Groups from the Active Directory
Select the type of filtering to be used and click “Finish”.
Parallels Remote Application Server Training Manual
70
Remote PCs
SECTION 6
Remote PCs
In This Chapter:
Remote PC Agents ...................................................................................................... 72
Remote PC Settings ............................................................................................. 72
Remote PCs ......................................................................................................... 75
Prerequisites ................................................................................................. 76
Configuring Remote PC’s ..................................................................................... 76
Properties ............................................................................................................. 76
Agent Settings ...................................................................................................... 77
RDP Printer .......................................................................................................... 78
Parallels Remote Application Server Training Manual
71
Remote PCs
Remote PC Agents
Remote PC Settings
The Remote PC Agent is installed on remote PCs (physical machines) as a service.
Figure 39 - Remote PC Agent Services
The ‘Properties’ tab of the Remote PC Agent allows the Remote PC to be enabled or disabled in the Farm.
A description can be added to provide additional information about the Remote PC.
Figure 40 - Remote PC Properties
Agent Settings contains the port number that the system will use to connect to the Remote PC.
Parallels Remote Application Server Training Manual
72
Remote PCs
You can configure the direct address by checking the “Change Direct Address” box and entering a new
direct address. This address is used in Direct Connection mode only. This can be an internal or external IP
address; depending where the clients will be. If external, the IP address must be assigned by your firewall
to your server.
Figure 41 - Remote PC Agent Settings
Parallels Remote Application Server can wake a PC by sending a packet over the network. This will
continue until the receipt of the packet is acknowledged or until the connection is timed out. In the
Connection Timeout field, choose a time by which the connection automatically times out.
The Publishing Session Timeout field allows you to designate a time before the publishing session times
out, thereby conserving system resources.
Enabling the “Allow Client URL/Mail Redirection” function, allows http and mailto links to be opened using
local applications instead of using RD Session Host resources.
Parallels Remote Application Server Training Manual
73
Remote PCs
Figure 42 - Remote PC RDP Printer Settings
RDP Printer settings are used to change the name format of RDP printers in all legacy Windows Server
versions before 2008 and MS Easy Print.
Parallels Remote Application Server Training Manual
74
Remote PCs
Remote PCs
The Parallels Remote Application Server install package has a Remote PC Agent which can be deployed in
case of several needs arising, to meet different end-user requirements. The Parallels Remote Client can be
installed on any supported version of Microsoft Windows, and allows for applications and desktops to be
published from these workstations.
The Remote PC Agent works in a similar way to the Parallels Terminal Server Agent, but it’s designed for a
standalone PC installation. It uses the RDP protocol to publish desktops and applications from that PC
much in the same way desktops and applications can be published using the Terminal Server agent.
Parallels Client
Parallels Remote
Application Server Farm
Published Applications
Figure 43 - Remote PC Graphical Explanation
The Remote PC Agent is made available for a variety of different scenarios which may require the
publishing of a resource from a standalone network computer rather than a RD Session Host or a VDI host.
The reasons for such scenarios may include:
▪
Insufficient licensing for a RD Session Host environment – some applications require a special
license when installed on RD Session Hosts making it impossible to publish a particular application
from a RD Session Host.
▪
The inability to install on the server – Some applications may have a strict installation requirement
for legacy versions of Windows or may not be installable alongside certain Windows Server
services.
▪
Legacy OS Support – Some application may not work on newer versions of Windows and may only
be compatible on older versions of Windows.
Microsoft Windows ships with the ability to remotely connect to the machine using RDP with an
administrator account. However, this is a 1 user license, only using the administrator account.
Parallels Remote Application Server Training Manual
75
Remote PCs
Prerequisites
The Remote PC client generally supports all versions of Windows for Windows XP, 7, 8 and 10. The RDP
service should be enabled and ready to accept incoming RDP connections.
Configuring Remote PC’s
The Remote PC agent has more or less the same publishing functionalities and features as other Parallels
resource agents. For example, the Parallels Universal Printing function can be used and drive redirection is
supported.
The settings for the Remote PC agents are editable from the Parallels Remote Application Server console
and any changes will be pushed out to a Remote PC Agent automatically after applying. Click “Properties”
to review the settings, which can be changed for a Remote PC agent.
Properties
Enable Remote PC - Make sure that “Enable Remote PC” box is checked so the new Remote PC is enabled
in your Farm. In the “Remote PC”, field then you can enter or edit the name of the selected Remote PC.
MAC Address - Enter the MAC Address of the PC you would like to add. Use the “Get MAC” button, if you
are adding your local machine to easily get the MAC Address. The MAC Address is a unique identifier
relating to the workstation’s network card or communication hardware used to identify specific machines
on a network.
Protocol - The “Protocol” field determines the protocol used by the Remote PC. Only RDP can be used on
Remote PC, however other Parallels Resource Agents may allow for ICA remote protocols, for example.
Description – An area where a summary for this entry can be entered.
Parallels Remote Application Server Training Manual
76
Remote PCs
Agent Settings
Figure 44 - PC Agent Settings
This tab contains the network and communication related settings that are applied to the Remote PC
Client.
Port - The “Port” field contains the port number that the system will use to connect to the Remote PC.
Change Direct Address – You can configure the direct address by checking the “Change Direct Address” box
and entering a new direct address. This address is used in Direct Connection mode only. This can be an
internal or external IP address; depending on where the clients will be.
If external, the IP address must be assigned by your firewall to your servers.
Connection Timeout – Timeout when a remote connection which is not responding will be ended by the
Remote PC agent.
Parallels Remote Application Server Training Manual
77
Remote PCs
RDP Printer
Figure 45 - PC Agent RDP Printer Settings
The RDP Printer tab gives you the option of selecting the format of redirected printers. The format may
vary depending of which version and language of the server you are using.
Set your RDP Printer Name Format by choosing from the following three options:
▪
Printername (from Computername) in Session no.
▪
Session no. (computername from) Printername
▪
Printername (redirected Session no)
Parallels Remote Application Server Training Manual
78
Gateways
SECTION 7
Gateways
In This Chapter:
Parallels Secure Client Gateways ................................................................................ 80
Configuring SSL Certificate Details ....................................................................... 87
Generated Certificate Request ............................................................................. 87
Enabling HTML 5 Support .................................................................................... 87
Allow Modification of Parallels and RDP Connections .......................................... 88
Wyse .................................................................................................................... 89
Advanced ............................................................................................................. 90
Security ................................................................................................................ 91
Web Requests ...................................................................................................... 92
Tunneling Policies ................................................................................................ 93
Configuring Multiple Gateways and Forwarding Gateways .......................................... 94
Multiple Gateways ................................................................................................ 94
Forwarding Gateways ........................................................................................... 95
3rd Party SSL Certificates............................................................................................ 96
Using Apache Certificates .................................................................................... 96
Converting IIS Certificates .................................................................................... 97
Enable SSL with “cert.pem” .................................................................................. 98
Parallels Client Side ............................................................................................. 98
Parallels Remote Application Server Training Manual
79
Gateways
Parallels Secure Client Gateways
The first gateway will be installed in a Farm using the default installation. If a custom install was used and
the gateway agent was not installed on the same server as the Publishing Agent, it can be “pushed” to the
server using the ‘Install’ button located in the Gateways section of the Farm.
Make sure that the Parallels Secure Client Gateway has access to port 20002, otherwise it will not be able
to retrieve the published applications list and load balance the application requests.
http://www.parallels.com/eu/products/ras/support/
Figure 46 – Gateway Settings
To configure the gateway, choose Gateway from the Farm and then select ‘Properties’.
Parallels Remote Application Server Training Manual
80
Gateways
Figure 47 - Gateway Properties
Select ‘Properties’ from the Task dropdown dialog box to configure the Network, SSL/TLS, HTML 5, Wyse,
and Advanced and Security settings. A gateway can be disabled from the properties tab and a description
can also be added.
Parallels Remote Application Server Training Manual
81
Gateways
Figure 48 - Gateway IP Address Settings
The IP Address tab contains a dropdown list of the IP versions that are supported by the Parallels Gateway.
Parallels RAS also supports IPv6 on the system. If this is selected, the product will still need IPv4 in order to
work, as IPv6 is introduced at the Secure Proxy Gateway and Connectivity Level. This means that IPv6 is for
end user usage in order for tunnelling policies to work properly. To ensure that this works correctly, you
must make sure that the IP Bindings to your physical gateway are set to all available addresses.
Parallels Remote Application Server Training Manual
82
Gateways
Figure 49 - Gateway Network Settings
The Network tab contains the port settings that Parallels Clients connect to the Gateway on.
The default port for the Secure Client Gateway is port 80. The RDP Port setting is used for Load Balanced
RDP connections. This can be changed to another available port number, but for this change to take effect,
it must be changed in the Parallels Client settings as well. Changing this port will cause users to append the
port number to their connection string in RDC if this port number is changed.
Parallels Remote Application Server Training Manual
83
Gateways
Figure 50 - Gateway SSL/TLS Settings
The SSL/TLS tab is used to configure settings for secure client connections and to enable the HTML5
Gateway. The default port for SSL connections is 443, but this can be changed to another available port. If
it is changed to another port, it will need to be changed in the Parallels Client as well.
Navigate to the SSL/TLS tab in the gateway properties. The Enable SSL on Port option is enabled by
default. Next, configure a port number (default is 443).
(Optional) Select the SSL version accepted by the Parallels Secure Client Gateway from the Accepted SSL
Versions dropdown listed below (Default is TLS v1 - TLS v1.2):
▪
TLS v1.2 Only (Strong)
▪
TLS v1.1 -TLS v1.2 (Recommended)
▪
TLS v1 - TLS v1.2
▪
SSL v3 - TLS v1.2
▪
SSL v2 - TLS v1.2 (Weak)
TLS v1.1 – TLS 1.2 is recommended since other SSL Versions may be vulnerable.
Parallels Remote Application Server Training Manual
84
Gateways
Figure 51 – Generate a new SSL Certificate
A self-signed or a 3rd party certificate must be installed to use SSL. Select “Generate new certificate” to
create a self-signed certificate. After the encryption, key size and information fields are completed, select
“Save” and the certificate will be enabled.
Parallels Remote Application Server Training Manual
85
Gateways
Figure 52 - Generate SSL Certificate
To use a certificate from a trusted authority and to enable SSL on a Parallels Secure Client Gateway,
navigate to the SSL/TLS tab in the gateway properties. Click on Generate certificate request, fill in all the
required details and click ‘Save’.
Parallels Remote Application Server Training Manual
86
Gateways
Configuring SSL Certificate Details
Figure 53 - SSL Certificate Request
Once ready, a window will pop up with the certificate request, as show in Figure 57. Click ‘Copy’ to copy
the request, which you should then send to the certificate authority.
Generated Certificate Request
Once you receive the SSL certificate from the certificate authority, click on Import public key, browse for
the certificate file containing the public key and click “Open”.
Click ‘OK’ to save the settings.
Enabling HTML5 Support
HTML5 gateway allows connections to published items from HTML5 browsers. SSL must be enabled to
utilize the HTML5 gateway. Parallels Remote Application Server will listen for HTML5 gateway connections
on Port 20020.
To connect to the HTML5 gateway, use the following URL:
https://FQDN/RASHTML5Gateway/
Parallels Remote Application Server Training Manual
87
Gateways
Allow Modification of Parallels and RDP Connections
Figure 54 - Gateway HTML5 Settings
Select the “Enable HTML5 Connectivity” option to allow users to create new connections to other gateways
or modify existing ones, as shown in Figure 58.
Once a self-signed certificate has been created, HTML5 is automatically enabled. This is done to make the
product more streamlined and run faster.
The Launch sessions using section enables administrators to select how they would like their users to use
the Parallels HTML5 Client. There are 3 options:
1. Launch apps in Browser only (HTML5 Only) – this enables users to only use the published
applications using only the HTML5 tehcnology.
2. Launch apps with Parallels Client – although the users would be accesing the published
applications through the HTML5 Client, they would still need to download the Parallels Client to
access their applications. This is normally used for a more enhanced experience.
3. Launch apps with Parallels Client & Fallback to HTML5 – this option primarily tries to use the
Parallels Client to access the published applications, although if the user would not like to use the
Parallels Client, the HTML5 Client would automatically fallback to use the HTML5 technology to
access the published application or desktop.
Parallels Remote Application Server Training Manual
88
Gateways
Finally, the “Allow user to select a launch method” option gives the user the fleixbilty of choosing wheter
they would like to open the pubslihed application or desktop using either the Parallels Client or the HTML5
Client.
Wyse
Figure 55 - Gateway Wyse Settings
The Wyse tab allows Wyse ThinOS support from Parallels Remote Application Server by checking the
“Enable Wyse ThinOS Support” checkbox. The Parallels Secure Client Gateway will then act as a Wyse
broker.
Parallels Remote Application Server Training Manual
89
Gateways
Advanced
Figure 56 - Gateway Advanced Settings
The Advanced tab contains the settings for the HTTP Server port that is used with the Parallels Gateway.
The Publishing Agent host name and port number are also located in the Advanced properties. Port 20002
is used to connect the Publishing Agent and Gateway. A Parallels Secure Client Gateway can also be set up
to forward to another Parallels Secure Client Gateway by selecting “Forward requests to next Parallels
Secure Client Gateway in chain”. This is typically used when placing a Gateway in a DMZ.
Parallels Remote Application Server Training Manual
90
Gateways
Security
Figure 57 - Gateway Security Settings
The Security tab contains settings to exclude specific Parallels Clients from connecting to the gateway.
There is also the option to “Allow only specific Parallels Clients to connect to the gateway”. To use this
feature, the Parallels Client must be installed on the device.
Select Add for either “Allow all except” or the “Allow only” options, to choose which clients to add to the
particular list.
Parallels Remote Application Server Training Manual
91
Gateways
Web Requests
Figure 58- Gateway Web Requests Settings
The Web Requests tab page allows you to specify a URL which will open when a user enters the IP address
of the RAS Secure Client Gateway server in a web browser.
Note: The Web Requests tab is only available if the gateway mode is set to normal.
Parallels Remote Application Server Training Manual
92
Gateways
Tunneling Policies
Tunneling Policies are better known as the Load Balancing Rule. With tunneling policies, you are able to
create an interface that allows you to load balance specific servers or server groups to another dedicated
IP address. By default, Parallels Remote Application Server will load balance all servers that are joined to
the server farm.
Figure 59 - Tunneling Policies Tab
Change the tab to Tunneling Policies at the top of the Gateway section to access the Tunneling Policies tab.
Parallels Remote Application Server Training Manual
93
Gateways
Configuring Multiple Gateways and Forwarding
Gateways
Multiple Gateways
If more than 300-500 concurrent users connect to a Parallels Secure Client Gateway in gateway mode,
latency may be experienced due to excessive connections. In this case, a network load balancer, HALB and
second gateway can be used to improve performance. Multiple Parallels Gateways ensure that client
connections are maintained at optimal performance, while also provide redundancy to help ensure system
uptime in the event of a failure.
Publishing Server
Secure Client Gateway
SSL Enabled Gateway 2
LAN
Publishing Server
Secure Client Gateway
SSL Enabled Gateway 1
HALB
Firewall
WAN
Figure 60 - Multiple Gateways
In Figure 64, both Parallels Gateways are configured to forward requests to the same Parallels Publishing
Agent.
Parallels Remote Application Server Training Manual
94
Gateways
Forwarding Gateways
Parallels Secure Client Gateway can forward requests to the next Parallels Secure Client Gateway in the
chain (Cascading Firewall), by selecting this option in the Advanced Tab of the Gateway properties.
In the image below with this option enabled, the Parallels Secure Client Gateway (GATEWAY 1) will forward
connection requests (on port: 80 by default) to the next Parallels Secure Client Gateway (GATEWAY 2)
configured in the “Forwarding Parallels Secure Client Gateway(s) list”.
Forwarding gateways are useful in separating WAN connections from LAN connections, which makes it
possible to disconnect WAN segments in the event of an issue without having to disrupt LAN connections.
Publishing Server
Secure Client Gateway
SSL Enabled Gateway 2
LAN
Publishing Server
Secure Client Gateway
SSL Enabled Gateway 1
HALB
Firewall
WAN
Figure 61 - Forwarding Gateways
Parallels Remote Application Server Training Manual
95
Gateways
3rd Party SSL Certificates
3rd Party Certificates used with Parallels Secure Client Gateway can be installed with two different methods
depending on the type of certificate purchased.
▪
Using Apache Certificates
▪
Converting IIS Certificates
Using Apache Certificates
1. Go to the Parallels console > Farm > Gateway > Properties> SSL/TLS tab.
2. Choose your SSL settings choices SSL v3, etc.
3. Choose CSR.
4. Fill in the data.
5. Copy and paste the CSR into notepad and save the file for your records.
6. Paste the CSR into the Vendors Website page or email it to the vendor.
7. Request a return Certificate in the following format: Apache, all in one single file (which has the
private, public and intermediate CA all in one file), with the pem extension.
8. When you receive this file, place it in a secure folder for back up retrieval.
9. Click the Import Public Key button, and browse to this folder or a secondary location where you
have a copy of the single all in one cert and insert this pem file into the Certificate key field.
10. Click apply and test.
Note: The private key should already be populated from your initial CRS request.
Parallels Remote Application Server Training Manual
96
Gateways
Converting IIS Certificates
If the same certificate is used for IIS and the Parallels RAS Web Portal, then the IIS conversion method
should be used. With an IIS certificate, install it in IIS, export a copy of the certificate in pfx format then
convert it to PEM file and place the single key generated in the Private Key and Public Key Field.
One important note, the trusted.pem file on the Parallels client side, must have the intermediate
Certificate in its contents to be able to verify the cert from the third party vendor. If the intermediate
certificate for the vendor is not in the trusted.pem file, you will have to paste it in manually or create a
trusted.pem template file with the proper Intermediate Certificates in its contents, and then replace the
old trusted.pem file with this newly updated one. This file resides in program files\Parallels or program
files(x86)\ Parallels on the client side.
In order to use this certificate onto the Parallels Client Gateway, we should convert the PFX file to the
unencrypted PEM format.
Use the open-source utility OpenSSL to perform the conversion from PFX to PEM. You can download a
Win32 distribution through the following way:
OpenSSL here: http://gnuwin32.sourceforge.net/packages/openssl.htm
To convert a PFX file to a PEM file, follow these steps on a Windows machine:
1. Download and install the Win32 OpenSSL package from:
http://gnuwin32.sourceforge.net/packages/openssl.htm
2. Create a folder c:\certs and copy the file cert.pfx into the c:\certs folder
3. Open a command prompt and change into the GnuWin32\bin directory: cd
%ProgramFiles%\GnuWin32\bin
4. Type the following command to convert the PFX file to an unencrypted PEM file: Openssl pkcs –in
c:\certs\cert.pfx –out c:\certs\cert.pem –nodes
5. When prompted for the import password, enter the password you used when exporting the
certificate to a PFX file. You should receive a message that says MAC verified OK.
Parallels Remote Application Server Training Manual
97
Gateways
Enable SSL with “cert.pem”
On the Parallels Client Gateway page enable secure sockets layer (SSL) and click “…” to browse for the pem
file.
Click Apply to apply the new settings. Your browser may not support display of this image.
Parallels Clients do not trust the Issuer Certificate Authority (Optional)
This step is needed as Parallels Clients do not trust the Issuer Certificate Authority as they are not aware of
it. Therefore, we would need to extract the certificate out of the Certificate Authority and assign it to the
Parallels Remote Application Server Clients.
1
Using the certificate snap-in find the certificate of the issuer* from the certificates console.
2
*Issuer certificate is the certificate of the Certificate Authority that issued the certificate.
3
Right click on the issuer certificate, All tasks > Export.
4
Choose “No” do not export the private key; as we only need the certificate.
5
Then as a format we should choose Base-64 encoded X.509 (.CER).
6
Specify the file name that you want to export and save the certificate as
7
Click “Finish”.
8 Open the exported certificate with an editor such as notepad or WordPad and copy the contents to
the clipboard.
Parallels Client Side
1. On the client’s side, under “C:\Program Files\Parallels\Remote Application Server Client\” there
should be a file called trusted.pem. This file contains the certificates of the common trusted
authorities.
2. Paste the content of the exported certificate (attached to the list of the other certificates)
This will add the certificate of the issuer with the list of trusted authorities on the client side and one would
be able to connect over SSL with a certificate issued from an organization’s Certificate Authority.
Parallels Remote Application Server Training Manual
98
Publishing Agents
SECTION 8
Publishing Agents
In This Chapter:
Publishing Agents ...................................................................................................... 100
Secondary Publishing Agents .................................................................................... 101
Parallels Remote Application Server Training Manual
99
Publishing Agents
Publishing Agents
RAS Publishing Agent provides load balancing of published applications and desktops. A RAS Publishing
Agent is automatically installed on a server on which you install Parallels Remote Application Server and is
designated as the master Publishing Agent. Each site must have a master RAS Publishing Agent, but can
have secondary agents added to it. The purpose of secondary agents is to ensure that users do not
experience any interruption of the service due to a possible failure of the master RAS Publishing Agent.
This chapter describes how to add RAS Publishing Agents to a site and how to configure them.
Parallels Remote Application Server Training Manual
100
Publishing Agents
Secondary Publishing Agents
To ensure users do not experience an interruption of the service due to a failure of the master RAS
Publishing Agent, one or more secondary Publishing Agents can be added to a site. With one or more
secondary agents installed, the runtime data is replicated on each agent, so if any service fails, the
downtime is reduced to a minimum. In addition, any active RAS Publishing Agent will be used for
authentication purposes with both the AD and any 2nd level authentication provider used.
The master RAS Publishing Agent performs the same tasks as secondary Publishing Agents but has
additional responsibilities. It manages certain processes that have to be managed by a single Publishing
Agent. The following table lists processes managed by the master Publishing Agent and secondary
Publishing Agents.
Master Publishing Agent
Secondary Publishing
Agents
Monitor PAs (counters)
Yes
Yes
Monitor RD Session Hosts (counters)
Yes
Yes
Monitor VDI Hosts (counters)
Yes
Yes
Monitor TS Sessions (reconnection)
Yes
Yes
Monitor Deployed TS applications
Yes
Yes
Monitor VDI session (reconnections)
Yes
Yes
Manage system settings
Yes
No
Send licensing information & heart beat
Yes
No
Process and send CEP information
Yes
No
Send information to reporting server
Yes
No
Manage TS scheduler
Yes
No
Reporting engine information
Yes
Future versions
Shadowing
Yes
Future versions
Send email notifications
Yes
No
Process
Parallels Remote Application Server Training Manual
101
Publishing Agents
As a demonstration of how load distribution between multiple Publishing Agents works, consider the
following example:
•
Suppose we have two Publishing Agents: PA1 (master) and PA2 (secondary).
• Suppose we also have 10 RD Session Hosts: TS1, TS2 ... TS10.
The resulting load will be distributed as follows:
• TS1, TS2 ... TS4 will use PA1 as their preferred Publishing Agent.
• TS5, TS6 ... TS10 will use PA2 as their preferred Publishing Agent.
Parallels Remote Application Server Training Manual
102
High Availability Load Balancer HALB
SECTION 9
High Availability Load Balancer HALB
In This Chapter:
HALB - High Availability Load Balancer ..................................................................... 104
HALB Appliance Installation and Configuration .......................................................... 105
Adding an HALB Appliance from Parallels RAS ......................................................... 107
Parallels Remote Application Server Training Manual
103
High Availability Load Balancer HALB
HALB - High Availability Load Balancer
Before you can configure the HALB from the Parallels RAS console, you first have to import an appliance
with either of the following Hypervisor platforms; Virtual Box or VMware. An appliance is a pre-configured
virtual machine (including the operating system and other relevant settings).
For Virtual Box or VMware, this appliance should be imported with either the OVA or a zipped VMDK
appliance file obtained from the Parallels Website.
If deployed via the OVA file, the VM is applied with machine specifications already configured.
Alternatively, deployment via the VMDK file deploys the VM without pre-configured specifications. The
minimum specifications for this VM are outlined below:
▪
4vCPU
▪
4 GB RAM (otherwise SSL offload)
▪
1 Network Card
For Microsoft Hyper-V this appliance should be imported with the VDH file obtained from the Parallels
Website.
Once confirmed, proceed with the 2 stage setup process: HALB appliance installation and configuration
and adding an HALB appliance from Parallels RAS.
Parallels Remote Application Server Training Manual
104
High Availability Load Balancer HALB
HALB Appliance Installation and Configuration
The HALB appliance should be imported on a Hypervisor running on a machine within the same local
network as Parallels RAS. Import the HALB appliance on a supported Hypervisor according to the
procedure described below.
Download the required HALB package i.e. either the OVA, VMDK or VDH file from the Parallels Website.
You will need to unzip the VMDK file, if required. Then simply import either the VMDK, OVA or VDH file
from the virtualization platform’s management console. When this is done, boot up the new appliance.
Figure 62 - HALB Static IP Configuration Console
If necessary, adjust the network settings and click ‘Apply’ to continue.
Parallels Remote Application Server Training Manual
105
High Availability Load Balancer HALB
Figure 63 - HALB Information Configuration Console
The Configuration Console is displayed and the HALB appliance is ready to be added to a Parallels RAS
farm.
Parallels Remote Application Server Training Manual
106
High Availability Load Balancer HALB
Adding an HALB Appliance from Parallels RAS
After the Parallels HALB appliance installation, the appliance has to be configured from a Parallels Remote
Application Server (RAS) farm.
Configure the Parallels HALB appliance according to the procedure below:
1. Log in to the Parallels RAS Console.
Figure 64 - Farm HALB Interface
2. Go to Farm > HALB.
3. Enable HALB check box.
4. Enter the Virtual IP (shared IP) in the first field. This is the IP address that the clients will connect
to. This will also be the floating IP used by the HALB appliances.
5. Enter the appropriate network mask.
6. For load balancing normal gateway connections, enable the “LB Gateway Payload” check box and
click “Configure”.
Parallels Remote Application Server Training Manual
107
High Availability Load Balancer HALB
Figure 65 - HALB Gateways Payload Settings
7. From the HALB Configuration window, select the gateways that the Parallels RAS will load balance
on using the HALB appliances and click ‘Ok’.
8. Next, for load balancing SSL connections, enable “LB SSL Payload” check box and click “Configure”.
Parallels Remote Application Server Training Manual
108
High Availability Load Balancer HALB
Figure 66 - HALB Gateways SSL Payload Settings
9. The mode selected in the “Mode” dropdown box, specifies where the SSL decryption process is
performed. By default, the SSL connections are tunneled directly to the gateways (referred to as
pass-through) where the SSL decryption process is performed.
10. To set the SSL decryption process to be performed on the HALB appliance, select “SSL Offloading”
Mode and click “Configure”. This mode requires an SSL certificate installed on configured HALB
appliances.
Parallels Remote Application Server Training Manual
109
High Availability Load Balancer HALB
Figure 67 - HALB SSL Settings
From the window illustrated in Figure 71, you may upload an SSL certificate to the HALB appliance for
SSL offloading. This can be either a self-signed certificate or a certificate obtained from a registered
Certificate Authority.
▪
(Optional) Tick the option “Allow only strong ciphers” to only allow the usage of certificates using
strong encryption algorithms.
▪
Select the “Accepted SSL Version” from the options available in the drop down.
▪
Click on Generate new certificate and enter the required details.
Alternatively, set up a certificate from a trusted authority according to the instructions below.
▪
Click on “Generate certificate request”.
Parallels Remote Application Server Training Manual
110
High Availability Load Balancer HALB
Figure 68 - HALB Generate SSL Certificate
▪
Fill in the details and click “Save” to bring up the certificate request window.
Figure 69 - HALB Generate Certificate Request
▪
Click “Copy” to copy the request. This certificate request should be sent to a certificate authority.
▪
Once you receive the SSL certificate from the certificate authority, click on the “Import public key”
button, browse for the certificate file containing the public key and click Open.
▪
Click “Ok” to save the settings.
Parallels Remote Application Server Training Manual
111
High Availability Load Balancer HALB
Figure 70 - HALB Devices Interface
Upon completion, proceed to add all the HALB appliances that will be managed by this farm. Click the plus
icon shown in Figure 74 to bring up the “Add HALB Devices” window.
Figure 71 - HALB Devices
Parallels RAS will detect Parallels HALB appliances over the network and display them here, as a list.
Selecting detected HALB appliances from this list is the preferred method for adding new appliances. If, for
some reason, the appliance cannot be detected, you can also add the appliance manually by specifying the
appliance IP in the “IP Address” field. Click “OK” to apply the configuration.
After the “OK” button is pressed, the appliance is initialized and added to the list.
Parallels Remote Application Server Training Manual
112
High Availability Load Balancer HALB
Figure 72 - HALB Configured
Finally, click “Apply” for the configuration to be applied to all added HALB appliances.
Parallels Remote Application Server Training Manual
113
Farm Settings
SECTION 10
Farm Settings
In This Chapter:
Auditing ..................................................................................................................... 115
Global Logging .......................................................................................................... 116
Redirection ................................................................................................................ 117
Client Settings ........................................................................................................... 118
Parallels Remote Application Server Training Manual
114
Farm Settings
Auditing
Figure 73 - Farm Settings Auditing
The “Settings” in the Farm allows the Auditing, Global Logging, URL Redirection and Client Settings to be
configured.
Auditing can be enabled to capture Date & Time, user@domain, Action, Application ID, Application, Server
Name, Session ID and PID information.
Parallels Remote Application Server Training Manual
115
Farm Settings
Global Logging
Figure 74 - Farm Setting Global Logging
Global Logging can be enabled to track various data communications between servers. It creates a .zip file
to a location set by the administrator.
Parallels Remote Application Server Training Manual
116
Farm Settings
Redirection
Figure 75 - Farm Settings URL Redirection
URL Redirection creates an exception to URL Redirection and will open the URL using the RD Session Host
browser.
Parallels Remote Application Server Training Manual
117
Farm Settings
Client Settings
Figure 76 - Farm Settings - Client Settings
Using the Client Settings tab under the Farm Settings section you can specify which resolution should be
used when the resources are displayed as icons whitin the Parallels Client.
Parallels Remote Application Server Training Manual
118
Load Balancing
SECTION 11
Load Balancing
In This Chapter:
Load Balancing .......................................................................................................... 120
Resource Based ........................................................................................................ 121
Coutners ............................................................................................................. 121
Round Robin Load Balancing .................................................................................... 121
Session Options ........................................................................................................ 122
Advanced Settings ..................................................................................................... 123
Parallels Remote Application Server Training Manual
119
Load Balancing
Load Balancing
Figure 77 - Load Balancing
Load Balancer is designed to balance RDS and VDI host connections made from Parallels Clients. Resource
Based and Round Robin load balancing methods are both available out of the box. Both methods are
explained in the following subsections. Load Balancing options can be configured from the Load Balancing
category in the RAS Console.
Parallels Remote Application Server Training Manual
120
Load Balancing
Resource Based
Distributes sessions to servers depending on how busy the servers are. Therefore, a new incoming session
is always redirected to the least busy server.
Coutners
Resource-based load balancing uses the following counters to determine if a server is busier than the
other/s and vice versa:
• User sessions. Redirect users to a server with the least number of sessions
• Memory. Redirect users to the server with the best free/used RAM ratio
• CPU. Redirect users to the server with the best free/used CPU time ratio
When all of the counters are enabled, the RAS Load Balancer adds the counter ratios together and
redirects the session to the server with the most favorable combined ratio.
Round Robin Load Balancing
Round-robin load balancing redirects sessions in sequential order. For example, with two RDS servers in
the farm, the first session is redirected to server 1, the second session is redirected to server 2, and the
third session is redirected to server 1 again.
Parallels Remote Application Server Training Manual
121
Load Balancing
Session Options
• Reconnect to Disconnected Sessions. Enable this option to redirect incoming user sessions to a
previously disconnected session owned by the same user.
• Reconnect sessions using client’s IP address only. When reconnecting to a disconnected session,
the Parallels Remote Application Server will match the username requesting reconnection with the
username of the disconnected session to match the sessions. With this option enabled, Parallels
Remote Application Server will determine to which disconnected session to reconnect the session
by matching the source IP address.
• Limit user to one session per desktop. Enable this option to ensure that the same user does not
open multiple sessions. Please note that for this option to work, your RD Session Hosts must also be
configured to restrict each user to a single session. In Windows Server 2008, you need to enable
the "Restrict each user to a single session" option in Remote Desktop Session Host Configuration. In
Windows Server 2012(R2), it's the "Restrict Remote Desktop Services users to a single Remote
Desktop Services session" option in Local Group Policy \ Remote Desktop Services \ Remote
Desktop Session Host \ Connections.
• Disable Microsoft RD Connection Broker. If this option is enabled, the Microsoft RD Connection
Broker will not interfere with the RAS brokering done by the RAS Publishing Agent if it is installed.
Please note that this option will only work with Windows Server 2012 and above.
Parallels Remote Application Server Training Manual
122
Load Balancing
Advanced Settings
Figure 78 - Load Balance Advanced Settings
The Advanced Load Balancer Settings can be used to test connections from the Publishing Agent to the RDS
server, and thus to prevent connections being sent to it in the eventuality of it not responding. These
times may be adjusted for latency on the network.
Figure 79 - Load Balance Processes
A process can be excluded so it isn’t counted against the total CPU % being utilized.
Parallels Remote Application Server Training Manual
123
Publishing
SECTION 12
Publishing
In This Chapter:
Applications Publishing .............................................................................................. 125
Folders and Application Grouping .............................................................................. 136
Desktop Publishing .................................................................................................... 138
Predefined Application Publishing .............................................................................. 143
Document Publishing ................................................................................................. 145
Web Application Publishing ....................................................................................... 150
Folder on the file system publishing ........................................................................... 156
Publishing Containerized Applications ....................................................................... 162
Managing Published Items......................................................................................... 163
Parallels Remote Application Server Training Manual
124
Publishing
Applications Publishing
Publishing from Parallels Remote Application Server is one of the fundamental uses of the system. Parallels
Remote Application Server can publish the following:
▪
Applications
▪
Folders
▪
Desktops
▪
Predefined Applications
▪
Documents
▪
Web Applications
▪
Folders on the file system
To publish applications, select the “Publishing” icon from the systems menu. This will show what
applications have already been published. If the application has yet to be published, select the
“Application” icon from the console’s top menu.
Parallels Remote Application Server Training Manual
125
Publishing
Figure 80 - Publishing an Application Step 1
The first step is to choose what you would like to publish, as shown in Figure 84.
Parallels Remote Application Server Training Manual
126
Publishing
Figure 81 - Publishing an Application Step 2
After you have selected what you would like to publish, you will be asked to select from where you would
like to publish the application from. Applications can be published from RD Session Hosts, Virtual Guest
and Remote PCs.
Parallels Remote Application Server Training Manual
127
Publishing
Figure 82 - Publishing an Application Step 3
Next, choose the type of application to be published.
Parallels Remote Application Server Training Manual
128
Publishing
Figure 83 - Publishing an Application Step 4
When Single Application is chosen first, the Server(s) must be selected to publish the application. If the ‘All
Servers in Farm’ option is chosen, then the application must be installed on all the servers in the Farm. A
Server Group or Individual servers can be selected.
Parallels Remote Application Server Training Manual
129
Publishing
Figure 84 - Application Selection
Once a server (or servers) has been selected, choose the Target folder and executable file of the
application to be published by selecting them with your cursor, then clicking ‘Open’.
Parallels Remote Application Server Training Manual
130
Publishing
Figure 85 - Adding users to filtering
Next the application can be filtered to determine which users can access the application. There are several
methods for filtering which are:
▪
User
▪
Client
▪
IP Address
▪
MAC
Figure 86 - Users added to the filtered application
Parallels Remote Application Server Training Manual
131
Publishing
User filtering allows for the filtering of users by either Workgroup or LDAP (Active Directory).
Figure 87 - Filtering by Client
Client filtering allows for filtering by computer hostname.
Figure 88 - Filtering by IP Address
IP Address filtering allows for filtering by a computer IP Address.
Parallels Remote Application Server Training Manual
132
Publishing
Figure 89 - Filtering by MAC Address
MAC filtering allows for filtering by a computer MAC Address.
NOTE: Without filtering the app is available for all users, IPs, etc.
Parallels Remote Application Server Training Manual
133
Publishing
Figure 90 - Application filtering configured
Click “Apply” after the filtering selection is completed.
Figure 91 - Published Applications
Figure 92 - Published Applications shown on the client machine
Published applications will appear in the Published Resources tab, and in the Parallels Client after clicking
the “Apply” button.
Parallels Remote Application Server Training Manual
134
Publishing
Figure 93 - Published Applications details
The configuration for published applications can be changed by selecting the Published Resource option.
Then select the tab that corresponds with the change that needs to be made.
Parallels Remote Application Server Training Manual
135
Publishing
Folders and Application Grouping
Figure 94 - Adding a folder installation wizard
A folder can be created to place documents or applications in, to organize them. First, select the “Folder”
icon from the console’s top menu.
Then, enter a folder name and description (optional). The icon for the folder can be changed from the
default one, which is shown in the in the picture above.
Parallels Remote Application Server Training Manual
136
Publishing
Next a filter can be applied to control access to the folder.
Figure 95 - Published folder filtering options
Published Folders will appear in Published resources and in the Parallels Client after clicking the “Apply”
button.
Figure 96 - Published folder
Figure 97 - Published folder as shown on the client machine
Parallels Remote Application Server Training Manual
137
Publishing
Desktop Publishing
Parallels Remote Application Server can publish full RD Session Host, Virtual and Remote PC desktops. To
publish a desktop, select the “Desktop” icon from the console top menu. Then select the type of desktop to
be published.
Figure 98 - Desktop Publishing Installation
The RD Session Host, Virtual or Remote PC Desktop must be selected from the server, guest or PC from
which they will be published from.
Parallels Remote Application Server Training Manual
138
Publishing
Figure 99 - RDS Desktop
Figure 100 - Virtual Desktop
Parallels Remote Application Server Training Manual
139
Publishing
Figure 101 - Remote Desktop
Parallels Remote Application Server Training Manual
140
Publishing
Figure 102 – Published Desktop Filtering
Filtering can be accessed by selecting the published application and then selecting the Filtering tab from
the top. To add a user, click on the “+” icon on the top left hand side and choose the user, as shown in
Figure 106.
Parallels Remote Application Server Training Manual
141
Publishing
Figure 103 - Published Desktop
Figure 104 - Published Desktop as shown from the client’s machine
Published desktops will appear in the Published Resources list and in the Parallels Client after clicking the
“Apply” button.
Parallels Remote Application Server Training Manual
142
Publishing
Predefined Application Publishing
Predefined applications can be published by selecting the “Predefined Application” icon from the console’s
top menu. After this, select the application or applications to be published, and click “Ok”.
Figure 105 - Applications on the system that can be published
Published items will appear in the Published resources tab, and in the Parallels Client after clicking the
“Apply” button.
Parallels Remote Application Server Training Manual
143
Publishing
Figure 106 - Published Applications as shown on the client's machine
Figure 107 – Published applications
Parallels Remote Application Server Training Manual
144
Publishing
Document Publishing
Figure 108 - Selecting the type of server to publish from
To publish a document, select the “Document” icon from the console’s top menu. Then, select the location
from which the document should be published from.
Parallels Remote Application Server Training Manual
145
Publishing
Figure 109 - Selecting the document type
Select the document type.
Figure 110 - RDS Desktop
Parallels Remote Application Server Training Manual
146
Publishing
Figure 111 - Virtual Desktop
Figure 112 - Remote PC
Then depending on where the document is to be published from, a RD Session Host, Virtual Desktop or
Remote PC needs to be selected and location chosen using the “…” button next to Target.
Parallels Remote Application Server Training Manual
147
Publishing
Figure 113 - Filtering document users
The document can be filtered in the same way as other published items, as shown in Figure 117.
Published documents will appear in the Published resources tab and in the Parallels Client after clicking the
“Apply” button.
Figure 114 - Published Document
Parallels Remote Application Server Training Manual
148
Publishing
Figure 115 - Published Document as shown on the client's machine
Parallels Remote Application Server Training Manual
149
Publishing
Web Application Publishing
As of version 15 of Parallels Remote Application Server, web applications can also be published. A perfect
example of a web application that can be published, is a company’s internal intranet. As intranet is only
accessible when connected to the company’s private network, a problem will arise when trying to access
the company’s intranet from home or abroad. By publishing the web application using Parallels Remote
Application Server, this issue is resolved.
Figure 116 - Type of publishing selection
1. Open the publishing wizard and select the “Web application” option.
Parallels Remote Application Server Training Manual
150
Publishing
Figure 117 - Selecting the type of server to publish from
The next step is to select the server from which you would like to publish the web application from. Select
the appropriate server, and click on the “Next” button to continue.
Parallels Remote Application Server Training Manual
151
Publishing
Figure 118 - Servers to publish from
If you have more than one server configured, RAS will prompt you to either use all the servers in the
site, select server groups or even to select individual servers as shown in Figure 122. If you only have
one server configured, this step is skipped.
Parallels Remote Application Server Training Manual
152
Publishing
Figure 119 - Web application configuration RD Session Host
In the case of RD Session Hosts, you will need to abide by the following steps:
1. Enter the name and description of the web application in the “Name” and “Description” textboxes
respectively.
2. In the “Run” dropdown list, select whether the web application should run in either normal
window, maximized or minimized.
3. Enter the web application’s URL in the “URL” textbox.
4. Tick the “Force to use Internet Explorer” checkbox if you would like the client to use Internet
Explorer instead of the default browser on their device.
5. Click on the “Finish” button to publish the web application.
`
Parallels Remote Application Server Training Manual
153
Publishing
Figure 120- Web application configuration Virtual Guest
In the case of Virtual Guests, please abide by the following steps:
1. Enter the name and description of the web application in the “Name” and “Description” textboxes
respectively.
2. In the “Run” dropdown list, select whether the web application should run in either normal
window, maximized or minimized.
3. Enter the web applications URL in the “URL” textbox.
4. Tick the “Force to use Internet Explorer” checkbox if you would like the client to use Internet
Explorer instead of the default browser on their device.
5. Select the type of guest you would like to connect to by choosing from the “Connect to” drop down
list.
6. Select the pool you would like to publish the web application from, by choosing one of the options
in the “from Pool” dropdown list.
7. You may also opt to enable a persistent connection by checking the “Persistent” checkbox.
8. Click on the “Finish” button to publish the web application.
Parallels Remote Application Server Training Manual
154
Publishing
Figure 121- Web application configuration Remote PC
For Remote PCs please abide by the following steps:
1. Enter the name and description of the web application in the “Name” and “Description” textboxes
respectively.
2. In the “Run” dropdown list, select whether the web application should run in either normal
window, maximized or minimized.
3. Enter the web applications URL in the “URL” textbox.
4. Tick the “Force to use Internet Explorer” checkbox if you would like the client to use Internet
Explorer instead of the default browser on their device.
5. Enter the Remote PC IP address in the “Remote PC” textbox, alternatively you may browse the
available remote PCs by clicking on the “…” button.
6. Click on the “Finish” button to publish the web application.
Parallels Remote Application Server Training Manual
155
Publishing
Folder on the file system publishing
As of version 15 of Parallels Remote Application Server, a folder on the file system publishing function has
been introduced. This is done by using a UNC path as shown in the following steps.
Figure 122 - Type of publishing selection
Open the publishing wizard and select the “Folder on the file system” option.
Parallels Remote Application Server Training Manual
156
Publishing
Figure 123 - Selecting the type of server to publish from
The next step is to select the server from which you would like to publish the folder on the file system
from. Select the appropriate server and click on the “Next” button to continue.
Parallels Remote Application Server Training Manual
157
Publishing
Figure 124 - Server to publish from
If you have more than one server configured, RAS will prompt you to choose between using all the servers
in the site, select server groups or even to select individual servers as shown in Figure 128.
If you only have one server configured, this step is skipped.
Parallels Remote Application Server Training Manual
158
Publishing
Figure 125 - Configuring the UNC Folder RD Session Hosts
For RD Session Hosts please abide by the following steps
1. Enter the UNC path. Alternatively, you can click on the “…” button to manually select the path from
a browser which will be shown in another dialogue box.
2. In the “Run” dropdown list, select whether the folder should run in a normal window, maximized or
minimized.
3. Give a name to the folder you are going to publish, by typing in a name in the “Name” field. You
can also opt to add a description to the folder you are publishing in the “Description” textbox
beneath.
Parallels Remote Application Server Training Manual
159
Publishing
Figure 126 - Configuring the UNC Folder Virtual Guest
For Virtual Guests please abide by the following steps:
1. Enter the UNC path, alternatively you can click on the “…” button select the path from a browser
which is shown in another dialogue box.
2. In the “Run” dropdown list select whether the folder should run in either normal window,
maximized or minimized.
3. Give a name to the folder you are going to publish by entering the name in the “Name” textbox.
You can also opt to add a description to the folder you are publishing in the “Description” textbox
beneath.
4. Select the type of guest you would like to connect to, by choosing from the “Connect to” drop
down list.
5. Select the pool you would like to publish the web application from, by choosing one of the options
in the “from Pool” dropdown list.
6. You may also opt to enable a persistent connection by checking the “Persistent” checkbox.
7. Click on the “Finish” button to publish the web application.
Parallels Remote Application Server Training Manual
160
Publishing
Figure 127 - Configuring the UNC Folder Remote PC
For Remote PCs, please abide by the following steps:
1) Enter the UNC path, alternatively you can click on the “…” button, to select the path from
a browser which will be shown in another dialog box.
2) In the “Run” dropdown list select whether the folder should run in either a normal window,
maximized or minimized.
3) Give a name to the folder you are going to publish, by entering the name in the “Name”
textbox. You can also opt to add a description to the folder you are publishing in the
“Description” textbox beneath.
4) Enter the Remote PC IP address in the “Remote PC” textbox. Alternatively, you may
browse the available remote PCs by clicking on the “…” button.
5) Click on the “Finish” button to publish the web application.
Figure 128 - Published file on system
Parallels Remote Application Server Training Manual
161
Publishing
Publishing Containerized Applications
(Turbo.net) is a web-based container platform that runs applications on a Windows desktop with no
installation required. Parallels RAS provides you with the ability to publish applications hosted by Turbo.net
and make them available to Parallels RAS users just like regular applications hosted by RD Session Host
servers.
The ability to publish container-based applications allows Parallels RAS administrators to greatly reduce
TtV (time to value) and minimize investment and development resources. The integration of the solution
provided by Turbo gives you the following immediate benefits:
• Instant access to an online application repository with hundreds of applications available, including:
o
Most web browsers (Chrome, Firefox, Opera, etc).
o
Most application runtimes (JRE and others).
o
Most add-ons (Flash, etc).
o
Open source applications like LibreOffice, VLC Player, etc.
o
Administrative tools like WinSCP, Putty and so on.
• Instant provisioning of all these applications in any combination possible (i.e. a particular version of
Google Chrome with a specific Java runtime and Flash) to all endpoints regardless of the platform
and version (supports anything from Windows XP to Windows Server 2016).
For more information about Turbo, visit http://www.turbo.net
Licensing and supported Turbo repositories:
• Parallels RAS uses the free edition of Turbo.net, so no subscription is required.
• Parallels RAS supports application publishing from the public Turbo.net repository only. Private
repositories are not supported at the time of this writing.
Parallels Remote Application Server Training Manual
162
Publishing
Managing Published Items
Published items can be managed from the options menu of the console when “Publishing” has been
selected from the systems menu. Applications can be Added, Deleted, and Moved Up, Moved Down,
Disabled, Sorted or even searched for using the Find option. These options are self-explanatory, but it’s
worth noting that the “Sort” will order published items in alphabetical order.
Figure 129 - Managing published items features
Troubleshooting Tip: Placing the published items in a specific order may be beneficial to admins so that can
refer to the icons without looking directly at the Parallels Client.
Parallels Remote Application Server Training Manual
163
Universal Printing
SECTION 13
Universal Printing
In This Chapter:
Parallels Universal Printing ........................................................................................ 165
HTML5 Gateway and Chrome App Printing ............................................................... 167
Fonts Management .................................................................................................... 169
Parallels Remote Application Server Training Manual
164
Universal Printing
Parallels Universal Printing
When using Parallels Remote Application Server, the printing process is greatly simplified through the
Parallels Universal Printer function, which is automatically installed when you install the agents for RD
Session Host, VDI Guest and Remote PC.
Parallels Universal Printing will solve most printer driver problems. If the client is using a printer where the
server does not have a suitable printer driver, the normal printing redirection will not work, however you
will not need to install a specific printer driver on the server when you are using Parallels Universal
Printing. The Parallels Universal Printer drivers are available in 32 and 64 bit format.
Parallels Universal Printer Support was added to HTML5 Gateway and the Chrome app in Version 14.
As of Parallels Remote Application Server version 10.1, you can redirect multiple printers at the same time,
as opposed to the previous versions where only one printer (Parallels Universal Printer) was available on
each RD Session Host.
Figure 130 - Printer naming variables
The administrator can choose the format of each printer name by editing the “Printer rename Pattern” text
box. You can also choose to continue to work in legacy mode by choosing <Parallels Universal Printer> as
the printer rename pattern. In this case, only the first printer redirected by the client is utilized.
You can use any of the following variables in the “Printer Rename Pattern” text box:
%PRINTERNAME%
Client side printer name
%USERNAME%
User name connected to the server
%SESSIONID%
Session ID of the active session
<Parallels Universal Printer>
Legacy mode (only one printer for all users)
Parallels Remote Application Server Training Manual
165
Universal Printing
Choosing <DEFAULT>, means that the default printer pattern is used.
The default pattern is %PRINTERNAME% for %USERNAME% by Parallels.
Figure 131 - Available printers
Redirected printers are only accessible by administrators and the user who redirected the printer.
Choosing <Parallels Universal Printer>, will mean that only one printer will be shown on the server and is
available for all users.
Parallels Remote Application Server Training Manual
166
Universal Printing
HTML5 Gateway and Chrome App Printing
When printing via the HTML5 Gateway and the Chrome App, the user will see the Parallels Universal
Printer option. Choose this print option and click “Print”. Once the user prints, the Parallels Universal
Printers for HTML5 Gateway and Chrome App will open the local printers installed on the device.
Figure 132 - Printer options
To enable or disable the functionality of Parallels Universal Printing from each RD Session Host, VDI Guest
or Remote PC in the farm, select the RD Session Host(s), VDI Guest(s) or Remote PCs and click “Enable”
from the Task drop down menu. Click on “Select All” to facilitate Parallels Universal Printing on every type.
Parallels Remote Application Server Training Manual
167
Universal Printing
Figure 133 - Universal printing interface
To “Disable” Universal Printing, select the RD Session Host, VDI Host or Remote PC and then click “Disable”
from the Task drop down menu.
Parallels Remote Application Server Training Manual
168
Universal Printing
Fonts Management
Figure 134 - Fonts management interface
To control the embedding of fonts within a print job, use the EMF Properties tab and check/uncheck
“Embed Fonts”. By default, a number of fonts will already be excluded since these are normally available
on standard Windows platforms. If the client selects the “Enhanced Meta File” data format for Universal
Printing, the fonts are embedded with the print job.
To add a new font, click on the “Add” button from the Task menu and select the font to be added. To
delete a font, select the font from the excluded list and click the “Delete” button from the Task menu.
NOTE: Embedded fonts are deleted after print job.
Parallels Remote Application Server Training Manual
169
Universal Scanning
SECTION 14
Universal Scanning
In This Chapter:
What is Universal Scanning? ..................................................................................... 171
Universal Scanning Options ....................................................................................... 172
Configuring a Scanning Rename Pattern ................................................................... 173
Enabling and Disabling Parallels Universal Scanning Support ............................ 173
Adding Scanning Applications ................................................................................... 174
Configuring Scanning Applications ..................................................................... 174
Deleting a Scanning Application ......................................................................... 174
Parallels Remote Application Server Training Manual
170
Universal Scanning
What is Universal Scanning?
Scanner redirection enables users who are connected to a remote desktop or who are accessing a
published application to make a scan using the scanner that is connected to the client machine.
Parallels Universal scanning uses TWAIN, as well as WIA redirection to let any application using either
technology hardware connected to the client device for scanning. With Parallels Universal Scanning there
is no need to install any scanner driver on the server. Only one scanner is shown on the server regardless
of the number of users and sessions currently in use on the RD Session Host.
Note: The server feature ‘Desktop Experience’ is required in order in enable both WIA and TWAIN scanning on RD
Session Hosts.
With Parallels Universal Scanning, there is no need to install any scanner drivers on the server. Only one
scanner is shown on the server regardless of the number of users and sessions currently in use on the RD
Session Host. The Parallels Universal Scanning drivers come in 32 and 64 bit format.
Parallels Remote Application Server Training Manual
171
Universal Scanning
Universal Scanning Options
By default, the Parallels Universal Scanning driver is automatically installed with the RD Session Host, VDI
Guest and Remote PC agents. Therefore, upon adding a server to the farm, the Parallels Universal Scanning
function is also installed.
Note: The Parallels Universal Scanning driver is available in 32 and 64 bit format. Currently only 32 bit
applications are supported.
Figure 135 - Universal scanning interface (WIA)
Parallels Remote Application Server Training Manual
172
Universal Scanning
Configuring a Scanning Rename Pattern
By default, Parallels Remote Application Server renames the scanners using the following pattern:
%SCANNERNAME% for %USERNAME% by Parallels. Therefore, if a user named Samuel that has SCANNER1
installed locally, connects to a remote desktop or published application his scanner is renamed to
SCANNER1 for Samuel by Parallels.
To change the pattern used to rename scanners, specify a new pattern in the Scanner rename pattern
input field found in the Parallels Remote Application Server Console > Universal Scanning node. The
variables available for renaming scanners are:
▪
%SCANNERNAME%: client side scanner name
▪
%USERNAME%: username of the user connected to the server
▪
%SESSIONID%: session ID of the action session
You can also configure a different scanner renaming pattern specifically for each server from the server
properties.
Note: Redirected scanners are only accessible by administrators and the user who redirected the scanner.
Enabling and Disabling Parallels Universal Scanning Support
To enable or disable WIA or Twain Parallels Universal Scanning support from a particular server, follow the
below process:
Open the Parallels Remote Application Server console and open the Universal Scanning category in the
navigation bar. Click the WIA tab or the TWAIN tab.
Highlight the name of the server you would like to modify, and click Enable to enable Parallels Universal
Scanning support or Disable to disable it from the Tasks dropdown menu.
Parallels Remote Application Server Training Manual
173
Universal Scanning
Adding Scanning Applications
TWAIN applications that will use the Universal Scanning feature have to be added from the TWAIN tab by
selecting the TWAIN Applications button so they can use the Twain driver, hence making it easier for the
administrator to set them up. Follow the process described below to add an application to the list of
Scanning applications:
Figure 136 - Universal scanning interface (TWAIN)
Open the Parallels Remote Application Server console and open the Universal Scanning category. Click the
TWAIN tab. Click on the Twain Applications button and click “Add”. From here, browse to the application
executable and click “Open”.
Configuring Scanning Applications
Note: Some applications might use different or multiple executables. Make sure that all used executables are added
to the list of scanning applications.
Deleting a Scanning Application
To delete a scanning application from the list, highlight the application name and click “Delete” from the
Tasks drop down menu.
Note: By deleting an application from the list of scanning applications the installation of the application will not
be affected.
Parallels Remote Application Server Training Manual
174
Quick Keypads
SECTION 15
Quick Keypads
The Quick Keypad category in the Parallels RAS Console allows you to define custom keys to perform
common actions in published applications running on mobile devices. Custom keys appear above the
standard keyboard in iOS and Android and can be tapped just like any other key on the virtual keyboard.
This feature is designed for users who run published applications on a phone or a tablet. When a particular
software requires repeated selection of certain menu or toolbar items, using custom keys can significantly
improve user experience. For example, let's say a user has some data entry task which requires them to
press File > New and File > Save menu items over and over again. If you define two custom keys to
perform these actions, the user will see them above the standard keyboard in iOS or Android, so instead of
tapping the application's native menu items (which can be cumbersome), they can tap these keys, which is
much easier and quicker.
To define custom keys, select the Quick Keypad category in the Parallels RAS Console. The Quick Keypads
view in the right pane allows you to create a Quick Keypad template. A template is created for a specific
application (or a group of applications with the identical UI design) and contains shortcuts to perform
common actions in an application. Once a template is created, you assign it to a published application or a
group of applications, so each application (or a group) has its own Quick Keypad.
Parallels Remote Application Server Training Manual
175
Connection and Authentication Settings
SECTION 16
Connection and Authentication Settings
In This Chapter:
Authentication ............................................................................................................ 177
Settings ..................................................................................................................... 179
Second Level Authentication ..................................................................................... 180
Parallels Remote Application Server Training Manual
176
Connection and Authentication Settings
Authentication
Parallels Remote Application Server’s Connection Manager category allows administrators to set a
requirement for all users to authenticate connections to Parallels Remote Application Server. All trusted
domains or workgroups will be allowed to make connections to Parallels Remote Application Server
automatically.
Figure 137 - Connection Authentication settings
An individual domain or workgroup can be selected from a list by selecting the “…” button, which will only
allow that domain or workgroup to connect to Parallels Remote Application Server.
Parallels Remote Application Server Training Manual
177
Connection and Authentication Settings
Figure 138 - Domain selection
If the domain is specified, the “Use client domain if specified” can be unchecked and it will automatically
populate that field in the Parallels Client. To clear all cached session IDs, click on the “Clear cached session
IDs” button.
NOTE: To authenticate a workstation not joined to a domain, a local account can be used. In order to avoid user
filtering problems, it is suggested to use the NetBIOS name instead of the FQDN in the domain field.
In order to specify authentication with a workstation, you must enter [workgroup_name] /
[machine_name]. Therefore, if you would like to authenticate against a machine named “SERVER1” that is
a member of the workgroup named “WORKGROUP”, you would have to enter: WORKGROUP/SERVER1 in
the domain field.
Parallels Remote Application Server Training Manual
178
Connection and Authentication Settings
Settings
Figure 139 - Connection Settings
The Settings tab page in the Connection category allows you to configure the following remote session
options:
• Declare session idle after. This option affects reporting statistics, whereby a session is declared idle
after the amount of time specified without any activity.
• Automatically logoff RAS idle session after. Specifies the time period after which an idle
session (a user RAS connection) should be logged off. Once the session is logged off, the user is
disconnected from Parallels RAS and is presented with the Connections dialog in Parallels Client
as a way to notify them that they were logged off. They can use the dialog to log back on if desired.
• Cached Session Timeout. Specify the amount of time that a session is cached for (higher
amount of time reduces AD transactions).
• Clear cached session IDs. Clears all cached session information.
Parallels Remote Application Server Training Manual
179
Connection and Authentication Settings
Second Level Authentication
Figure 140 - Connection Second Level Authentication
Parallels RAS allows you to use two-factor authentication for access control by configuring a second level
authentication. When second level authentication is used, users will have to authenticate through two
successive stages to get the application list. While the first level authentication will always use native
authentication (Active Directory / LDAP), the second level can use one of the following:
• RADIUS
• SafeNet
• Deepnet
The second level of authentication is more secure because instead of using a standard username and
password, it uses a static username and a one-time password generated by a token.
Parallels Remote Application Server Training Manual
180
Connection and Authentication Settings
Allowed Devices
Figure 141 - Connection Allowed Devices
You can specify a minimum requirement for the Parallels Client type and version number in order for it to
connect to the Parallels RAS farm or to list published resources.
Parallels Remote Application Server Training Manual
181
Connection Policies
SECTION 17
Connection Policies
In This Chapter:
Configuring Client Policies ......................................................................................... 183
Parallels Remote Application Server Training Manual
182
Connection Policies
Configuring Client Policies
Figure 142 - Policies interface
Client Policies are accessible through the Polices category. Client Policies provide a way to restrict
configuration of the Connection Properties and Options of Parallels Clients on Windows Desktop OSs
(including Windows CE and XP Embedded).
Parallels Remote Application Server Training Manual
183
Connection Policies
Figure 143 - Client policy properties
Users or Groups can be added to a policy which pushes different Parallels Client settings and options to the
users depending on the policy settings. A device license is not needed to use these options.
Parallels Remote Application Server Training Manual
184
Client Manager
SECTION 18
Client Manager
In This Chapter:
What is the Client Manager? ...................................................................................... 186
Devices ...................................................................................................................... 187
Windows Device Groups............................................................................................ 188
Managing Windows Device Groups ........................................................................... 189
Install and Configure........................................................................................... 189
Windows Device Enrolment ................................................................................ 191
Shadow a Windows Device ....................................................................................... 193
Desktop Replacement ............................................................................................... 194
Switching to Admin Mode ................................................................................... 195
Configuring Local Applications using the Parallels Client Desktop replacement . 197
Options ...................................................................................................................... 199
Device Status and Color Coding ......................................................................... 199
Scheduler .................................................................................................................. 200
Parallels Remote Application Server Training Manual
185
Client Manager
What is the Client Manager?
With the Client Manager, you can manage Windows clients, shadow clients and replace the desktop shell
through the Parallels Desktop shell replacement.
Client manager supports the following windows operating systems. Windows XP, Windows 7, Windows 8,
Windows 8.1, Windows 10. These editions must be able to accept an inbound RDP connection.
Parallels Remote Application Server Training Manual
186
Client Manager
Devices
Figure 144 - Client manager interface
From the Client Manager category in the Parallels Remote Application Server Console, you can view all
clients connected to the system. You can manage, shadow and deploy the Parallels Desktop Shell
replacement to Windows desktops only.
Once the Windows device is in management mode, you will be able Power On, Power Off, Reboot, Log Off
and shadow the desktop.
Example of a managed Parallels Windows Client.
Figure 145 - Managed windows client
Parallels Remote Application Server Training Manual
187
Client Manager
Windows Device Groups
With Windows Device Groups, you now have the ability to group Windows devices into manageable
groups. This will give the administrator the ability to create managed groups to control all devices within
the group under one setting.
Figure 146 - Device groups main settings
Figure 147 - Device groups OS settings
Parallels Remote Application Server Training Manual
188
Client Manager
Managing Windows Device Groups
Convert Windows devices running Windows XP up to Windows 8.1 to Thin Clients using the Parallels RDP
Client for Windows.
Install and Configure
Figure 148 - RDP Client adding a new connection
Download the Parallels RDP Client for Windows from:
http://www.parallels.com/eu/products/ras/download/links/
Double click to run the ‘Parallelsclient.msi’ or ‘Parallelsclientx64.msi’ and proceed to the installation
Wizard (install the 64 bit version on 64 bit Windows).
Parallels Remote Application Server Training Manual
189
Client Manager
Figure 149 - RDP Client connection properties
Upon completion, run the Parallels RDP Client and configure a new Parallels RAS connection by following
the steps below:
1.
2.
3.
4.
Click ‘File’.
Click ‘Add New Connection’.
Select ‘Parallels Remote Application Server’ and click ‘Ok’.
Next, configure the connection properties below:
▪
Primary Connection - Specify the Parallels Remote Application Server FQDN or IP.
▪
User Credentials - Enter Username, password and domain.
5 Click ‘Ok’ to create the new connection.
Parallels Remote Application Server Training Manual
190
Client Manager
Windows Device Enrolment
Windows devices can be set to automatically be managed by your farm or require that the admin approves
them first.
Figure 150 - Client manager devices
Approve a device to be managed by Parallels Remote Application Server from the Parallels RAS console by
following the next steps:
1. Go to Client Manager > Devices.
2. Click a device.
3. Click Tasks.
4. Click Manage Device.
Parallels Remote Application Server Training Manual
191
Client Manager
Figure 151 - Client manager pairing devices
The device state will change to ‘Pair pending’ until the device reconnects.
Once the Parallels RDP Client reconnects, the enrolment process is completed and the device is managed
by Parallels RAS.
Alternatively, set Parallels Remote Application Server to automatically manage Windows devices according
to the following steps:
1. Go to ‘Client Manager’.
2. Click ‘Options’.
3. Enable “Automatically Manage Windows Devices”
Once managed, applications published by Parallels RAS become available on the Parallels RDP Client as per
the Figure 155. The administrator can now check the state of the device and perform power control
actions such as Powering On, Powering Off, Rebooting and Logging off.
NOTE: Devices running older versions of the client cannot be managed and are marked as Not Supported.
Parallels Remote Application Server Training Manual
192
Client Manager
Shadow a Windows Device
Shadow a Windows device to gain access to the full desktop and controls published from Parallels Remote
Application Server.
Figure 152 - Shadowing window device
Shadow a Windows device according to the steps below:
1 Go to Client Manager > Devices.
2
Select a device.
3
Click ‘Shadow’.
NOTE: The Windows user will be prompted to allow the administrator to take control and can choose to deny
access. This prompt can be deactivated by the administrator.
In addition, shadowing requires a direct connection between the machine from where the console is
running and the device itself.
Parallels Remote Application Server Training Manual
193
Client Manager
Desktop Replacement
The ‘Replace desktop’ option limits users from changing system settings or installing new applications.
Replace the Windows Desktop with the Parallels RDP Client, to convert the Windows operating system into
a thin-client-like OS without replacing the operating system. In this case, the user can only deploy
applications from the Parallels Client.
Figure 153 - Replace desktop
To enable the ‘Replace Desktop’ feature:
1. Right click the Windows device.
2. Click ‘Properties’.
3. Click OS Settings.
4. Enable ‘Replace Desktop’.
5. Click ‘OK’.
Note: This feature requires an administrative password set to switch between user and admin mode on the
Windows device.
Parallels Remote Application Server Training Manual
194
Client Manager
Switching to Admin Mode
Figure 154 - Switching to Admin Mode
In User Mode, the user is limited to only use the applications provided by the administrator. To change
system settings, switch the device to administration mode.
Change to Admin Mode by right clicking on the system tray icon, selecting “Switch to admin mode” and
providing the password configured.
Parallels Remote Application Server Training Manual
195
Client Manager
The table below outlines the features available in Admin Mode and User Mode.
Parallels Remote Application Server Training Manual
196
Client Manager
Configuring Local Applications using the Parallels Client Desktop
replacement
With the ‘Replace Desktop’ option enabled, the administrator’s target should be to deploy remote
applications or remote desktops and use the native OS to deploy the software needed to connect
remotely. However, in some instances local applications may be needed. The administrator still has the
ability to configure local applications to be shown within the Parallels RDP Client Desktop Replacement,
however it is necessary to switch to admin mode prior.
Publish a local application according to the following steps:
1. Shadow the user’s session or use the user device station directly.
2. Switch the Parallels RDP Client Desktop Replacement to admin mode.
3. Click File > “Add New Application…”
Figure 155 - Adding local application details
4. Fill in the Application information.
Parallels Remote Application Server Training Manual
197
Client Manager
Figure 156 - Added application as shown on the Client’s machine
Applications added will be visible in the Application Launcher.
Switch back to user mode once all the applications needed are configured.
For a full list of Desktop Replacement features available per OS, go here:
http://www.parallels.com/products/ras/features/client-management/
Parallels Remote Application Server Training Manual
198
Client Manager
Options
Device Status and Color Coding
Figure 157 - Client manager colour management options
Devices that connect to Parallels Remote Application Server can have any of the following statuses:
▪
Off: Device is switched off.
▪
Booting: Device is booting.
▪
Installing: Device is installing.
▪
Connected: Device is connected.
▪
Logged On: Devices is logged on to the system.
▪
Restarting: Device is restarted.
▪
Standalone: Device has previously connected to Parallels Remote Application Server but is not managed or
isn’t a manageable device, therefore it cannot be managed.
▪
Needs Approval: Device needs approval to connect to Parallels Remote Application Server.
▪
Deny: Device has been denied access to Parallels Remote Application Server.
▪
Not Support: Device is not supported by Parallels Remote Application Server.
▪
Error: Device is experiencing errors.
Parallels Remote Application Server Training Manual
199
Client Manager
Scheduler
The scheduler gives the administrator the ability to manage devices’ schedules. The administrator can preprogram actions to switch on, switch off or reboot devices at a specific time of the day.
Figure 158 - Scheduler Properties
Figure 159 - Scheduler interface
Parallels Remote Application Server Training Manual
200
Administration
SECTION 19
Administration
In This Chapter:
Multiple Sites ............................................................................................................. 202
Adding a New Site to the Farm .................................................................................. 203
Accessing Site Configuration ..................................................................................... 206
Configuring Administrators......................................................................................... 210
Mailbox Setup ............................................................................................................ 213
Sending Email Invitations and Settings to Users ........................................................ 214
Notifications ............................................................................................................... 217
Reporting ................................................................................................................... 218
Backup, Software Updates & Settings Audit .............................................................. 219
Administrator Chat ..................................................................................................... 222
Information ................................................................................................................ 226
Parallels Remote Application Server Training Manual
201
Administration
Multiple Sites
Figure 160 - Farm info
A Parallels Remote Application Server Farm can have multiple sites. Each site consists of a publishing agent,
a Secure Client Gateway or multiple gateways, and the agents installed on the RD Session Hosts, VDIs and
PCs. At least one server has to be dedicated for a site where the master publishing agent and gateway will
be installed.
Additional site requirements:
▪
Must be on the same LAN or have a VPN connection to the remote secondary site.
▪
Must be on the same domain or have a two-way trust between domains.
The first default site added to Parallels Remote Application Server farm is the Licensing Server, where the
main Parallels Remote Application Server configuration database is stored. Every other additional site on
the farm will have a synched copy of the configuration database and once changes are applied to a
particular site, the Licensing Server database is updated.
Sites can be managed from the Farm node in the navigation tree available in the Farm category.
Configuring sites in Parallels Remote Application Server.
NOTE: The Farm node is only available to administrators which have full permissions on the farm.
Parallels Remote Application Server Training Manual
202
Administration
Adding a New Site to the Farm
To add a site to the Parallels Remote Application Server farm follow the process described below:
Click the Farm node in the navigation tree and click the Plus button to launch the Add Site wizard.
Alternatively, you can also select the Add option from the Tasks drop down menu. In the first step of the
wizard, specify a site name in the Site input filled and specify the server IP or FQDN where the master
publishing agent and gateway will be installed in the Server input field.
Figure 161 - Add site
Parallels Remote Application Server Training Manual
203
Administration
First Step of the Add a New Site Wizard
Figure 162 - Checking new site settings
In the second step of the wizard, Parallels Remote Application Server checks whether the Parallels
Publishing Agent is installed on the site server. If not, click ‘Install’ to proceed with the remote installation.
Second Step of the Add a New Site Wizard – Check for Publishing Agent
In the Installing Parallels Publishing Agent dialog, highlight the server name on which the Parallels
Publishing Agent is to be installed as seen in the Figure 166.
(Optional) Tick the “Override system credentials” option to specify and use different credentials to connect
to the server and install the Parallels Agent.
Parallels Remote Application Server Training Manual
204
Administration
Installing Parallels Publishing Agent Dialog Box
Figure 163- Installing agent site
Click “Install” to install the publishing agent and gateway, and click “Done” once it has been successfully
installed.
In the last step of the Add Site wizard, click “Ok”.
Parallels Remote Application Server Training Manual
205
Administration
Accessing Site Configuration
Once a new site is created, you can access its configuration by running the Parallels Remote Application
Server Console on the site server or by switching to its configuration from the Parallels Remote Application
Server Console as explained in the following section: Switching Between Sites Configurations.
NOTE: When running the Parallels Remote Application Server Console, you will always be connected to the
licensing server database, even if running it from a site server. Once changes are applied, configuration changes
are replicated from the licensing server to the site servers.
Parallels Remote Application Server Training Manual
206
Administration
Switching Between Site Configurations
Figure 164 - Farm sites
From the Parallels Remote Application Server Console, you can only view the configuration of one site at a
time. If you login as a farm administrator, the configuration of the Licensing Server site will be loaded. If
you login with an administrator that has access to a specific site, the configuration of that particular site
will be loaded.
To switch between the configurations of different sites from the Parallels Remote Application Server
console, follow the process explained below:
Open the Farm category and click on the Farm node from the navigation tree to access the list of sites in
the farm.
Highlight the site you would like to configure, and from the Tasks dropdown menu select Switch to this
Site. Alternatively, you can use the top bar and select the site you want to switch to from the Site drop
down menu.
Managing Sites
Sites can be managed from the Farm node in the navigation tree available in the Farm category. From this
section, you can change the farm name and also add or delete sites.
Parallels Remote Application Server Training Manual
207
Administration
Replicating Site Settings to all Sites
Category
Section
Options
Farm
VDI Hosts, Persistent Guests
Auto removal timeout
Farm
Settings, Auditing
All Settings
Farm
Settings, Global Logging
Logging Settings
Farm
URL Redirection
All Settings
Load Balancing
Load Balancing
All Settings
Publishing
Advanced, Shortcuts
All Settings
Publishing
Advanced, Extensions
All Settings
Publishing
Advanced, Licensing
All Settings
Publishing
Advanced, Display
All Settings
Publishing
Filtering, User
All Settings
Publishing
Filtering, Client
All Settings
Publishing
Filtering, IP Address
All Settings
Publishing
Filtering, MAC
All Settings
Universal Printing
Universal Printing
Printer Renaming
Universal Printing
Font Management
All Settings
Universal Scanning
Scanning Applications
All Settings
Connection
Authentication
All Settings
Connection
Second Level Authentication
All Settings
Connection
Allowed Devices
All Settings
Reporting
Reporting Engine
Reporting Engine Type
Reporting
Engine specific settings
All Settings
Any setting which is site dependent can be replicated on all other sites. Refer to the above table for more
specific information about which settings can be replicated on other sites.
Parallels Remote Application Server Training Manual
208
Administration
To replicate a specific setting to all other sites, tick the option Replicate settings highlighted in Figure 169.
Figure 165 - Replicate site settings
Enabling Replication of Configuration Changes to all other Sites.
Overriding Site Replicated Settings.
If an administrator has permissions to enable or disable the replication settings, makes a change to a
specific setting, these new settings are replicated to all other sites.
If an administrator has access to a particular site only, upon modifying the site settings which have been
replicated, the replicated settings are overridden and the option Replicate Settings is automatically
switched off, therefore such settings will no longer be replicated to other sites.
Setting a Site as a Licensing Server
If the licensing server fails, or if you would like to set a different site as a Licensing Server, click on the site’s
name from the Farm node in the navigation tree, and from the Tasks dropdown menu select Set Site as
Licensing Server.
Parallels Remote Application Server Training Manual
209
Administration
Configuring Administrators
The administration section allows administrators to grant permissions to user accounts or user groups, set
up email accounts, notifications, import/export backups, update software and audit settings.
Administration
Figure 166 - Administrator properties
After installing Parallels Remote Application Server, an administrator account with full administrative
capabilities is created for the user that performed the installation. Additional administrator accounts can
be added with varying administrational rights.
By selecting either “+” or “Add” from the Task Menu, an Active Directory dialog box will present itself,
allowing you to add additional administrators.
The administrative permissions can be set at this time by selecting “Change Permissions” button. Full
Permissions and “All Sites” are the default setting.
Parallels Remote Application Server Training Manual
210
Administration
Figure 167 - Site Full Permissions
Site permissions can be set by removing “Full Permissions”.
Parallels Remote Application Server Training Manual
211
Administration
Figure 168 - Site Permissions
Each category of Site Permissions has a detailed description of the permissions it can implement, and can
be set for all or specific sites.
Parallels Remote Application Server Training Manual
212
Administration
Mailbox Setup
Figure 169 - Mailbox setup interface
After configuring the monitoring process on the SMTP server, the connection details should be configured
to send emails once a monitoring counter is triggered. Below is a list of settings available to configure
email notifications from the “Mailbox Setup” tab:
▪
Sender Email Address.
▪
SMTP Server IP or FQDN.
▪
Disable or enable TLS / SSL encrypted communication.
▪
SMTP Server Credentials in case the SMTP server requires authentication.
Parallels Remote Application Server Training Manual
213
Administration
Sending Email Invitations and Settings to Users
Figure 170 - Send Invitations interface
Parallels Remote Application Server supports multiple platforms, ranging from desktop PCs and MACs, to
mobile devices and Chrome Apps. The Invitation Email feature is designed to reduce the complexities
involved in the installation and client rollout process. This feature allows the administrator to send client
installation and auto-configuration instructions to end users from the central management console.
Before proceeding, first confirm that you have correctly configured the Mailbox.
Parallels Remote Application Server Training Manual
214
Administration
Send Invitation settings in the Administration Category
Figure 171 - Email format to be sent
Once confirmed, navigate to Administration > Send Invitations and configure the options as below:
1. First, select your recipients from the Recipient section: you can browse your Active Directory and
simply select a user or a group.
2. From the Options section, configure the options listed below:
3. Target Device - choose the platform that the recipients are running. The platforms available at the
present are:
▪
Windows XP - 10 desktops
▪
Linux desktops
▪
MAC desktops
▪
Android
▪
iOS
▪
Chrome App
▪
HTML5-enabled browsers
▪
Public Gateway IP - choose the gateway (GW) domain name or IP. Please note that this can be
the public IP, in order to reach the system from a remote user.
▪
Gateway Mode - Choose the gateway connection mode. Note that SSL modes require the GW
to have SSL configured.
Parallels Remote Application Server Training Manual
215
Administration
Default Invitation Email template
1. The Email section displays the message that will be sent to the email addresses added from the
Recipients section. Choose to edit the text within this email or leave it as default. The variables
available to be added to the email are:
▪
%RECIPIENT% - Recipient username
▪
%SENDER% - Administrator account which the email is sent from
▪
%INSTRUCTIONS% - Includes the automatic configuration process
▪
%MANUALINSTRUCTIONS% - Includes the manual configuration process
2. Upon completion, click Send Invitation to send out the email to the recipients added; Preview to
view how the email will be displayed to the users; and Default to revert the email back to the
original text.
Parallels Remote Application Server Training Manual
216
Administration
Notifications
To be notified when some counters exceed a certain amount, you will need to enable the notification
settings in the options menu.
In the Notification tab, you’ll be notified if some server parameters exceed what you define as appropriate.
Figure 172 - Administration notification settings
You can choose any of the counters monitored by the Parallels Terminal Server Agent and set the
appropriate number accordingly. For example, if you want to be notified when a RD Session Host is
handling more than 45 sessions simultaneously or if the RD Session Host has more than 10 disconnected
sessions, simply tick the appropriate checkbox and configure the right amount.
Parallels Remote Application Server Training Manual
217
Administration
Reporting
Figure 173 - Administration Reporting configuration
Before you can generate reports from the Parallels RAS console, MS SQL and the Parallels Reporting
Service must be installed and configured. Please See Section 16 for reporting configuration. Once Parallels
RAS’ Reporting tool is configured, you can test your reporting server’s settings as well as maintain data
retention.
Data Retention Settings
Figure 174 - Data retention settings
Parallels Remote Application Server Training Manual
218
Administration
Backup, Software Updates & Settings Audit
Backup
Figure 175 - Backup and import
A backup of Remote Application Server’s configuration can be created by using the “Export” button under
the “Backup” tab. To restore a new installation or repair Remote Application Server, the configuration can
be “Imported”. The files exported after Version 11 have a DAT2 extension. Prior to RAS Version 11, the
extension on the file was a DAT file. A DAT file can’t be imported into a system running Version 11 and
higher. The configurations file should be exported once the server is completely configured. It is
recommended that this file be exported and stored somewhere else besides the host server. Prior to any
major changes, it is recommended to make a backup and export the file out too.
Parallels Remote Application Server Training Manual
219
Administration
Software Update
Figure 176 - Software update
The Parallels Remote Application Server console will automatically check for updates if you have the
“Check for updates when launching Parallels Remote Application Server” box enabled.
You may also click the “Check Now…” button to check for the latest updates.
In the “Modules Information” field, you can find information about the modules used by Parallels Remote
Application Server. This field will give you an overview of what files are installed and their current version.
This is the information that will be requested by technical support should you need to contact them.
Parallels Remote Application Server Training Manual
220
Administration
Settings Audit
Figure 177 - Settings Audit
From the Settings Audit tab in the Administration category, you can see all of the configuration changes
done to Parallels Remote Application Server by all its administrators, as seen in Figure 181.
Parallels Remote Application Server Training Manual
221
Administration
Administrator Chat
As of version 15 of Parallels Remote Application Server, a chat feature between administrators has been
introduced to facilitate the communication between multiple administrators using the console. An
administrator may opt to either send a message to an individual administrator, or alternatively send a
message out to all logged in administrators.
Figure 178 - Accessing Administrator Chat
To access the chat feature click on the arrow key next to the currently logged on users email address, and
click on the “Chat…” option, as shown in Figure 182.
Parallels Remote Application Server Training Manual
222
Administration
Figure 179 - Chat dialogue box
As shown in Figure 183, the chat dialog box is divided into 3 sections.
▪
Section 1 – In this section, the chat messages are displayed.
The format of a message sent is as follows
sender@domain -> recipient@domain : Chat message
Whilst the format of the message from the receiving end is as follows
recipient@domain: Chat message
▪
Section 2 – In this section, all logged in administrators are shown. The message will be sent
according to the selected administrator in this section, hence if the “All” option is selected then the
message will be sent to all the administrators currently logged in; alternatively, if
“administrato2@marketing.local” is selected then the message will only be sent to
administrator2@marketing.local.
▪
Section 3 – In this section, you can write the message to be sent. Once the message is written, click
on the “Send” button to send the message. You can click on the “Clear All” button, which wipes out
all the chat history saved for all administrators.
Parallels Remote Application Server Training Manual
223
Administration
Figure 180 - Administrator chat
Figure 184 shows an administrator chat with 3 administrators currently logged into Parallels Remote
Application Server:
Chat 1 – administrator@marketing.local perspective
Chat 2 – administrator2@marketing.local perspective
Chat 3 – matt@marketing.local perspective
Chat 1 shows the messages being sent out by administrator@marketing.local. This administrator has sent 3
messages in all. The first 2 messages were sent directly to administrator2@marketing.local while the last
message was sent to all the administrators.
Parallels Remote Application Server Training Manual
224
Administration
Chat 2 shows the messages received by administrator@marketing. The first 2 messages are personally sent
to administrator2@marketing.local and can only be visible by the two corresponding administrators. The
last message was sent to all the administrators, hence the message is visible by all of the currently logged
on administrators.
Chat 3 shows only one message, as there were no direct messages from other administrators to
matt@marketing.local. The only message shown in the chat is the message sent out to all administrators
by administrator@marketing.local.
Parallels Remote Application Server Training Manual
225
Administration
Information
Local Information
Figure 181 - Application information
The Information section provides administrators with information to help them see client connections,
send email notifications, log and audit, check for updates and get support.
Select Information from the navigation bar. You can monitor the status of each service, while also
monitoring sessions connected to the Virtual Desktop Host and RD Session Hosts that are enabled in the
farm. The status is refreshed every minute. Click on the “Refresh” button to manually refresh the content.
Parallels Remote Application Server Training Manual
226
Administration
Site Information
Figure 182 - Site Information
The Site Information tab displays various information about the Parallels environment such as:
▪
Servers
▪
Gateways
▪
Sessions
▪
Applications
Server information shows the type, Agent status, CPU utilization, Memory utilization, Active Sessions and
Disconnected Sessions.
Gateway information shows the OS type, Parallels Version, Gateway Mode, Allow only strong ciphers,
Gateway port number, SSL/TLS status and port number, Broadcast service, active RDP sessions and
Security Mode.
Session information shows the active session User ID, IP, Protocol, State and Type.
Application information shows what applications Users have opened and the session number.
Parallels Remote Application Server Training Manual
227
Reporting
SECTION 20
Reporting
In This Chapter:
Software Requirements ............................................................................................. 229
Install & Setup MS SQL ............................................................................................. 230
Parallels RAS Reporting Setup .................................................................................. 241
Parallels RAS Management Console Configuration ................................................... 244
Viewing Reports ........................................................................................................ 246
Available Reports....................................................................................................... 247
Parallels Remote Application Server Training Manual
228
Reporting
Software Requirements
With the introduction of Version 14, Parallels introduced a built in reporting tool. Parallels Reporting is a
service that uses Microsoft SQL Server to supply 14 reports to administrators.
NOTE: 2012 SQL Express edition has a 10 Gigabit data base limitation.
Before you can generate reports from the Parallels RAS console, MS SQL and the Parallels Reporting
Service must be installed and configured. Before doing so, first check whether your machine complies with
the prerequisites outlined below. Once confirmed, proceed with the 3 stage process: MS SQL installation
and configuration, Parallels Reporting Services installation and Parallels RAS configuration.
Supported Operating Systems – A machine running Windows Server 2008, Windows Server 2008 R2,
Windows Server 2012 or Windows Server 2012 R2 with .Net 4.5 installed.
Database Engine – Microsoft SQL Server 2012, SQL Server 2008 R2 Service Pack 1, SP2 and SP3.
NOTE: On farm environments with multiple RD Session Hosts, gateways, or VDI servers it is recommended that
MS SQL is installed on a dedicated machine.
Active Directory User Requirements -To view reports, a user must be created in the Active Directory with
the following credentials:
▪
Username: RASREPORTINGVIEW
Parallels Remote Application Server Training Manual
229
Reporting
Install & Setup MS SQL
Reporting requires a database instance installed either on the same machine running Parallels Remote
Application Server, or recommended on a different machine running within the Parallels RAS local
network.
Figure 183 - MS SQL Installation setup
Parallels Remote Application Server Training Manual
230
Reporting
Setting up Reporting
Run the SQL Server setup file > Installation. Select “New SQL Server stand-alone installation or add features
to an existing installation” to launch the setup.
Figure 184 - MS SQL Installation Support Rules
The Setup Support Rules page will attempt to identify any issues during the SQL Server Setup Support Files
installation. Upon completion, click “Next” to continue.
Parallels Remote Application Server Training Manual
231
Reporting
Figure 185 - MS SQL Installation Product key
Enter the product license key, click “Next” and accept the license terms to continue to the “Setup Role”
dialog.
Figure 186 - MS SQL Installation Role Setup
Next, select “SQL Server Feature Installation” and click “Next”.
Parallels Remote Application Server Training Manual
232
Reporting
Figure 187 - MS SQL Installation Feature Selection
Next, enable the features listed below that are required for Parallels RAS reporting and click “Next” to
continue:
▪
Database Engine Services
▪
Reporting Services – Native
▪
Management Tools
Parallels Remote Application Server Training Manual
233
Reporting
Figure 188 - MS SQL Installation Instance Configuration
Parallels RAS’s Reporting Services requires the SQL server to have been configured using a specific named
instance.
From the Instance Configuration page, select the option “Named instance”, input the information below
and click “Next” to continue:
▪
Named Instance: RASREPORTING
▪
Instance ID: RASREPORTING
Without the above named instance, Parallels Reporting setup will not complete.
Parallels Remote Application Server Training Manual
234
Reporting
Figure 189 - MS SQL Installation Server Configuration
Subsequently, the “Disk Space Requirements” and “Server Configuration” dialog boxes are shown. Confirm
the information, and click the “Next” button to proceed.
Parallels Remote Application Server Training Manual
235
Reporting
Figure 190 - MS SQL Installation Database Configuration
At the “Database Engine Configuration” window, select “Windows authentication mode” and add the users
below as SQL Server administrators:
▪
Systems Administrator
▪
AD Administrator
▪
System User
Parallels Remote Application Server Training Manual
236
Reporting
Figure 191 - MS SQL Installation Reporting Service Configuration
The next step introduces the “Reporting Service Configuration” that is used by Parallels RAS to generate
reports. Select the “Install and configure” option and click “Next” to continue.
Parallels Remote Application Server Training Manual
237
Reporting
Figure 192 - MS SQL Installation Summary
From the “Ready to install” section, ensure that features to be installed include:
▪
Reporting Services
▪
Management Studio Tools
▪
Database Engine
The Instance Name •MUST BE: RASREPORTING
Once confirmed, click “Install” to proceed with the installation. Upon completion, proceed to the
Verification process and port the setup procedures.
Parallels Remote Application Server Training Manual
238
Reporting
Figure 193 - MS SQL Login interface
Next, proceed to verify that the reporting services have been set up correctly. Open the “Reporting
Services Configuration Manager”.
Input the server name from the “Report Server Instance” dropdown, select “RASREPORTING” and click
“Connect”.
Figure 194 - MS SQL Configuration Manager Interface
Verify that the “Report Service Status” reads “Started”.
Parallels Remote Application Server Training Manual
239
Reporting
Figure 195 - MS SQL Configuration Manager Web Service
Verify that the “Web Service URL” is set to: ReportServer_RASREPORTING
Next change the SQL Reporting Services default port to 8085 to avoid conflicts between Parallels RAS
gateways and SSRS (port 80). For further information, the step-by-step procedure is outlined in the
following link – http://kb.parallels.com/eu/123634
Parallels Remote Application Server Training Manual
240
Reporting
Parallels RAS Reporting Setup
At this stage you will proceed to install Parallels RAS Reporting Services. Log in to the machine running MS
SQL with an account that has administrative privileges (AD) and proceed to install Parallels RAS reports.
Download the latest version of the “Parallels RAS Reporting Service” setup from the Parallels Website.
Figure 196- RAS Reporting Setup Installation
Double click the ParallelsRASReporting.msi setup file to run the installation Wizard. Click “Next” when
prompted. Review and approve the end-user license agreement and click “Next”.
Parallels Remote Application Server Training Manual
241
Reporting
Figure 197- RAS Reporting Setup Installation destination folder
Specify the folder location from which Parallels RAS will be installed, click “Next” and then “Install” to
commit to the configuration and initiate the installation.
Parallels Remote Application Server Training Manual
242
Reporting
Figure 198- RAS Reporting Setup Installation Complete
When this screen is displayed, you will have successfully installed Parallels RAS Reporting. Click “Finish” to
complete the installation.
Parallels Remote Application Server Training Manual
243
Reporting
Parallels RAS Management Console
Configuration
Reports are generated from the Parallels Remote Application Server console. To generate reports, Parallels
RAS must be configured to communicate with the reporting service.
Figure 199 - RAS Reporting Configuration
Parallels Remote Application Server Training Manual
244
Reporting
To configure reporting from the Parallels Remote Application Server console, go to the RAS Console >
Administration > Reporting. Click the “Reporting Engine” dropdown menu, and select “Parallels Reporting”.
▪
Server – Specify the IP address of the machine hosting your SQL database that the Reporting
service is installed on. If the database is located on the same machine you have installed Parallels
RAS on, you can also use localhost.
▪
Port – Specify the port used to communicate with the Parallels Reporting service.
▪
Prompt user for Login Details – If selected, this will prompt the user for AD credentials when
generating reports.
▪
Use following credentials – If selected, specify AD username and password to be used each time a
report is generated.
Subsequently, click “Test Connection” to test the configuration, then “Apply” to commit the configuration.
NOTE: The default user for viewing reports is RASREPORTINGVIEW (is not created in Active Directory
automatically, this has to be done manually) created during the installation process in SQL. Alternate users need
to be configured in SSRS with browser permissions.
Parallels Remote Application Server Training Manual
245
Reporting
Viewing Reports
Figure 200 - RAS Reporting tab
After the configuration is complete and the credentials are verified via the test button, switch to the
Parallels Reporting category to generate and view the reports. Note that the first time you view reports,
you may be requested to add http://<Parallels RAS server domain/ IP address> as a trusted website. This
will appear depending on Parallels RAS machine’s “Internet Explorer Enhanced Security Configuration”
settings.
Figure 201 - RAS Reporting tab
Parallels Remote Application Server Training Manual
246
Reporting
Available Reports
Parallels RAS Reporting has 14 available reports to choose from. These reports can be exported and
printed out.
Reports are exported in the following formats. XML, CSV, PDF, MHTML, Excel, TIFF file and Word.
▪
User activity:
▪
▪
User session activity:
▪
▪
Shows information about the devices being used by users that are members of a particular
group. Report includes information such as; device vendor, model and total time used.
Client operating system used by the group:
▪
▪
Shows all sessions produced by a group in the system. Report includes information about
each session produced by each user in the group such as; start, end, active, idle,
disconnect and total time.
Devices used by group:
▪
▪
Shows all sessions produced by all groups in the system. Report includes information such
as; active, idle and disconnected time.
Group sessions activity:
▪
▪
Shows the operating system being used by a particular user; operating system, total time
used.Groups Activity.
Groups activity:
▪
▪
Shows information about the devices being used by a user. Report includes information
such as; device vendor, device model and total time used.
Client operating system used by user:
▪
▪
Shows all sessions produced by a single user. Report includes information about each
session; active time, idle time and disconnected time.
Devices used by user:
▪
▪
Shows all sessions produced by all users in the system. Report includes information about
each session; active time, idle time and disconnected time.
Shows the operating system being used by members of a particular group; operating
system and total time used.
Devices used:
▪
Shows all devices using the system. Report includes information such as; manufacturer,
model and the number of sessions opened by the device.
Parallels Remote Application Server Training Manual
247
Reporting
▪
Client operating system used:
▪
▪
RDP version used:
▪
▪
Shows the session activity of users on a particular server. Report includes information such
as; start, end, active, idle and disconnect time.
Server health by server:
▪
▪
Shows the Parallels Client version, the device using that version and how many of those
devices are being used.
Sessions activity on server:
▪
▪
Shows devices and corresponding operating systems that are using the system. Report
includes information such as; device model, operating system and amount of devices.
Shows server CPU and RAM usage for a particular server in a graph.
Applications usage:
▪
Shows information about the applications used in the system. Report includes information
such as; application name, number of times used and the total time the application was
used for.
Parallels Remote Application Server Training Manual
248
Licensing
SECTION 21
Licensing
In This Chapter:
Licensing ................................................................................................................... 250
License & Activation .................................................................................................. 250
Parallels Remote Application Server Training Manual
249
Licensing
Licensing
The licensing section will allow you to view licensing details and enter a license key.
Parallels Remote Application Server trial version has a 50 user, 30-day trial period. After 30 days, you will
need to activate the product with a valid key.
Figure 202 – Licensing Information
License & Activation
To activate Parallels Remote Application Server you require a Parallels business account. Once you have
successfully subscribed for an account, then you can purchase a subscription from our website.
Parallels Remote Application Server Training Manual
250
Licensing
Figure 203 - Licensing Information tab
To activate your Parallels Remote Application Server license, click on the “Licensing” tab on the left hand
side pane of the console. Under the “Licensing Information”, tab click on the “Manage your license...”
button.
Parallels Remote Application Server Training Manual
251
Licensing
Figure 204 - Parallels Business Account login
A dialog box will appear for you to enter your Parallels Business Account credentials. If you have not
registered for an account, click on the “Register” button, and fill in all the required details to set up your
account. Once your account is set up, enter your email and password and click on the “Sign In” button.
Figure 205 - Parallels Remote Application Server activation
Once you have successfully logged in, another dialog box will appear. If you are already in possession of a
license key, enter the key in the “Activate using license key” textbox and click on the “Activate” button. On
the other hand, if you do not have a license key, click on the “Purchase a license” link to redirect you to a
webpage where you can obtain a license key.
Parallels Remote Application Server Training Manual
252
Licensing
Figure 206 - Parallels Remote Application Server activated
When the license key is activated, a dialog box appears stating that the license key has been successfully
activated as shown in Figure 210.
Figure 207 - Synchronizing sites prompt
Next, the application will prompt you to synchronize all the sites configured in the Farm.
`
Parallels Remote Application Server Training Manual
253
Licensing
Figure 208 - Synchronizing sites
If you have chosen to synchronize the sites, another dialog box will appear showing the progress status.
Once the synchronization is complete, click on the “OK” button to finalize.
Figure 209 - Licensing Information
Once Parallels Remote Application Server has been successfully authenticated, all the details will be shown
in the “Licensing Information” tab under the “Licensing” section accessible from the left hand side pane on
the console, as shown in Figure 213.
Parallels Remote Application Server Training Manual
254
HTML5 Client
SECTION 22
HTML5 Client
In This Chapter:
What is the HTML5 Client? ........................................................................................ 256
HTML5 Client Themes ............................................................................................... 257
Open Parallels HTML5 Client .................................................................................... 257
Parallels Remote Application Server Training Manual
255
HTML5 Client
What is the HTML5 Client?
Parallels HTML5 Client is a RAS client application that runs in a web browser. Users can use Parallels HTML5
Client to view, launch, and work with remote applications and desktop in a web browser.
Compared to platform-specific Parallels Clients (e.g. Parallels Client for Windows, Parallels Client for iOS,
etc.), Parallels HTML5 Client does not require end users to install additional software on their computers or
mobile devices. Feature-wise, platform-specific Parallels Clients give users more control over their Parallels
RAS experience than Parallels HTML5 Client. Nonetheless, Parallels HTML5 Client is a fully-featured,
platform-independent client providing end users with an alternate method of working with remote
resources published via Parallels RAS.
The only requirement to use Parallels HTML5 Client is an HTML5-enabled web browser that must be
installed on a client device. Read on to learn how to configure the HTML5 connectivity and use Parallels
HTML5 Client.
Parallels Remote Application Server Training Manual
256
HTML5 Client
HTML5 Client Themes
A theme is a combination of colors, title, icons, display language, and some other items that users will
experience when they open the Parallels HTML5 Client in their web browsers.
To manage themes, navigate to Farm / Site / Themes in the Parallels RAS Console. The Themes view in the
right pane displays the available themes. The list contains at least one default theme. This theme cannot
be removed but you can customize it as needed. In addition to the default theme, you can create your own
themes.
Open Parallels HTML5 Client
To open Parallels HTML5 Client, enter its URL in an HTML5-enabled web browser. The URL that you should
give to your Parallels RAS users depends on how it is configured in the Parallels RAS Console and whether
you have HTML5 Client themes defined in the Parallels RAS Console.
Parallels Remote Application Server Training Manual
257
Parallels Clients
SECTION 23
Parallels Clients
In This Chapter:
Parallels Clients ......................................................................................................... 259
Installing and Configuring Parallels Windows Client and RDP Connections ............... 261
Installing Parallels Linux Client .................................................................................. 268
Configuring Parallels Linux Client ....................................................................... 270
Adding a Parallels Connection ............................................................................ 271
Adding an RDP Connection ................................................................................ 271
Configuring Linux Peripherals ............................................................................. 273
Parallels Remote Application Server Training Manual
258
Parallels Clients
Parallels Clients
Parallels Software has the following clients available.
▪
Parallels Windows Client
▪
Parallels Windows CE
▪
Parallels Mac Client
▪
Parallels iPad/iPhone Client
▪
Parallels Android Client
▪
Parallels Chrome Client
▪
Parallels Linux Client
The Windows and Linux clients can be downloaded from the following site:
http://www.parallels.com/products/ras/download/choose-trial/
The Mac client, iPad/iPhone client must be download from the Apple store.
The Android and Chrome client can be downloaded from the Google Play store.
Figure 210 - RDP Client on Google Play Store
Parallels Remote Application Server Training Manual
259
Parallels Clients
Figure 211 - RDP Client on Apple Store
Parallels Remote Application Server Training Manual
260
Parallels Clients
Installing and Configuring Parallels Windows
Client and RDP Connections
There are multiple clients that can be used to connect to the Parallels Remote Application Server which can
be downloaded at: http://www.parallels.com/eu/products/ras/download/links/
Figure 212 - RDP Client SingleSignOn error message
Please ensure that the version downloaded matches the corresponding operating system. There are
different versions for Windows and OS X depending on the Bit or version of the OS.
Documentation for each client can be downloaded at:
During the installation process for Windows clients, a Single Sign On option can be selected to
utilize domain credentials used for PC logon as well as Parallels. It can be changed to the
opposite state in the Options > General settings in the client.
To add a new Parallels Connection or Remote Desktop Connection, select “File” from the Parallels Client
menu.
Parallels Remote Application Server Training Manual
261
Parallels Clients
Figure 213 - Adding a new RDP Connection
For a Parallels Client Connection, add the hostname or IP in the Primary Connection field.
Figure 214 - Connection Properties
Browsing to select the Primary Connection is also possible by selecting “…”
Parallels Remote Application Server Training Manual
262
Parallels Clients
Figure 215 - RAS Connections
The Client Connection Mode gives administrators the choice to make connections with or without using
SSL. They also provide a means for making direct connections to RDS servers after the initial connection is
made through the gateway.
Parallels Remote Application Server Training Manual
263
Parallels Clients
In the “Connection Mode” field there are four types of connections available:
Figure 216 - RDP Client Connection mode settings
Gateway Mode: Clients are connected with the Parallels Secure Client Gateway and the session connection
is tunneled through the first available connection. This mode is ideal for servers which are only reachable
via the gateway and which do not require a high level of security.
Gateway SSL Mode: A connection is made as in the regular gateway mode, but the connection is
encrypted.
Direct Mode: Clients first connect to the Parallels Secure Client Gateway to determine the best available
server, and then connect directly with that particular Server. This is best used when the client and the
server are on the same network.
Direct SSL Mode: This connection is created as in the Direct Mode option, but the connection to the
Parallels Secure Client Gateway is encrypted.
Figure 217 - RDP Client Connection Port
The Port number can be changed in the Parallels Client but must also be changed in the Properties of the
Gateway Agent under the Network or SSL tab depending on the Mode being used. Port 3389 is the default
port for RDC connections.
Parallels Remote Application Server Training Manual
264
Parallels Clients
Figure 218 - Adding a secondary connection
Secondary Connection can be added as failover in the event of the primary Gateway not being reachable.
As with the Primary Connection the hostname, the IP must be entered or selected and the Mode must be
chosen.
Figure 219 - Alias name
Figure 220 - RCP Client connections
Parallels Remote Application Server Training Manual
265
Parallels Clients
An Alias name can be entered to help make identifying connections easier.
Figure 221 - Connection logon credentials
The Logon section of the Parallels Client is used to enter and store user account information. Auto Logon
can be selected, to establish a connection to the Publishing agent when the user logs on to their computer.
Save Password can be selected to retain the user’s password between sessions, thereby hastening the
logon process.
Parallels Remote Application Server Training Manual
266
Parallels Clients
Figure 222 - Connection Logon Single Sign-On
Single Sign On (SSO) can be selected to use the current domain’s credentials used to log on to the
computer. This is used for domains that require users to change their password regularly and keeps the
Parallels Client passwords current. Note that the credentials are “greyed out”.
To configure the other features of the Parallels Client, a copy of the manual for the respective client can be
downloaded from:
http://www.parallels.com/eu/products/ras/resources/
The Parallels Client for Linux allows the same functionality provided by other Parallels Clients, mainly
connectivity to a Parallels Farm or via RDP to a desktop.
The Parallels Client for Linux has been approved for the following 32bit Linux Distributions:
▪
Ubuntu
▪
OpenSuse
▪
Fedora Core
▪
Fedora 15
▪
CentOS
The Parallels Client for Linux can be downloaded directly from the Ubuntu Directory, or else directly
through the Parallels Downloads page available from:
http://www.parallels.com/eu/products/ras/download/links/
Different packages for the Parallels Client for Linux have been made available in different formats, mainly:
1
.deb
2
.rpm
3
.tar.bz2
4
SSO bundled in the .deb package
Parallels Remote Application Server Training Manual
267
Parallels Clients
Installing Parallels Linux Client
These different packages can be installed by executing the relevant installation processes to the distros
terminal.
Installation Procedures (DEB Version):
1
Switch to the root user.
2
To install, type: dpkg -i ParallelsClient.deb
3
Parallels Client for Linux binaries are now installed under: /opt/Parallels/Client/bin
4
Run the following command to launch Parallels Client:
/opt/Parallels/Client/bin/ParallelsClient
5
You can also run the following commands to obtain a list of all usage parameters for Parallels
Client session: cd /opt/Parallels/Client/bin./appserverclient -?
Installation Procedures (RPM Version):
1
Switch to the root user.
2
To install, type: rpm –ivh ParallelsClient.i386.rpm
3
Parallels Client for Linux binaries are now installed under:/opt/Parallels/Client/bin
4
Run the following command to launch the Parallels Client: /opt/Parallels/Client/bin/ParallelsClient
5
You can also run the following commands to obtain a list of all usage parameters for Parallels
Client session: cd /opt/Parallels/Client/bin./appserverclient -?
Installation Processes (.TAR.BZ2 Version):
1
Switch to the root user.
2
Switch to the root folder: cd/
3
To install type: tar jxvf ParallelsClient.tar.bz2
4
Parallels Client for Linux binaries are now installed under: /opt/Parallels/Client/bin
5
Run the following command to launch Parallels Client: /opt/Parallels/Client/bin/ParallelsClient
6
You can also run the following commands to obtain a list of all usage parameters for Parallels
Client session: cd /opt/Parallels/Client/bin./appserverclient -?
Parallels Remote Application Server Training Manual
268
Parallels Clients
SSO (Single Sign On) Installation Procedures:
1
Install pam_Parallelsclient.so module to have Single Sign On for Parallels Client.
2
The module always returns true and will use an authentication token that will be provided by a
higher authentication module.
Note: When a higher authentication module has been configured to SUFFICIENT, it will return on success
immediately and pam_Parallelsclient.so won’t be called. Please change SUFFICIENT TO REQUIRED.
3
To install the Parallels Client PAM module, add two lines to your session manage service (eg.
/etc/pam d/gdm):
▪
auth optional pam_Parallelsclient.so
▪
password optional pam_Parallelsclient.so
Module arguments:
▪
Debug: Debug trace will be written to /tmp/pam_Parallelsclient.log. If the file cannot be
opened, then syslog will be used.
▪
You can use debug argument with all module types. EG. Session optional
pam_Parallelsclient.so debug
<service_list> The module will create an SSO cookie only for well-known session services.
You can change the list of services to allow: EG. auth optional pam_Parallelsclient.so gdm kde kdm-kde4
1
<service_list> The module will create an SSO cookie only for well-known session services.
2
You can change the list of services to allow: EG. auth optional pam_ Parallels client.so gdm kde
kdm-kde4
Parallels Remote Application Server Training Manual
269
Parallels Clients
Configuring Parallels Linux Client
Once the Parallels Client for Linux is installed, it’s only a matter of configuring the client so that it can
connect to the proper resources.
Just like the Windows client, the Parallels Client for Linux can connect to a Parallels Farm or to a RD Session
Host via the RDP Protocol.
When adding a Parallels Connection through File > Add New Parallels Connection, the following details will
be required:
1
Hostname / IP Address of the Parallels Client Secure Gateway we are connecting to
2
Connection Mode
3
Port
4
Username
5
Password
6
Domain
Likewise, when adding a new RDP connection through File > New Remote Desktop Connection, the
following details will be required:
1
Hostname / IP Address of the machine we want to connect to
2
Ports
3
Username
4
Password
5
Domain
Parallels Remote Application Server Training Manual
270
Parallels Clients
Adding a Parallels Connection
Figure 223 - Linux Parallels RAS Connection Properties
Adding an RDP Connection
Figure 224 - Linux RDP Client Connection Properties
Parallels Remote Application Server Training Manual
271
Parallels Clients
In a nutshell, the Parallels Client for Linux allows the users to access remote desktops and files. The ability
to run remote applications seamlessly over a secure channel is also possible.
Figure 225 - Linux Parallels Client Published RAS Applications
Apart from the standard baseline functionality that the Parallels Client provides, the Linux client also
comes with a command line interface that can be accessed through the following command:
Usage: /opt/Parallels/Client/bin/appserverclient -s Server -u User [options]
Some examples of possible commands can be found below:
appserverclient -s<Server IP> -a<"Application Name"> -u<User Name>
appserverclient -s192.168.0.1 -a"Internet Explorer" -u Administrator
The Parallels Client for Linux Manual contains a comprehensive list of possible command line options, all of
which are available here.
Parallels Remote Application Server Training Manual
272
Parallels Clients
Configuring Linux Peripherals
Figure 226 - Linux RDP Client Local Resources Settings
The Parallels Client for Linux allows the usage of the following local resources when logged on to the
remote computer:
1
Disk Drives
2
Printers
3
Serial Ports
4
Smart Cards.
All of these options can be configured from the Local Resources Tab under the Connection Properties.
Under the same configuration pane, we are also able to configure whether sound redirection from the
remote computer should be redirected to the client machine.
Another possible option made available, is the ability to apply Windows key combinations for desktops
that would make the usage of shortcuts such as alt + tab available.
Redirection of local printers is also possible by configuring the printer in the options dialog of the Parallels
Client for Linux.
The user is expected to input the printer name as well as the driver to the printer list under the Printing
options tab under the Parallels Client for Linux Options.
Parallels Remote Application Server Training Manual
273
Microsoft PowerShell Automation
SECTION 24
Microsoft PowerShell Automation
In This Chapter:
Microsoft PowerShell ................................................................................................. 275
Quering RAS Roles using PowerShell ....................................................................... 276
Pushing RAS RDS Agent using PowerShell .............................................................. 277
Parallels Remote Application Server Training Manual
274
Microsoft PowerShell Automation
Microsoft PowerShell
Parallels Remote Application Server enables administrators to manage their Parallels RAS deployments
using Microsoft PowerShell. The PowerShell module allows Parallels Remote Application Server
administrators to automate various configuration operations and also create automatic scripts for
repetitive and complex tasks.
Windows PowerShell is Microsoft’s command line shell and scripting language. PowerShell is built on the
Microsoft .NET Framework and helps in system administration. By providing full access to COM
(Component Object Model) and WMI (Windows Management Instrumentation), PowerShell enables
administrators to perform administrative tasks on both local and remote Windows systems.
Parallels RAS PowerShell requires Parallels RAS v15.5 Update 2 or higher. Earlier versions of Parallels
Remote Application Server cannot be managed in PowerShell.
The following components must also be installed on the machine where you would be running the Parallels
RAS PowerShell cmdlets
1. Windows PowerShell 3.0 or higher
2. Microsoft .NET Framework 4.0 or higher
In this chapter we will explore briefly the basic PowerShell cmdlets on a very high level, futher examples
and step-by-step processes are demonstrated in the Parallels RAS Labs Manual.
Parallels Remote Application Server Training Manual
275
Microsoft PowerShell Automation
Quering RAS Roles using PowerShell
Establishing
connection with
the RAS Server
Getting all the
published
items
Getting only
the published
RDS Desktops
Getting only the
published RDS
applications
Figure 227 - PowerShell Quering RAS Roles
Parallels Remote Application Server Training Manual
276
Microsoft PowerShell Automation
Pushing RAS RDS Agent using PowerShell
Establishing
connection with
the RAS Server
Getting all the
RDS Servers
Adding a new RDS
Server
Applying the
configurations
Getting all the RDS
Servers
(with the new added RDS Server)
Figure 228 – PowerShell Pushing RAS RDS Agent
Parallels Remote Application Server Training Manual
277
Cloud Offerings
SECTION 25
Cloud Offerings
In This Chapter:
Microsoft PowerShell ................................................................................................. 275
Quering RAS Roles using PowerShell ....................................................................... 276
Pushing RAS RDS Agent using PowerShell .............................................................. 277
Parallels Remote Application Server Training Manual
278
Cloud Offerings
Parallels RAS in Microsoft Azure
Microsoft Azure is a collection of integrated cloud services that you can use to build, deploy, and manage
applications through Microsoft's global network of datacenters. Azure has service level agreements (SLAs)
that guarantee external connectivity at least 99.95% of the time. Using Azure lets you sidestep the cost of
hardware and infrastructure for deploying RAS desktops and applications, providing the necessary
resources for computing, networking, and storage.
By using RAS with Microsoft Azure, you can benefit from all the features of RAS while integrating any
current use of other Microsoft technologies like Windows Server System Center and Hyper-V. RAS on Azure
is fast to deploy, robust, scalable, and easy to manage. With Microsoft Azure, setting up virtual machines is
quick and you can adjust them as your requirements change over time. VMs on Azure support all the RAS
services needed for a deployment.
Leveraging Microsoft Azure capabilities, Remote Application Server supports the use case where backend
services such as Active Directory® (AD) are either deployed on premise or using Azure. Therefore,
Microsoft Office 365, Azure AD, and SQL server mixed with Federation Services are supported. Parallels
Remote Application Server hosted on Azure consists of a small number of components:
▪ Publishing Agent (Controller).
▪ Hosted Shared workers (Session Isolation).
▪ Server VDI Workers (VM/Server Isolation).
▪ Azure Active Directory Services or local AD Controller (for failover purposes).
▪ An Azure local SQL Server VM Instance (for reporting).
▪ Corporate network and Azure must be connected via Site-to-Site VPN.
All roles are supported in Azure, and the final architecture may vary depending on how much Azure will be
utilized. Additional information about Remote Application Server requirements can be found in the
Solution Guide.
Parallels Remote Application Server Training Manual
279
Cloud Offerings
Parallels RAS Azure Infrastrcutre
Endpoint Access Using On-premise
Figure 229 - Azure Endpoint Access Using On-premise
Parallels Remote Application Server Training Manual
280
Cloud Offerings
Endpoint Access Using Azure
Figure 230 - Endpoint Access Using Azure
Parallels Remote Application Server Training Manual
281
Cloud Offerings
Multisite
Figure 231 - Azure Multisite
For end user access, a couple of options should be considered:
1. Existing customer end users can continue to use an existing URL (or gateway access) to leverage
hybrid cloud deployment from an existing on-premise network and can also add additional failover
gateways from Azure Internet inbound networks.
2. New customer end users can receive inbound traffic through Azure and use on-premise
deployments later on.
Parallels Remote Application Server Training Manual
282
Cloud Offerings
All in Azure
Figure 232 - All in Azure
Leveraging Microsoft Azure capabilities, Remote Application Server supports the use case in which backend
services such as Active Directory are deployed either on premise or using Azure. Therefore, Microsoft
Office 365, Azure AD, and SQL server mixed with Federation Services are supported. Parallels Remote
Application Server hosted on Azure consists of a small number of components:
▪ Publishing Agent (Controller).
▪ Hosted Shared Workers (Session Isolation).
▪ Server VDI Workers (VM/Server Isolation).
▪ Azure Active Directory Services.
▪ An Azure Local SQL Server VM Instance (for reporting).
Parallels Remote Application Server Training Manual
283
Cloud Offerings
Virtual Machine Requirments
Virtual Machine Requirements in Azure
VM Role
OS
CPU
Memory
Disk Requirments
Publishing Agent
Windows Server ®
2012, 2012 R2/2016
2 vCPUs
8 GB
40 GB
Gateway
Windows Server ®
2012, 2012 R2/2016
2 vCPUs
8 GB
40 GB
RD Session Host/
Application Servers
Windows Server ®
2012, 2012 R2/2016
4 vCPUs
16 GB
Depends on use
case
High Availabilty
Gateways
Debain
2 vCPUs
4 GB
10 GB
Virtual Machine Requirements On-premise
VM Role
OS
CPU
Memory
Disk Requirments
Publishing Agent
Windows Server
2003SP1, > Windows
Server 2016
2 vCPUs
8 GB
40 GB
Gateway
Windows Server
2003SP1, > Windows
Server 2016
2 vCPUs
8 GB
40 GB
RD Session Host/
Application Servers
Windows Server
2003SP1, > Windows
Server 2016
4 vCPUs
16 GB
Depends on use
case
High Availabilty
Gateways
Debain
2 vCPUs
4 GB
10 GB
Parallels Remote Application Server Training Manual
284
Cloud Offerings
Azure Marketplace Virtual Machine Templates
With the infrastructure requirements completed, Parallels Remote Application Server VMs can be
deployed. There are two approaches:
▪ Virtual Machine Templates from Azure Marketplace (preferred method).
▪ Deploy Windows Server Datacenter instances in Azure, and push Remote Application Server
components.
Once selected VMs are deployed in Azure or an on-premise datacenter, you must connect them from the
Remote Application Server Publishing Agent.
Parallels Remote Application Server Training Manual
285
References
SECTION 26
References
Parallels
Corporate Website
http://www.parallels.com
RAS Homepage
http://www.parallels.com/products/ras/remote-application-server
Solutions
http://www.parallels.com/cross-platform-solutions
Documentation
http://www.parallels.com/products/ras/resources
Downloads
http://www.parallels.com/products/ras/download/links
Support
http://www.parallels.com/products/ras/support
Microsoft
Capacity Planning Windows 2008 R2
https://technet.microsoft.com/en-us/library/cc732102(v=ws.10).aspx
Capacity Planning Windows 2012
http://download.microsoft.com/download/D/3/0/D308F3B6-5B4D-434C-AEDF6E5B20B9746A/RD%20Gateway%20Capacity%20Planning%20in%20Windows%20Server%202012.docx
Remote Desktop Services
http://technet.microsoft.com/en-us/library/hh831447.aspx
URL: http://www.parallels.com
E-mail: engineer.certification@parallels.com
Information in this document is subject to change without notice. Companies, names, and data used in examples herein are
fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means,
electronic or mechanical, for any purpose, without the express written permission of Parallels Software Ltd.
Parallels Remote Application Server and Parallels Remote Application Server Portal are copyright of Parallels Software Ltd. 19992017 Parallels Software Ltd. All rights reserved.
Parallels Remote Application Server Training Manual
286