Published on February 23, 2014
Economies of Scale - Zero Clients ZERO CLIENT DEPLOYMENT WITH IPP/RPC HYBRID SaaS SOLUTION A Solution for Zero Clients Utilizing an Internal Built Solution BY BRIAN MURPHY / www.vcissgroup.com Cost Save: High Areas: CAPEX, TCO, ROI Summary Technology has been around for some time but never used in this capacity, that I'm aware. Maybe someone beat me too it but I originally created this draft article back in 2010. I've implemented the solution, I designed the solution after being given the question of "Can you make printing a viable, cost effective solution versus us bringing in developers that want to charge us $300,000.00 to create a print solution". This is what I came up with and built out the proof of concept. If you have Windows 2008R2 Print Servers or even earlier, you can enable IPP and simply change the website to Integrated (Print GUI). Internal load balancers, external load balancers, split DNS if necessary to keep one FQDN like print.mycompany.com which is DELEGATED to the load balancer which must have: 1. Load Balancing by proximity 2. GSLB I’m basing this draft on what I know from previous readings. It requires more research to see what we can do with the ADMX file that goes with this solution but I know that what I’m writing as of now will work if implemented as stated but we do need to create a formal step-by-step and testing. This has the potential to greatly simply printing for Zero Client but is NOT a end-all-be-all for all customers where something like Google Cloud Print mightvery well provide a better solution if mostly WFH users and by no means does it impact our standard offering for non-Zero client which should be and hopefully will never change: (below) Citrix Universal Printer Driver only
Disable install of native drivers Map Default Client Printer Only Provide Universal Printer Object and XML Viewer (Client) for ALL other local printers defined on the client workstation that does not fall underZero Client classification Note: This new solution solves more than just Zero Client! The Solution for having Internal Zero Client Print Offering Does this exist today? The technology does, we just have to gi ve it life. Can we implement today with existingequipment? Yes Does it cost anything in terms of new CAPEX? No, should be able to utilize existing infrastructure and servers Is it secure? YES, HTTPS on the frontend website > Printer Gateway just passes traffic to customer print server. There are additional adva ncedlogging features on the IIS server that we can forward to our collection server. Did we decide on the collection server? How can I put this….It resolves your issue and question regarding the zero client in a way that is a possible long term resolution. It immediately allows anyzero clients to print to any registered printer on the customer network. The solution is internal but users conn ect from anywhere. IPP rules don’t apply.I’m calling this ICP –Private Cloud Printing Service (PCPS). It resolves the Zero Client WFH printer issue but requires additional administrative work – for the customer. We certainly don’t want to get in theprinter busine ss. (Home Printing Only). 1. It requires setting up a dummy printer on the print server that matches the users’ printer and driver. W hen I say driver, the best case scenario is havingthe customer update their driver to the latest driver hosted o n the customer print server and choose the output as “USB” or LPT for example.Next, thePrinter Name must match the name on the client machine. 2. Keep in mind, they are already running the virtual desktop which is already authenticated so what would normally be Internal facing VIP or service wejust made a private cloud printing service.It is merely an interface for the Zero clients to use (web based).
3. This is probably not documented anywhere but IPP as a protocol has been around for some time and I’ve done this with Server 2003. It does require acustom er resource for sure and they must follow the best practices defined by our team initially. We have several options for the customer, each having pros and cons. Leveraging Windows 2008 R2 we are going to take advantage of what is referred to as RPC over HTTPS. IPP or RPC witt HTTPS over TCP 443 combined with II7 allows us to present a DYNAMIC print server list of printers in Web Interface. But that is Internet? Why go internal if made for internet? Because we can and we thought of it first! Well, it was not really made for Internet other than it allowed for connecting to printers at work from home in a secure manner. We are going to use this to connect to printers internally in a secure manner from a device that does not support printing but the OS does and using GPO we can allow this to happen inthe write cache. There has never been a need until now, with ZERO CLIENT. Think about it, it provides the ability to print over the internet using RPC encapsulated in HTTPS.Yet, it is perfect for this specific scenario – a fact that we should take full advantage of before others catch on and become the first to create the ZERO CLIENT printing! If you turn it on internal then it defaults to RPC and you can use Windows Integrated Login for the website so the ZERO Client running the Windows OS connects to the website and the OS and website are now communicating and the ZERO Client doesn't care at this point that you are printing RPC. Printer is automatically installed. Printer is now available to print. More than likely, there is probably a way to automate this further. Option 1 Host the Private Cloud Printing Service (PCPS) in a dedicated infrastructure zone. Multiple clients per PCPS, clients only see their printers due to one-way-trust. Redirect output to print servers at each site or we can host a dedicated customer print server with standard drivers – policies configured to useUPD regardless - another MT-Print Server with all the printers for all customers in the Domain or even IP based and provide access to the Printer ManagementConsole for each customer. Option 2
Place a PCPS at each location where the customer maintains a file server and in this case they will need to add the WFH printers to that server. Option 3 There are always more options. I’m just documenting what I am thinking at this moment. Benefits Private Cloud Printing Service (PCPS) makes it possible for VDI running Windows OS to use printers that are located anywhere in the world, using anyclient, can print to the closest c orporate owned printer. A website is presented to the customer with a list of printers to which they have access; this can be > printers or fax machines or multi-purpose devices. The Private Cloud Printing Service (PCPS) Gateway Server can be hosted in the client segment but must have a registered IP and URL that is merelyInternal accessible. As an option, we can consolidate all “printers” to the client subnet in a dedicated customer zone and IPP web interface to contact thisserver instead of placing multiple Private Cloud Printing Service (PCPS) Gateway Servers in the customer environment. Although this is an option the following must be considered: We do not want to be in printing driver business; customer must manage Printing output to printers in remote offices experience slowness (However) o Possible resolution is the remote office Branch Repeater product from Citrix This provides faster printing This provides faster file copies
This provides faster ICA/HDX compression and speed This provides faster application traffic for SQL, Oracle and certain others Note: Requires Platinum Edition ofXenDesktop but is more than worth the expense for what you get. Side Note: Why you SHOULD buy PLATINUM. Branch Repeater XenApp as application consolidation – o Platinum allows Xenapp or XenDesktop connects HDX WAN Optimization for high-end graphics Edgesight o Monitoring and Reporting o Trending o Forensics Historical Analysis Suite Edgesight for virtual desktops Edgesight for Netscaler Edgesight for Branch Repeater SSO – Single Sign On o SSO for Customer Business Applications Quick Summary Keep in mind, users are already authenticated. They are simply remote. By exposing a website or websites as a VIP to a VDI that is already authenticated
allows for Integrated Logon. The site will not be searchable, you are not required to authenticate like with regu lar IPP due to having the one-way-trust.Internal infrastructure already exists. How does it work! The “Private Cloud Printing Service (PCPS)” process is as follows: From a client computer user types the internal URL for a printing device (Option 1) o Created as Favorites in Profile VDI customer types in URL of the website hosting PCPS relay components o User is authenticated using Integrated Logon (must be enabled – not on by default) o User is presented with a list of printers to which they have access o User clicks printer, printer is installed, printer is now available to Zero Client The RPC (internal) request is sent over the LAN or MPLS customer “Private Cloud Printing Service (PCPS)” server o Hosted per customer segment and can exist on the customer owned file server o However, preferred is create a “Delivery” segment due to one-way-trusts you can actually host every customer printer on one ICPserver but the more we host the mor e resources we need but this is better than one or two per customer segment o The other option is to have the customer host an ICP per segment where the print servers reside After the server authenticates the user utilizing Integration, the server presents status information to the user by using Active ServerPages (ASP), which contains information about currently available printers to which they have access When the client first tries to connect to any of the printers it searches for a local driver. o The Zero Client does not allow this but in this case the VDI and writecache would allow, although only per session. o Our Private Cloud Printing Service (PCPS) server generates a cabinet file (.cab file, also known as a setup file) that contains theappropriate printer driver files. o The print server downloads the .cab file to the VDA. o The user on the client computer is prompted to download the .cab file
o Prompt can be removed by GPO. o It is “possible” that we can remove the CAB file download and just have the virtual OS p erform a “logical mapping” and send outputdirect (GPO). I would be surprised if this is not an option. o The client computer downloads the printer driver and connects to the printer by using RPC due to this being an “Intranet” LAN/WANprinting. o Internal Printing Protocol (IPP) is an option if client wishes for a more secure option where the traffic is HTTPS/RPC. o All of this is controlled by an extensive ADMX file for GPO o With a Mediumhigh or Medium security zone, IPP is used, and with a Mediumlow security zone, RPC is used. At this point, the virtual OS that is running on the Zero Client is now able to print using our Gateway service and it was all internal. Additional Recommendations The print server can use IIS and other technologies to collect and log extensive data about the user, the computer that sends the printing request, and the request itself. If we can use the Windows collection service this would be a perfect fit to enhance security and provide auditing for customer. It might be possible to turn off the CAB file download and print direct. I think this is in the GPO but have not had time to research. Hopefully, more to come on his one but as is it resolves the Zero Client Issue utilizing existing technology. Many have used this article to implement Zero Client and free RPC/IPP internal printing using print servers that already exist simply enable IPP printing and you have a web GUI on that print server. But differentiation is all about being extreme, rewarding the best and weeding out the ineffective. Rigorous differentiation delivers real stars—and stars build great businesses. Welch, Jack; Byrne, John A. (2003-10-01). Jack: Straight from the Gut I was blunt and candid and, some thought, rude. My language could be coarse and impolitic. I didn’t like sitting and listening to canned presentations or reading reports, preferring one-on-one conversations where I expected managers to know their businesses and to have the answers. I loved “constructive conflict” and thought open and honest debates about business issues brought out the best decisions. If an idea couldn’t survive a no-holds-barred discussion, the marketplace would kill it. Larry Bossidy, a good friend and former
GE vice chairman, would later liken our staff meetings to Miller Lite commercials. They were loud, raucous, and animated. Welch, Jack; Byrne, John A. (2003-10-01). Jack: Straight from the Gut Eventually, I learned that I was really looking for people who were filled with passion and a desire to get things done. A résumé didn’t tell me much about that inner hunger. I had to “feel” it. Welch, Jack; Byrne, John A. (2003-10-01). Jack: Straight from the Gut Brian Murphy 101 E. Park Blvd, STE 711 Plano, TX 75074 (M) 214.476.4513 Brian.Murphy@guideit.com
Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...
In this presentation we will describe our experience developing with a highly dyna...
Presentation to the LITA Forum 7th November 2014 Albuquerque, NM
Un recorrido por los cambios que nos generará el wearabletech en el futuro
Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...
Thin / Zero Client Printing; ... is the printing solution for any virtual ... connecting to VDI environments; Supports VDI printing over PCoIP on ...
The document was removed. Please view another documents 1 × Close Share VDI - Zero Client Printing Solution
Thin & Zero Client Printing. ... Printing Solutions. Citrix Printing; RDS Printing; VDI Printing; Universal Printer Driver; Mobile/BYOD Printing;
... such as Thin Clients and Zero Clients. ... Print server and the local printer. Other solutions to be ... of this Printing Architectures for VDI.
With the HP t410 Smart Zero Client, you'll get a powerful cloud machine, ... Business solutions Printing ...
10ZiG offers Thin Client & Zero Client solutions certified ... Thin Clients For VDI; Zero Clients For VDI; PCoIP Solutions; Software & Management; Tablet ...
Teradici PCoIP zero clients enable the ultimate virtual desktop ... PCoIP Zero Client Security Solution ... efficient VDI, PCoIP Zero Client Desktops in ...
Key Considerations in Choosing a Zero Client Environment ... Zero Clients are a Complementary Solution ... VDI end users seek a ...
Do you need third-party printing solutions for VDI? by ... your client device will share its printer so the software running on the remote host can see it ...