Archive
ThinKiosk 3.3 released
Just a quick note to point out I’ve added ThinKiosk 3.3 to the download list.
ThinKiosk 3.3 is a big collection of bug fixes for application launching, process launcher etc and has been available to customers for a number of weeks without any issues. If you are facing any niggles please do drop by the download page and grab a copy. All the new functionality I’ve been leaking on twitter will be available in 4.0.
As for ThinKiosk 4.0, it’s a massive overhaul, includes tons of new functionality and Beta testing while very positive, is taking alot of time to iron out the creases. Expect a release before July.
Norskale Transformer is ready!
I’m absolutely delighted to announce that ThinKiosk has made it’s way into the Norskale User Environment
Management (UEM) stack: VUEM (or Virtuall User Environment Management). It will be appearing as an additional module named “Transformer”. This has been in the pipeline for some time now and it’s great to be finally ready to talk about it!
About Norskale, in my opinion:
For those of you who may be unfamiliar, Norskale are the new up and coming stars in the UEM market. Norskale is the technical brain child of Citrix CTP, community expert and all round nice guy Pierre Marmignon. Pierre brings over a decade of user virtualisation experience to the table. Pierre is acutely aware of the failings in the UEM/ Remote Desktop market and is using these to great effect, creating a lean, extremely fast and easy to use end user management solution at a good price to boot.
Pierre is backed by extremely clever development / marketing and management teams and with their help, Norskale is making serious waves, just in their first year, shaking a market segment that was somewhat dormant for many years.
How did this transpire?
Pierre reached out to me late last year about a potential partnership between ThinKiosk and Norskale. Funnily enough Pierre reviewed the code of ThinKiosk 1.0 and as quite a new comer to this community,Pierre has always been an idol of mine in the Citrix community. It was because of Pierre and a handful of other guys in this community I decided to start blogging and release free tools.
With all this in mind, when Pierre reached out, I jumped (backflipped) at the possibility to work with him!
And how has it turned out?
I’ve worked closely with the Norskale development team as they completely refactored ThinKiosk’s code to make their own VUEM integrated version that would suit their application framework and leverage all the functionalities they were already providing.I’ve been blown away with the results. Norskale VUEM is already a fast, feature rich and clever offering, but with a ThinKiosk style Workstation to ThinKiosk conversion they now can offer a unique end to end solution for user virtualisation in VDI and Server Based Computing (SBC).
Keeping simplicity as key, it’s a matter of a checkbox to convert a pc to a Thin Client using Norskale, and just as simple to roll back completely should you need to. The Norskale solution has been written, debugged and signed off by a team of wizard developers and I couldn’t be more proud of the results.
So now you can instantly roll out any VDI or hosted desktop initiative in a snap and without heavy investment in traditional thin client hardware. And you are getting the best level of performance and manageability one can think off.
And the nitty gritty?
With Transformer, Norskale now have a ThinKiosk style solution as an add on to VUEM, their UEM solution which has all the features of the ThinKiosk product (and much more) to offer to it’s customers.
Norskale’s Transformer will be maintained and evolving as a separate product entirely. But as part of our partnership, all improvements, features and solutions I add to the ThinKiosk solution will be available to Norskale for use in their own product. With this they get all of the benefits of their enterprise solution, along with the innovations ThinKiosk customers and aficionado’s are driving.
What about ThinKiosk?
ThinKiosk will remain free to use, will continue to be developed… I have a massive release coming out shortly. Worry not!
ThinKiosk is not going anywhere and if you are a Norskale customer, or considering becoming one you will get the benefit of having their end to end solution and any features I add to the ThinKiosk product, all with Enterprise grade support and scalability. It really is a win/win solution for all involved.
Going forward.
Norskale has a big, big future. It was an absolute blast to meet their development team and work with them on this project, I’m honestly looking forward to working with them again on new idea’s and solutions.
Got an idea of your own?
If like me you had a unique idea but struggled to see the bigger picture go speak to Norskale, NOW. They will help you leverage your idea, bring it to market and help you add to a game changing solution. They understand the space, the challenges of creating a product on our own and then trying to monetize it.
I need your help Server Based Computing / VDI Experts!
Hi Guys and Gals. I’m currently fighting the good fight with Microsoft support and require your help and backing in order to close down a long standing bug in the Windows Explorer Shell.
As you are all aware, hiding the c: drive and restricting access has been a utility we use frequently in shared computing and VDI environments. Restricting this functionality removes views of the shared drive from users and adds a layer of security and complexity* to ensure the users in question have access to only what they need in order to do their jobs day to day.
*I’m not looking to argue the merit of doing this either, it really depends on the business case or environment to dictate whether this option is set. I’m NOT saying it should be done in every case.
We all know it’s not fool proof, there are certain ways for users to circumvent this layer and I particularly don’t want to discuss them here to give potential devious users a landing page for idea’s!
The problem:
Prior to windows Vista, when you hide the c: drive and an application requests access to a c: drive folder, be it from an “open save dialog” or otherwise, Windows detects this event knows that the folder is restricted and merely redirects them to the desktop which they can see then browse to where they wish to open or save a document. This has worked fine to memory since windows server 2000.
But with the changes to Windows Vista’s windows explorer, repeating the above steps will result in the following annoying, unnecessary and interrupting error message “This operation has been cancelled due to.. bla bla blah”:
This issue can be easily recreated, simply hide and restrict the c: drive, then click start > run > browse… bang.
The more annoying problem here, is after the error message, windows simply redirects back to visible folder. In most cases this is the documents library. So the error message is simply poping up then reverting to the functionality seen in previous operating systems.
So to review:
- Issue introduced in Vista / 2008 and above.
- error message displays.
- Previous redirect functionality is still there and occurs after ok is pressed.
To Microsoft!
Being a pedantic individual, along with my colleague we brought this to Microsoft support and somehow lost months in the conversation as follows:
- Microsoft then redirected us to RES Software.
- Who (although very nice about it) sent us back to Microsoft.
- At which point I got involved.
Now with the correct audience and suitable severity, this problem has been identified as “introduced in Windows Vista” as an “Added Security feature“. How an annoying pop up box, masking previous functionality is a security feature is anyones guess, but it’s bloody annoying…
We have raised this as a bug and have requested Microsoft to fix it. The change in question was deemed as large change or substantial change due to WIndows explorer being used by all of the operating systems and basically told, without significant backing, this change wont be implemented.
Bureaucracy and broken policies, yes but that doesn’t help my customer.
Here’s where I need you:
In order to bolster this change and fix an issue in our beloved operating systems for Server Based Computing and VDI environments I need to hear from you and your customers to confirm they have had this issue, or currently face the issue and wish for a fix.
- If you are a customer and suffer this issue, email me.
- If you are a consultant and have customers with this issue, email me.
- If you or your customer have enterprise support with Microsoft, I ESPECIALLY want to hear from you.
What’s in it for you?
Microsoft have provided us a work around, as a process that watches window messages and suppresses this dialog box when it occurs. If you get in touch, I’ll recompile this application with Microsofts permission and pass it on to you for use in your environment while we get “The Man” to fix it!
This fix is a bit of hack, as it’s scraping window messages but it’s light weight and scalable. Use this process for now and I’ll provide you with updates on a fix as and when I get them.
How do you contact me?
Please drop me and email on andrew{at}andrewmorgan{dot}ie with the following information:
- Customer name:
- Affected users:
- Has enterprise support: (yes/no)
Once I have that information, I’ll send you back an executable via dropbox and keep you updated on the call process. This information is merely going to be fed straight to Microsoft with my personal guarantee of confidentiality. No funny business.
If you can’t share customer information, but have suffered this issue in the past, no problem! Please comment on this blog post the number of seats that were affected and roughly how many times you’ve seen it.
That’s it!
Thanks for entertaining my request for help and hopefully you too want to get this issue fixed as much as I.
Another handy little tool, Move On Boot.
Upon receiving a new dll from a support provider recently, I could not replace the existing file, as the file was in use by the system. A restart to safemode also wielded the same result. Dang!
I wanted to use the PendingFileRenameOperations registry key to instruct windows to copy a file during the boot process.
The issue with this key and behavior is that in order to tell windows to delete a file, the next line to the source file must be blank… if you manually try to add a blank line to regedit you receive the following error!
I needed an application to move a file during the boot process of windows before the service or handle held the file I wanted to replace open. I decided to write a new tool called MoveOnBoot.exe.
MoveOnBoot leverages the PendingFileRenameOperations registry key and the MoveFileEx Api to move the file on boot simply and easily.
Move on boot does the following:
- Adds the copy jobs to the PendingFileRename key you specify.
- Copies the new file into the target directory with an _newer file extension.
- Optional: instructs windows to copy the current file to a _old extension
- instructs windows to replace the target file with the _Newer file.
How to use it:
Simply select the source and destination files as below:
Optionally choose to backup the target file during the operation with the check box above.
Once you have added all the files you need to replace, you can check the queue by going to file > view pending operations:
And that’s it! restart the device and let windows do the hard work.
Optionally, if you chose to backup the file as part of the operation, you will find an _old file in the target directory as below:
Download:
Support information:
- Requires Administrator privileges.
- Requires .net framework 2.0 or greater.
Announcing SBC Printers, A simple printers interface for XenApp / VDI
A little irk of mine with Windows 7 and server 2008 R2 was the Devices and Printers interface. This mix of peripherals is fine for standard desktops, but in SBC / VDI the devices list generally contained items you didn’t want users seeing, or ejecting for that matter!
Not happy with the Irk, and still on my app developing buzz, i decided to write SBC Printers:
SBC-Printers is a simple little .net 4 application, leveraging WMI for printer enumeration and control.Because SBC Printers is an executable, it can published as a XenApp application. Sbc Printers can also be installed as the default printers interface on the start menu:
So really your users won’t know the difference or care for that matter!
SBC-Printers also comes with securable options for adding or deleting local printers:
The display of add or delete can be controlled via the settings file in the installation directory:
Installation:
- Download the following MSI
- Install the MSI to the default directory.
To restrict the standard printers dialog from users, but leaving it accessible to administrators:
- Browse to c:\program files (x86)\SBC-Printers\bin
- run the powershell script below, make sure to run it as an administrator!
That’s it, once the Powershell script runs. it removes the users access to the registry classes giving them access to the standard devices and printers interface. Which means we’re now ready to provision SBC-Printers to replace it.
Provisioning the replacement to the user:
Now just import the userkey.reg into the users profile on login, you can do this via your user profile manager of choice, or use Group Policy preferences.
That’s it!
As you can see I haven’t streamlined the install process too much, this is mostly down to the simplicity of the tool. If you like SBC-Printers but would like a better installer, just drop me a comment below.
Roll back:
if you need to restore the standard interface, uninstall SBC-Printers then add the (local computer\users) group back to the following registry keys ACL:
- HKCR\software\classes\CLSID\{A8A91A66-3A7D-4424-8D24-04E180695C7A}
- HKCR\software\Wow6432Node\CLSID\{A8A91A66-3A7D-4424-8D24-04E180695C7A}
Profile:
Donate:
If ThinKiosk or any of my blogs, scripts or applications were useful to you, please consider donating!
Recent Comments