Manage VDI

Applies To: Windows 8.1

For a Virtual Desktop Infrastructure (VDI) deployment in education you can use numerous technologies to manage your VDI including Group Policy, Windows PowerShell, System Center 2012 R2 Configuration Manager, and Windows Intune.

Table 10 lists the technologies available for managing your VDI. You can select any combination of these technologies to design a complete VDI management solution. Each technology is discussed in a subsequent section.

Table 10. VDI Management Technology Selection

  Group Policy Windows PowerShell System Center 2012 R2 Configuration Manager Windows Intune

Control Windows Store access

Yes

No

Yes

Yes

Control installation of apps

Yes (with AppLocker, which requires Windows 8.1 Enterprise)

No

Yes (in conjunction with Group Policy and AppLocker, which requires Windows 8.1 Enterprise)

No

Operating system setting management

Yes

Yes

Yes

Yes

User setting management

Yes

Yes

Yes

Yes

App setting management

Yes (if registry based)

App specific

Yes, but scripting may be required

Yes, but scripting may be required

Centralized administration model

Yes

No

Yes

Yes

On or off premises

On premises

On premises

On premises

Off premises

On-premises infrastructure

AD DS

None

  • Managed networks

  • System Center 2012 R2 Configuration Manager

None

VDI sessions must be domain joined

Yes

No

No, but challenges exist for native support; Windows Intune integration is recommended for nondomain-joined VDI sessions

No

Supports self-service model for software and updates

No

No

Yes

Yes

Supports push model for software and updates

Yes

Yes

Yes

Yes

Can be used to create enterprise app store

No

No

Yes

Yes

User interaction

  • IT pro does back-end configuration

  • User performs no actions

IT pro performs all tasks

  • IT pro does back-end configuration

  • User has no interaction for push model and limited interaction for self-service model

  • IT pro does back-end configuration

  • User has no interaction for push model and limited interaction for self-service model

Provided with Windows 8.1

No

Yes

No

No

Provides unified solution for the entire software life cycle, including installation, updates, supersedence, and removal

No

No

Yes

Yes

Can be used for operating system deployment

No

No

Yes

No

Requires additional cost

Yes (if AD DS is not already installed)

No

Yes (if no System Center Configuration Manager infrastructure is installed)

Yes (subscription model)

Manage institution-owned devices

Yes (if domain joined)

Yes

Yes

Yes

Manage personally owned devices

No (as are typically not domain joined)

Yes

Yes (through Microsoft Exchange ActiveSync connector or Windows Intune integration)

Yes

Note

You can manage Windows Store apps and desktop applications in VDI by using any technology used to manage Windows Store apps and desktop applications on physical devices. For more information about Windows Store app and desktop application management, see Windows Store Apps: A Deployment Guide for Education and Plan for Windows 8.1 Deployment: A Guide for Education.

Group policy

You can use Group Policy to manage user, Windows operating system, and application settings for the VDI infrastructure and VDI sessions. Ultimately, you can use Group Policy to manage any configuration settings stored in the Windows registry. Microsoft provides built-in Group Policy templates for most common configuration settings. In addition, you can create custom Group Policy templates that allow you to manage configuration settings that the built-in templates do not provide. You can also use Group Policy to control Windows Store access and the installation and running of apps on devices (when used in conjunction with AppLocker). You can also use Group Policy to manage Remote Desktop Services, Remote Desktop Client, and RemoteFX configuration.

Note

Personally owned devices are typically not domain joined and as such cannot be managed through Group Policy. Institution-owned devices that are domain joined can be managed by using Group Policy.

Additional resources

Windows PowerShell

You can perform many common Windows 8.1 administrative tasks by using Windows PowerShell cmdlets, including Windows Store app management and operating system configuration. You can also use Windows PowerShell to manage the Windows Server 2012 R2 server roles and role services. You can use Windows PowerShell interactively or to create scripts that can be run to perform more complex tasks for the VDI infrastructure and sessions.

Additional resources

System Center 2012 R2 Configuration Manager

System Center 2012 R2 Configuration Manager automates the ongoing management of the VMs, the Windows Server 2012 R2 server roles and role service, client devices, and the other infrastructure services (such as AD DS or DHCP). You can use System Center 2012 R2 Configuration Manager to automate the following management tasks for the VDI infrastructure and VDI sessions:

  • Deploy Windows Store app and desktop applications

  • Deploy software updates and hotfixes

  • Help ensure compliance with established configuration baselines

  • Provide virus and malware protection

  • Inventory hardware and software assets

  • Provide remote helpdesk support for users

  • Provide comprehensive reporting on the current status of all hardware assets, software assets, software deployment status, compliance status, software update status, and other reports

System Center 2012 R2 Configuration Manager provides a unified console for managing VDI and can optionally integrate with Windows Intune to help you manage devices that are not connected to the educational institution’s intranet. Institution-owned devices can be managed by using System Center 2012 R2 Configuration Manager. Personally owned devices are typically not domain joined and cannot be managed by using System Center 2012 R2 Configuration Manager only, but personally owned devices can be managed by using System Center 2012 R2 Configuration Manager with the Exchange ActiveSync Connector or Windows Intune integration.

Additional resources

Windows Intune

Windows Intune is an off-premises, cloud-based management solution that provides device management, software installation, and software update management. Windows Intune can integrate with System Center 2012 R2 Configuration Manager to provide a unified management solution for the VDI infrastructure and sessions. You can use Windows Intune to manage institution-owned or personally owned devices.

Additional resources

See also