© 2009 Immidio. All rights reserved.This presentation is for informational purposes only. Immidio makes no warranties, express or implied, in this summary.

Legacy versus Innovation

What people think the TS

product team did over the

last couple of years

What the TS product team

really did, except being

renamed to “Presentation

and Hosted Desktop

Virtualization“ groupWin 2008 TS

Win 2003 TS

Win 2000 TS

Windows

NT TS

A B C D

LSM

OS Platform

TS

Remote Desktop Architecture

User SessionSystem-wide

User

Mode

Kernel

Mode

Network

Protocol

Stack

System Services

and

Session Management

User-specific

Kernel Components

and Drivers

Winlogon,

User Shell

and Applications

WS2003 Architecture

User Sessions 1 - nSystem-wide

Kernel and NetworkComponents and Drivers

Terminal ServicesSessions Mgmt.

Remote Connection Mgmt.

User-specific

Kernel ComponentsDrivers

Remote SessionUser Shell

and Applications

KernelDrivers

ConsoleShell &

Apps

Admin

Authen-

tication

Event

Handler

WS2008 Architecture

User Sessions 2 - nSystem-wide

Kernel and NetworkComponents and Drivers

RDSRemote

Connection

Mgmt.

User-specific

Kernel ComponentsDrivers

Remote SessionUser Shell

and Applications

KernelDrivers

ConsoleShell &

Apps

Local

Authen-

tication

Event

Handler

LSMSession

Mgmt.

Session 0 Isolation

App A

Session 0

Service A

Service B App B

App C

App D

Session 1

App E

App F

App A

Session 1

App B

App C

Session 0

Service A

Service B

App D

Session 2

App E

App F

Win

do

ws S

erv

er

20

03

Win

do

ws S

erv

er

20

08

UI0Detect

Interactive

Services

Detection

Service C

Service C

Remote Desktop Architecture

TS Device Driver

Termdd.sys

Rdpwd.sys

Tdtcp.sys

Smss

Terminal Server Service

RDP Protocol Ext.

Rdpwsx.dll

Csrss.exe

Per-

Session

Apps

TCP/IP

Network Card Drv.

Win32k.sys

Display Driver

Rdpdd.sys

Kbdclass.sys

Mouclass.sys

TDI Interface

NDIS Interface System

Space

Session

Space

User Mode

Kernel Mode

TsSecSrvCredSSP

LSM

TsTheme

UserInit

Explorer/RDPShell

LogonUI

Winlogon

TsAppCompat

User Connection Sequence

• Why do you want to know about details?

– User session initialization sequence details may help

you when troubleshooting terminal servers

• Initialization sequence in a nutshell

1. Connection initiation and user authentication

2. Load balancing

3. Settings exchange and device mapping (VCs)

4. Licensing

5. User session initialization

6. Applying user profiles and group policies

Dynamic Virtual Channels

Terminal ServerTS Client

Per

Session

Apps

Terminal Server

Device Driver

WinStation Driver

Transport Layer (TCP/IP)

TS Service

Transport

Layer

Network

Layer

TS User

Mode Driver

USB Bus Driver

uWDF Reflector

RDP Client

USB Host

Controller

uWDF Host

Dynamic Virtual Channel

USB Bus

Driver

Device

Driver

Rdpwsx Smss/Lsm

Profiles – Timing is Important

• Step 6 drill-down – profiles and GPO

1. Load profile

2. Apply Group Policy Objects (GPO)

3. Run GPO logon script (Group Policy configuration)

4. Map TS home drive (AD User configuration)

5. Run AD logon script (AD User configuration)

6. Application initialization, launch script (UsrLogon)

7. Application / Desktop is started

• TS home drive not available in GPO logon script

– Consider using AD logon script

Remote Desktop Window Station

Four desktops form an interactive Window

Station, internally referred to as “WinSta0”

Winlogon

desktop

Application

desktop

Screen saver

desktop

Disconnected

desktop

TS Seamless Windows

Local

Applications

RemoteApp

Program

Terminal

Server

Workstation

Includes local devices, file type mappings,

notification area, and clipboard

Rdpshell.exe

Like Citrix Wfshell.exe

Rdpinit.exe

RDP shell login application

RemoteApp Session Processes

• Processes running in user context

– Rdpshell.exe: RemoteApp shell

– Rdpinit.exe: RDP shell logon process

• RemoteApp challenge

– Sessions that may not be terminated properly after

the user closes last RemoteApp program

– System processes not preventing user logoff are

configured in the registry under HKLM \System

\CurrentControlSet \Control \Terminal Server

\SysProcs

Microsoft Shim – TsAppCmp.dll

Terminal

ServerRegistry Files and Folders

Session 1 Session 2

TsAppCmp.dll TsAppCmp.dll

TS Client Application

Mstscax.dll

Network

Protocol

Stack

Terminal ServerTS Client

Win32k.sysKernel

TS Device DriverTermdd.sys

Tdtcp.sys

TS API ApplicationWtsapi32.dll

Rdpdd.sysDisplayDriver

RDP

Rdpwsx

Rdpwd.sys

Winlogon

Sessions Csrss

Per-Session

Apps

TS Service

Remote Desktop Connection

RDP Tuning – Client Side

• In RDP 6.x, disable “Enable Font Smoothing”

(=Cleartype) in the Experience tab of Remote

Desktop Connection

– 2 to 10 times faster, but result looks ugly

• Configuration of persistent cache in the registry:

– HKEY_CURRENT_USER\SOFTWARE\Microsoft\

Terminal Server Client\BitmapPersistCacheSize

• Configuration of memory cache size in the RDP

file:

– “bitmapcachesize:i:1500“ sets the memory cache size

to 1500 Kbytes

RDP Tuning – Server side

• Bulk Compression (configure via Group Policy)

– RDP5.x – Windows Server 2003 (128 KB)

– RDP6.0 – Windows Server 2008 = default

(328 KB, 5-30% improvement)

– RDP6.1 – Windows Server 2008

(2.6 MB, 10-60% improvement)

• Bandwidth allocation (Registry – TermDD)

– FlowControlDisable – Default value = 0

– FlowControlDisplayBandwidth – Default value = 70

– FlowControlChannelBandwidth – Default value = 30

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD

Compression Algorithms

• Planar compression (applied to bitmaps)

– Four planars: RGB + Alpha

• Bulk compression: RDP5.x - RDP6.0 - RDP6.1

– Applied after all other compression

– Drawing commands and resources: i.e. bitmaps, VC

traffic

Tests RDP5.x RDP6.0 RDP6.1

Memory 128K 328K 2.6MB

CPU 0.5% 1.5% 1.0%

Bandwidth Reduction 0 (baseline) 15% 35%

Set RDP Compression Algorithm

System Components

Win32k

Win32k

Kernel boots

SMSS 0

SMSS 1

CSRSS 0

WinInit

CSRSS 1

LSASS

LSM

Services

Win-Logon

UserInit

TsAppCompat

Citrix Shell

GP - user part

RPC

MemoryManager

Session 0

Session 1

Citrix

Ticketing

Citrix System Architecture

User Sessions 1 - nSystem-wide

User

Mode

Kernel

Mode

TS Service Winlogon

Csrss

Per-

Session

Apps

Device Driver

Wdica.sys

Tdtcp.sys

Win32k.sys - Kernel

Citrix Vdtw30.dll

Display Driver

Mouse,

Keyboard

Video

Rdpwsx SmssWsxica

XenApp Architecture

TS Device Driver

Termdd.sys

Wdica.sys

Tdtcp.sys

Smss

Terminal Server Service

ICA Protocol Ext.

Wsxica.dll

Csrss.exe

Per-

Session

Apps

TCP/IP

Network Card Drv.

Win32k.sys

Video Driver

Vdtw30.sys

Kbdclass.sys

Mouclass.sys

TDI Interface

NDIS Interface System

Space

Session

Space

User Mode

Kernel Mode

PDs

LSM

TsTheme

UserInit

Wfshell.exe

Ctxstartup.exe

Winlogon

TsAppCompat

Cdm.sys

Redirector

Display Driver

Icacdd.sys

Citrix Services & Drivers (1)

• EncSvc.exe (Citrix Encryption Service)

• SemsService.exe Citrix EUEM (End User Experienceing Monitoring)

• Citrix ICA - LEGACY

• Citrix Licensing (Performance – mflicperf.dll)

• CtxSFOSvc.exe (Citrix Virtual Memory Optimization)

• HCAService.exe (CitrixHealthMon – Health Monitoring and

Recovery)

• CitrixICA (Performance – icaperf.dll)

• CtxWMISvc.exe (Citrix WMI Service)

• XTE.exe (Citrix XTE Server – Session Reliability)

Citrix Services & Drivers (2)

• CdfSvc.exe (Diagnostic Facility COM Server)

• Cdm.sys (Client Drive Mapping Redirector File System Driver)

• Cpsvc.exe (Citrix Print Manager Service)

• Ctxaltstr.sys (SFO Alternate Stream Driver)

• Ctxcpusched.exe (CPU utilization mgmt/resource mgmt)

• Ctxhttp (Ctxxmlss.exe, XML Service)

• Ctxpidmn.sys (Sandbox Main Driver)

• Ctxrmpn.sys (RM Process Notification Driver)

• CtxSbx.sys (Sandbox Filter Driver)

• Ctxsmcdrv.sys (SMC Support Driver – Session Monitoring and

Control)

Citrix Services & Drivers (3)

• Icacdd.sys (ICA TW Miniport)

• Icareduc.sys (ICA Reduction Driver)

• ImaAdvanceServer.exe (Citrix Server Manager, interface to OS)

• ImaService (Imasrv.exe, management service)

• Mfcom.exe (COM access to Citrix farm)

• Pdcomp.sys (Compression Protocol Driver)

• Pdcrypt1.sys (Encryption Protocol Driver)

• Pdcrypt2.sys (Encryption 128 bit Protocol Driver)

• Pdrframe.sys (Frame Protocol Drv for Reliable Transport)

• RadeSvc..exe (Citrix Streaming Server)

• Twexport.sys (Thinwire Support Driver)

• Wdica.sys (ICA WinStation Driver)

Drivers loaded by System Process

• Cdfdrv.sys: Trace Kernel Mode Driver

• Cdm.sys: Client Drive Mapping Redirector File System Driver

• CtxAltStr.sys: SFO Alternate Stream Driver

• Ctxpidmn.sys: Process Notification Driver

• Ctxrmon.sys: RM Process Notification Driver

• Ctxsbx.sys: Application Isolation Environment Driver

• Ctxsmcdrv.sys: SMC Support Driver

• Icacdd.sys: ICA TW Miniport

• Icareduc.sys: ICA Reduction Driver

• Wdica.sys: ICA Winstation Driver

Processes in all Sessions

Session 0

• ImaAdvanceServer.exe

• Mfcom.exe

• Radesvc.exe

• Cdfsvc.exe (Diagnostic Facility

COM Server)

• Cdmsvc.exe (Client Mapping)

• Encsvc.exe (Encryption)

• Hcaservice.exe (HCA)

• Cpsvc.exe (Client Printer)

• Ctxxmlss.exe (XML)

• Imasrv.exe (IMA)

• XTE.exe

Session 1

• Radeobj.exe (App Streaming)

• Pnamain.exe (PNA)

• Ssonsrv.exe (Pass-through

Authentication)

• Wfshell.exe

• Java

Session n

• Wfshell.exe

TerminalServerService

IMAService

XenApp “Middleware”

CitrixXML

Service

CitrixXTE

Service

IMA

Protocol

on TCP

Port 2512

Local Host

Cache

ICA Protocol

on TCP port 1494

ICA Client

XenApp

Consoles

To anyone requesting

published application

information

Other

XenApp

Server

IMA Protocol

on TCP port 2513

MS Jet

ODBC

IMA

Data Store

RPCICA Browser on

UDP port 1604

XML via TCP/IP on

TCP port 80

Citrix Gateway Protocol port 2598

ICA Protocol port 1494

ICA Client 8+

with Session

Reliability

ICA

Port

1494

Data

Store

CitrixConnection

ICA Virtual Channels

ICA

Client

ICA Protocol Stream

ThinWire (video, keyboard, mouse, etc

Seamless Windows

Printing Data

Clipboard Mapping

Drive Mapping

AudioXenApp

Server

Notes:

• ICA specific – RDP VCs are different

• Limit of 32 virtual channels per session

ICA Stack

ServerClient

Custo

m

Transport Drivers

CO

M P

ort

Prin

ter

Dis

k

Gra

ph

ics

Protocol Drivers

WD: ICA Protocol &

Channel MUX

Custo

m

Transport Drivers

CO

M P

ort

Prin

ter

Dis

k

Gra

ph

ics

Protocol Drivers

WD: ICA Protocol &

Channel MUX

Virtual

Channels

The ICA Stack

Winstation

Driver

Protocol Driver

Pluggable Drv.

…

Transport Driver

Virtual Drivers

MetaFrame XP

Winstation

Driver

Protocol Driver

PD

…

Transport Driver

Virtual Drivers

Reducer

Feature Release 1

Winstation

Driver

Protocol Driver

PD

…

Transport Driver

Virtual Drivers

Reducer MKII

Virtual

Driver

Priorities

Session

Monitoring and

Control API

QoS priority bits

Winstation

Driver

Feature Release 2

Protocol Driver(s)

Transport Driver

Virtual Drivers

Reducer MKII

Virtual

Driver

Priority

Silos

S

I

L

O

S

I

L

O

S

I

L

O

S

I

L

O

„High Throughput‟

Driver

Winstation

Driver

Presentation Server 3.0

Protocol Driver(s)

Transport Driver

Virtual Drivers

Reducer MKIII

S

I

L

O

S

I

L

O

S

I

L

O

S

I

L

O

Per Channel

Compression

Winstation

Driver

XenApp 4.5 / 5.0

Protocol Driver(s)

Transport Driver

Virtual Drivers

Reducer MKIII

S

I

L

O

S

I

L

O

S

I

L

O

S

I

L

O

Per Channel

Compression

Video/MM Drivers Buffer

Client Performance

Information

© 2009 Immidio. All rights reserved.This presentation is for informational purposes only. Immidio makes no warranties, express or implied, in this summary.