Windows Embedded Standard on Thin Clients
As the growing popularity in this vertical segment shows, Windows Embedded Standard is a very compelling operating system for thin clients. This is especially true, if the clients are not only used to access a Terminal Server farm, however also need to provide local computing capabilities, . Some common scenarios for these devices with local applications include IP Phone or other streaming media applications, which are not delivered well via Terminal Services from a network protocol perspective. This means, that tunneling them through RDP is either pretty inefficient or causes major quality losses. In addition, some appliances have custom shells seamlessly combining local as well as remote functionality to provide a consistent user experience.
Granular control and protection
In contrast to desktop operating systems, Windows Embedded Standard provides a unique level of control of the systems’ capabilities for the device operating system developer. Any device-specific OS created from Embedded Standard can be tailored to the existing hardware. Drivers for hardware that were not part of the original configuration can be easily added to the image later by an administrator. It is even possible to disable or enable Plug & Play on the device class level. One could, for example, enable the detection of USB cameras and disable the usage of USB Flash Disks for all USB ports.
This would also mean that if you include all drivers of supported peripherals only these and no others will work with your embedded device.
To achieve an even higher level of security and protection, you are able to enable write filters and the image can be write protected without the need to change or adapt any of the applications running.
Leverage existing infrastructure
Quite often thin clients are not deployed alone. Normally, they are part of an overall heterogeneous infrastructure including other desktop systems, servers and embedded devices. Using Windows Embedded Standard it is just a matter of image configuration to include the required client infrastructure parts to participate in common enterprise scenarios such as directory services or system management. This is great because it enables corporate administrators to manage all systems, including thin clients, from the same management console. Looking at the Microsoft platform, Embedded Standard thin clients seamlessly integrate with all System Center products e.g. System Center Configuration Manager (SCCM) and Microsoft Operation Manager (MOM) as well as WSUS.
Creating a thin client
Building a thin client OS image is not too difficult for somebody capable of building Embedded Standard images. Start by configuring an image including support for available hardware, which naturally should include a network adapter. Then select the Thin Client image template from the Target Designer to get you started. This will include the Terminal Server client application as well as other optional components that can be included or deselected. If the backend system is a Windows Terminal Server (e.g. Windows Server 2008) one can use the client included in the Terminal Services component to be found below the System\Management\Infrastructure node in component catalog. If the terminal server backend is using a 3rd party server, the related client application needs either to be componentized or installed after running through FBA. Once the configuration is complete, the image can be built and deployed to the hardware. If all configuration steps and the cloning of the systems went well, all is set and the thin client is ready to be used. If more functionality such as enterprise infrastructure features, additional applications (IP Telephony), etc. is needed, some additional steps to satisfy these needs may be required.
Better together: Windows Embedded Standard and Server 2008
From a platform perspective Windows Embedded Standard is optimally integrated with the latest release of Windows Server 2008 Remote Desktop Services (RDS - formerly known as Terminal Services). RDS has some quite compelling enhancements and new features such as Single-Sign-On, Media Player redirection, RemoteApps and more.
Among the most prominent is Single-Sign-On. This means that the user is not only logged on locally to the thin client, but automatically to the related Remote Desktop Services session, as well. This is great, because usually this is the step is tedious and time-consuming from the user’s perspective.
Remote Apps is the technology that allows a seamless integration of the local as well as the remote desktop. Remote applications run in their own window fully integrated in the local desktop without the overhead of a visible virtual desktop session. This is very interesting for certain use cases, e.g. in call centers, on embedded devices.
If you want to go even further, one could think of having a remote shell to be launched locally by the thin client. This shell then could be user dependent, easy to maintain, etc.
Where to get more information on RDS?
There are a lot more features worth to explore, but this by far exceeds the scope of a blog post. A very good resource to get started is the Windows Server 2008 home page on the Microsoft site. IT-Pro information (planning and design for enterprise deployments) is located on TechNet and developers should turn to the Windows SDK for development information regarding RDS to be found on MSDN.
Alexander Wechsler
Wechsler Consulting
Technorati Tags: XPe,Standard 2009,RDP,Thin client
Comments
- Anonymous
September 23, 2010
Just stumbled over this blog. quite interesting. But do you know how to get Single-Sign-On working on a Windows embedded System? Microsoft states it's just working under Vista and Win 7 and you can get it working under XP SP3. Cheers