Optimize your Windows 7 virtual desktops for better performance

A little while ago, my German Specialist SE End User Computing colleague, Valentin Allert, sent me a document on how to optimize a Windows 7 virtual desktop in a VDI/VMware View environment, for better performance. He summarized the information he received from within VMware but also information he collected from Proof of Concepts.

Valentin and I wanted to share this information with you:

“There are at least four different areas where optimization can be applied:

  1. The virtual machine settings on vSphere
  2. Inside the virtual machine
  3. Group Policy settings in Group Policy Management Console
  4. Pool settings in View Administrator

1. virtual machine settings:

  • Make sure your golden image/parent VM/master is installed on the latest hardware version of your vSphere platform. Do double check if this HW version is compatible with View Local mode, if you want to use local mode
  • Make sure your VM has an LSI SCSI Controller and not IDE boot device. Especially important for XP, because IDE is the default setting when creating a XP VM
  • If you want to have good Video performance maximize the Video RAM to 128 MB manually
  • If you want to have good multimedia performance, like video, make sure your VM has 2 vCPU’s

2. Inside the virtual machine:

  • We do see customers using their deployment tools and use the same image they use for physical devices, for the new parent VM. Avoid this. Create your parent VM from scratch, so, for example, different hardware drivers won’t be in the VM. Keep the VM as clean as possible
  • Install VMware Tools first and after that, install the VMware View agent
  • In our Windows Optimization Guide for Windows 7, you will find three Text files. Rename 1 of them into .bat. Before you run this file, do read the guide carefully. Check what this script will turn off/disable and make sure this fits in your environment. Then, run the file which fits to your scenario:
  1. If you are updating from an earlier Version and you want to use the same golden Image but want to activate VMware Persona Management only use CommandsDesktopsReadyForPersonaManagement.txto
  2. If you have a fresh installation and a want to use VMware Persona Management use CommandsPersonaManagement.txt
  3. If you have a fresh installation and don’t want to use VMware Persona Management use CommandsNoPersonaManagement.txto

If you want to use AERO with glass etc. you have to delete or REM the following lines in the script:

  1. Powershell Set-Service ‘UxSms’ -startuptype “disabled”
  2. Powershell Set-Service ‘Themes’ -startuptype “disabled”

I always would delete the second line though, otherwise the new View Desktop looks like Windows 3.11 which is not good for user acceptance.

  • Run the script as administrator (yes the right click “run as” command)
  • One settings is most important and unfortunately I couldn’t find a way to set this settings through GPOs:
  1. You must have left Themes activated when running the optimization script (step before). Log on as Administrator
  2. Choose Windows 7 standard theme
  3. Go to advanced settings->performance ->enable adjust for best performance but then activate the last point visual styles again:









  • After that, you could consider creating a default user with these new settings. Follow the official Microsoft steps to do so. Yes, Sysprep is the only supported way.
  • Optionally, create a snapshot and call it first optimization
  • Install the apps you want to have in your master Image
  • Create your final snapshot call it Master 1.0

3. Group Policy settings in Group Policy Management Console:

  • Create an OU where you will deploy your View desktops
  • Create a Group Policy Object for the virtual desktops.
  • Right click, edit -> if you are pre 2008 using adm files go to computerconfiguration -> administrative templates ->right click import/export
  • Delete all default template out of the object
  • Import PCoIP adm files located on your View Server: C:\Program Files\VMware\VMware View\Extras\Group Policy Files\
  • Go to: Computer Settings -> administrative templates -> classic administrative settings -> PCoIP settings
  • Activate -> Not to build to lossless – This settings prevents PCoIP from always build the picture to a lossless condition which is only used in graphical, healthcare or construction scenarios
  • Set Min picture quality 50 / max picture quality 70 / 24 Frames Because of the history of PCoIP we it uses 30 FPS as a default which is way to high if we consider that an Movie has 24 FPS
  • Disable AES 256 and Salsa encryption, if using 5.1 if you are using an older Version disable only Salsa because one of the encryptions has to be activated. 5.1 has three encryptions so you can disable two, earlier version have two encryptions so you can disable one.
  • Disable all features you do not need like maybe Audio or Clipboard
  • Do not play around with settings like bandwidth floor etc. PCoIP has a pretty behavior by itself.

4. Pool Settings in View Administrator:

When creating your first pool with linked clones make sure to have at least these settings, all other settings are depending on your use case:

  • If you are on vSphere 5.x and View 5.1 make sure you have the View Storage Accelerator enabled
  • If you have Video intense workload configure the pool with 4 monitors and max resolution (even if you don not need it)
  • If you have CAD, Google Earth or any other DirectX or OpenGL Apps activate 3D (if you do not have the option you have to disable –allow users to choose protocol-) if you still do not have the possibility to activate AERO inside of the Desktop you have to make sure that the script didn’t disable UXSMS and Themes services (DirectX and OpenGL are working anyway.)
  • Place your Replica on a SSD if you have them. If you have a storage system with storage tiering, with a big cache make sure to create only one replica place it on a small extra LUN (save time and space and the replica will end up in the cache anyway)”

Additional Information:

Zero Clients, Host cards, Tera Chipsets and APEX card; what is what in VMware View and PCoIP land?

I have noticed people are mixing up/are confused about the different PCoIP hardware bits which can be used in a VMware View environment. For example, people sometimes think the Teradici APEX card is a GPU. Below I would like to give you a brief overview of what is what. I will also add links to sites where you can find more information.

Zero Clients;

ZC’s are access devices used by View users to access their virtual desktops using PCoIP as the protocol. They are called ZC’s because they don’t have an OS running on them. Firmware runs on top of the Teradici chipset. The chip today is the Tera 1 chipset. The latest firmware can be downloaded from the Teradici support site.

ZC’s come in standalone devices but also as integrated monitors.

Teradici develops the chipsets and firmware. It is Teradici who adds functionality to the ZC’s and not VMware. There is a chance that VMware adds new features in a new VMware View release and that the current ZC firmware/chipsets don’t support the new features. A current example is Client Side Caching; a feature in VMware View 5.0 but doesn’t work on ZC’s. Teradici continues developing and supporting new features and will continue releasing new version of the Tera chip and firmware.

Personally, I do like ZC’s. I’m not too fond of the name “Zero Client” because there is firmware running, so not zero or nothing. Anyway… The good part is the firmware’s footprint is very small and doesn’t need much patching like a typical Operating System. Also, no hard drive which can break or local data which can leak. On top of that, a lot of Zero Client don’t use a lot of power. Teradici also offers a ZC management tool for free. You can manage your clients from 1 central place.

Host cards;

Host cards are Teradici cards you put into a PC/Workstation, which you put in a datacenter. Instead of connecting to a virtual desktop, a user connects to a physical Workstation with a Host card.  On that Workstation an OS (support for Linux, Mac and Windows) is running with applications. Companies use this solution for high-end graphical users. Inside the Workstation a professional graphics card is present. The output of that card is being send to the Host card and put on the network as a PCoIP stream to the user’s access device. The users most likely will use a Zero Client as their access device and can use VMware View as their broker (Workstation can only run Windows). The software driver for the host cards can also be found on the Teradici support website.  A white paper about Host cards and VMware View has been published as well.

APEX 2800 Server Offload Card;

When a VMware View user connects to a virtual desktop and is doing a lot of multimedia related work, like watching videos, all that encoding/rendering needs to be done in software of the ESX servers. Remember, PCoIP is a host-based protocol. Read more about PCoIP basics here.

Encoding/rendering and compressing cost ESX CPU cycles that might lead to a decrease of your consolidation ratio when a lot of multimedia is being done. In that case, to ensure the high level of consolidation, a Teradici APEX 2800 Server Offload Card can be used. This card will take over that encoding from the server CPU’s. Don’t mix this card with a Graphics card or GPU. The APEX is an encoding offload card and for sure not a GPU! It won’t add hardware 3D capabilities to your VM’s. That’s something else VMware is developing with NVIDIA. I will come back to that later.

Hopefully this overview gives you a clear view of what is what in PCoIP/Teradici land.

VMware PCoIP; More than a year on the road. A recap

Since my first post about PCoIP basics, a lot has happend and changed around VMware View’s default remote display protocol. However, I still get the same questions/comments as a year ago. I also notice that the concept of PCoIP isn’t clear to everyone. In this article I would like to give everyone a recap with links to detailed, useful information.

Battle of the protocols

First of all, the “battle of the protocols” disappeared to the background. Yes, it’s still a topic but for sure not the only topic as it used to be (more information about the basics of PCoIP can be read here). Ease of installation, image management, storage efficiency, pool creation options etc became part of the conversation as it should be.

PCoIP and remote access

Since View 4.6 it also is possible to access a View environment remotely, over the internet using PCoIP. In 4.6 the VMware View Security Server has been optimized to handle PCoIP as well. Mark Benson, View Architect and guru at VMware posted an article and video on how to set up a Security Server, Connection Server and firewall to make the chain work so users can connect remotely using PCoIP. If you do experience issues, especially black screens, do read Mark’s article and also read the comments. If you have read it before, do read it again. Follow the 3 steps carefully and it will work.

I also had a discussion with someone about remote access with VMware View, from ANY place. This person kept on mentioning there is a chance a user can’t connect to his/her VM. Well, if the company has multiple sites, the IT department has control over network devices like firewalls, so internally (company wide, multiple sites) you can make View with PCoIP work. Also, I have never heard of any Internet Service Provide (nor it’s modems/routers) block PCoIP. People should be able to connect to a View environment from home by using PCoIP.

This might be different in hotels or when someone is trying to connect from other companies. That is true. Not every hotel will allow TCP/UDP port 4172 in and out. Same goes for companies and their networks (most likely when they don’t have a View environment). In that case, wanting VMware to tunnel PCoIP over TCP (and preferably port 443 because there is a big chance it is open) isn’t the solution. PCoIP is a real time protocol like VoIP and for that reason it is a UDP based protocol…. like VoIP. User experience is very important. Tunneling PCoIP over TCP, 443 will degrade the user experience. Overhead will be added; for example a second layer of encryption (PCoIP already has AES-128 encryption). For this case, turn to RDP as the display protocol which is TCP based and can be tunneled over 443. Yes you will have a degradation in user experience but you are able to connect and work. Once you have full access again, turn back to PCoIP for true user experience. Also, VMware View Local Mode can be a solution for this case as well.

PCoIP improvements View 5

Besides PCoIP improvements in View 5 (think about improved content compression algorithms, you can tweak and tune PCoIP more than ever before. This might be helpful in bandwidth constraint environment. From now on you can turn on/adjust/tune audio settings. band floor settings, initial quality settings, client side caching and turn on/off Build to Lossless. More details about the improvements can be found in this article on the VMware site. A good whitepaper about PCoIP and different scenarios can be found here.

Not that long ago I had a discussion about PCoIP and bandwidth usage (again). In that case the environment wasn’t working; slow screen refreshes, scrolling documents was bad etc. I was told PCoIP was taking 3Mbps! Basically it was unusable. Don’t get me wrong, I do understand why people point at VMware first. It’s a remote desktop environment, our protocol and user experience is bad. BUT, is it the View stack or something else?

Having 25% package loss doesn’t help user experience, same as a 1Mb link often isn’t 1Mb but could be 700Kbps. Tools like Wireshark and iPerf can give you a good insight on what’s going on on your network. Also, VMware recommends to have QoS on PCoIP, just like VoIP. Implement that. Also, capture PCoIP agent logging. Capture it around 5pm, from someone with and without issues, when a working day is over. Then you can see what a user is consuming on average over a day (in that case 170Kbps for someone without issues). Issues occured after an upgrade from XP/Office 2003 to Windows 7/Office2010. The 3-6Mbps was reached during a test where people only measured the peak, while scrolling a document, and playing a 480p movie.

Bottom line, when there are issues, analyze, do useful tests and use good tools to monitor. PCoIP is a very decent protocol : ) Since the introduction of View 5 you have many options to tune PCoIP to your specific network so user will have the best experience when running View.