System for provisioning, allocating, and managing virtual and physical desktop computers in a network computing environment
First Claim
Patent Images
1. A system for managing user access to a computer system over a network, comprising:
- a server computer configured to receive a connection request from at least one client device over a network, wherein said connection request comprises connection information about said at least one user client device;
a desktop group comprising a cluster of a plurality of virtual desktops and a plurality of physical desktops, the plurality of virtual desktops comprising a plurality of virtual machines executing on at least one physical computing device, each of the plurality of physical desktops executing on at least one physical computing device, wherein each of the virtual desktops and each of the physical desktops are configured to operate a single-user operating system that is configured to run a first shell application that initializes initialize a desktop associated with the single-user operating system, wherein the desktop group of the virtual and physical desktops act substantially equivalent to a Terminal Server and each virtual desktop and each physical desktop is substantially equivalent to a Terminal Server user session, and wherein each of the virtual machines encapsulates;
an operating system environment of the single-user operating system;
applications configured to run natively on the operating system;
memory; and
storage resources;
a second shell program configured to provide multi-user Terminal Server functionality of allowing a user to start a desired application without starting a full desktop in an operating system configuration that is not capable of running as a multi-user Terminal Server, wherein the second shell program modifies the registry of the operating system and prevent the first shell application from starting, and wherein the second shell program is configured to receive, from the client device, an instruction to start a desired application rather than the desktop;
a broker service running on said server computer, the broker service configured to;
receive said connection request from a terminal device operated by a user;
determine the user'"'"'s authorized access to the virtual desktops and the physical desktops in the desktop group based on an access control list;
determine the user'"'"'s authorized access to one or more applications available in the virtual and physical desktops based on the access control list;
display on the terminal device operated by the user, the virtual desktops, the physical desktops and the one or more applications authorized to be accessed by the user;
select either a first virtual desktop from the plurality of virtual desktops or a first physical desktop from the plurality of physical desktops in response to user input;
route said connection request to either the first virtual desktop or the first physical desktop based at least partly on said connection information;
receive status information of the virtual and physical desktops and notification of events occurring on the virtual and physical desktops and record the events within a management database; and
issue commands to cause the virtual and physical desktops in the desktop group to terminate a process, log off a user, shut down, or reboot;
andan agent service running in said first virtual desktop, the agent service configured to;
collect information about event information comprising user logon, logoff and disconnect events associated with the user client device; and
send said event information to the broker service, wherein the broker service is configured to notify a user of the at least one client device to proceed with a connection to the first virtual desktop.
23 Assignments
0 Petitions
Accused Products
Abstract
A system for provisioning, allocating, and managing virtual and physical desktop computers in an enterprise network computing environment allows for these physical and desktop computers to be grouped logically based on personnel, organizational, or networking efficiencies without regard to the hardware or server that will ultimately run the virtual machine terminal once it is accessed. A connection broker connects incoming connections to one desktop in a desktop group, based on information relating to that incoming connection.
-
Citations
15 Claims
-
1. A system for managing user access to a computer system over a network, comprising:
-
a server computer configured to receive a connection request from at least one client device over a network, wherein said connection request comprises connection information about said at least one user client device; a desktop group comprising a cluster of a plurality of virtual desktops and a plurality of physical desktops, the plurality of virtual desktops comprising a plurality of virtual machines executing on at least one physical computing device, each of the plurality of physical desktops executing on at least one physical computing device, wherein each of the virtual desktops and each of the physical desktops are configured to operate a single-user operating system that is configured to run a first shell application that initializes initialize a desktop associated with the single-user operating system, wherein the desktop group of the virtual and physical desktops act substantially equivalent to a Terminal Server and each virtual desktop and each physical desktop is substantially equivalent to a Terminal Server user session, and wherein each of the virtual machines encapsulates; an operating system environment of the single-user operating system; applications configured to run natively on the operating system; memory; and storage resources; a second shell program configured to provide multi-user Terminal Server functionality of allowing a user to start a desired application without starting a full desktop in an operating system configuration that is not capable of running as a multi-user Terminal Server, wherein the second shell program modifies the registry of the operating system and prevent the first shell application from starting, and wherein the second shell program is configured to receive, from the client device, an instruction to start a desired application rather than the desktop; a broker service running on said server computer, the broker service configured to; receive said connection request from a terminal device operated by a user; determine the user'"'"'s authorized access to the virtual desktops and the physical desktops in the desktop group based on an access control list; determine the user'"'"'s authorized access to one or more applications available in the virtual and physical desktops based on the access control list; display on the terminal device operated by the user, the virtual desktops, the physical desktops and the one or more applications authorized to be accessed by the user; select either a first virtual desktop from the plurality of virtual desktops or a first physical desktop from the plurality of physical desktops in response to user input; route said connection request to either the first virtual desktop or the first physical desktop based at least partly on said connection information; receive status information of the virtual and physical desktops and notification of events occurring on the virtual and physical desktops and record the events within a management database; and issue commands to cause the virtual and physical desktops in the desktop group to terminate a process, log off a user, shut down, or reboot; and an agent service running in said first virtual desktop, the agent service configured to; collect information about event information comprising user logon, logoff and disconnect events associated with the user client device; and send said event information to the broker service, wherein the broker service is configured to notify a user of the at least one client device to proceed with a connection to the first virtual desktop. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for managing user access to a computer system over a network, the system comprising:
-
at least one server computer configured to receive a connection request from at least one client device over a network, wherein the connection request comprises connection information about the at least one client device; a broker module executing on the at least one server computer, the broker module being configured to route the connection request, based on said connection information, to at least one of a cluster of a plurality of virtual desktops and a plurality of physical desktops, the plurality of virtual desktops comprising a plurality of virtual machines executing on at least one physical computing device, wherein each of the virtual desktops and the physical desktops are configured to operate a single-user operating system that is configured to run a first shell application that initializes a desktop associated with the single-user operating system in response to the connection request, wherein the cluster of virtual desktops and physical desktops form is a desktop group that is substantially equivalent to a Terminal Server and each virtual desktop and each physical desktop is substantially equivalent to a Terminal Server user session, and wherein each of the virtual machines encapsulates; an operating system environment of the single-user operating system; applications configured to run natively on the operating system; memory; and storage resources; wherein the broker module is further configured to; receive said connection request from a terminal device operated by a user; determine the user'"'"'s authorized access to the virtual desktops and the physical desktops in the desktop group based on an access control list; determine the user'"'"'s authorized access to one or more applications available in the virtual and physical desktops based on the access control list; display on the terminal device operated by the user, the virtual desktops, the physical desktops and the one or more applications authorized to be accessed by the user; select either a first virtual desktop from the cluster plurality of virtual desktops or a first physical desktop from the plurality of physical desktops in response to user input; route said connection request to either the first virtual desktop or the first physical desktop based at least partly on said connection information; receive status information of the virtual and physical desktops and notification of events occurring on the virtual and physical desktops and record the events within a management database; and issue commands to cause the virtual and physical desktops in the desktop group to terminate a process, log off a user, shut down, or reboot; a second shell program configured to provide multi-user Terminal Server functionality of allowing a user to start a desired application without starting a full desktop in an operating system configuration that is not capable of running as a multi-user Terminal Server, wherein the second shell program modifies the registry of the operating system and prevents the first shell application from starting, and wherein the second shell program is configured to receive from the client device, an instruction to start a desired application rather than the desktop; and a plurality of data collector modules, each of the data collector modules configured to; obtain event information regarding a selected one of the cluster of virtual and physical desktops, and wherein the plurality of data collector modules is configured to transmit the event information to the broker module, the event information comprising information regarding one or more of user log on, log off, and disconnect events, and send heartbeat information to the broker module, the heartbeat information reflecting status of the selected virtual desktop or physical desktop, such that the broker module is further configured to mark the selected virtual or physical desktop offline in response to not receiving the heartbeat information. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
Specification