How to use Windows VMs¶
This document covers everything that is necessary to launch a windows VM which can be accessed from the UZH network with a remote desktop client.
Windows machines on ScienceCloud¶
You can start a Windows VM either with an interface on uzh-only network or using Floating IPs. Please refer to the Networking Options page for further details.
IMPORTANT:
We do not provide further support for windows than this documentation.
Setup a security group to enable access to windows machines with a "Remote Desktop" client
- Login to ScienceCloud and/or go to the main page
- Select "Compute" in the menu on the left and click on "Access & Security"
-
Click on "+ Create Security Group" in the top-right corner of the page and fill in the form:
- Name: choose a name (e.g., "RDP-windows")
- Description: write whatever you like or leave it empty
- Finally, click on "Create Security Group"
- Search your newly created security group in the overview table, click on "Manage Rules" the right side
- In the newly opened page, click on "+ Add Rule" in the top-right corner and fill in the form:
- Rule: select "RDP"
- Remote: leave at default ("CIDR")
- CIDR: select the IP range which should be allowed to connect to your windows instances. The easiest is to allow access from any machine in the UZH network ("130.60.0.0/16").
- Finally, click on "Add"
- To access your instances from outside the university (e.g., from home) with VPN, repeat the previous step with the IP range: "89.206.64.0/18".
Launch a windows machine and enable remote desktop¶
- Login to ScienceCloud and/or go to the main page
- Select "Compute" in the menu on the left and click on "Instances"
- Click on "Launch Instance" in the top-right corner of the page and go through the form:
- Details:
- Availability Zone: leave at default ("nova")
- Instance Name: choose a name (e.g., "myWindowsMachine")
- Flavor: choose a flavor that fits your requirements (must have at least 2 CPUs)
- Instance Count: choose how many instances you would like to start (e.g., 1)
- Instance Boot Source: select "Boot from image"
- Image Name: select "Windows Server 2012 R2 Standard - x86_64 (2015-09-23)"
- Access & Security:
- Enable the security rule for the remote desktop you created before (e.g., "RDP-windows"")
- There is no need to include an ssh key-pair as you will be using the ScienceCloud webinterface and a remote desktop client to connect to the instance
- Networking:
- use UZH-only network if you do not need a floating IP for this instance. Warning: do not add this network if you plan to use a floating IP!
- (optional) If you need a floating IP, select the network you created for the windows machines (e.g. "private-windows") - i.e. drag it from "Available networks" to "Selected networks"
- Finally, click on "Launch"
- Details:
- (optional) If you need a floating IP for this instance, search your newly created instance in the overview table and click on the arrow aside the "Create Snapshot" button on the right side, click on "Associate Floating IP" and fill in the form:
- IP Address: select an IP address (any IP starting with 172.23 is good).
- NOTE: If there is no 172.23.X.X IP address available, press on the "+" aside the drop-down menu, select "uzh-only" as the pool to choose from and click "allocate IP"
- Note down this IP as you will need to later to connect to the VM.
- Port to be associated: leave at default
- Finally, click on "Associate"
- IP Address: select an IP address (any IP starting with 172.23 is good).
- Click on your instance (e.g., "myWindowsMachine") in the left side of the overview table to open a page with details on your machine
- Go to the "Console" tab and click on "Click here to show only console" - now you should see a windows login screen
- Login as "Administrator" and follow the on-screen instructions - click "No" when asked for network devices
- IMPORTANT: Choose a secure password! The "Administrator" account can be used to access your system remotely as well!
- Once the windows desktop appears:
- Right-click on the start button in the bottom-left corner and click on "System"
- Click on "Remote settings" in the menu on the left
- Choose "Allow remote connections to this computer"
- Click on "Select Users…"
- Follow the link "User Accounts" and add a regular user (e.g. "Rantanplan")
- IMPORTANT: Choose a secure password for the regular user as well!
- Once you added all necessary users, close the "User Accounts" window
- In the "Remote Desktop Users", click on "Add…", write the user name into the field "Enter the object names to select (examples)" and click "OK"
- Click on "OK", "OK" again
- Back in the "System" window, search for "app" with the search function and click on the link "Allow an app through Windows Firewall"
- Search the list for "Remote Desktop" and enable it in the column "Public".
- Finally, click on "OK" and close all the remaining windows
- Resize the disk (use 100 GB storage instead of only 50 GB storage on the Windows volume):
- Open the "Server Manager" (the icon is aside the start button)
- Click "File and Storage Services" in the menu on the left
- Click on "Disks", locate "C:" in the "VOLUMES" panel, right-click on it and select "Extend Volume…"
- Enter 99.7 as the new size, click on "OK" and close the manager
- OPTIONAL: reduce the security settings for the internet explorer for the newly created users (DO NOT do this for the administrator account)
- Open the internet explorer click on "Managing Internet Explorer Enhanced Security Configuration" and follow the instructions
- Close the browser tab/window and sign out.
Allow multiple logins of a single user¶
Per default, a user can only be logged-in once. If one connects with a user which is currently logged-in, the first connection will be terminated (i.e., the other person will be kicked out). If you want to have several persons connecting with the same user, follow the instructions provided here. Note: If step 2 does not work, open Windows PowerShell (one of the icons aside the Windows button), type "gpedit.msc" and press enter.
Access your windows machine from another computer with a remote desktop client¶
How to access your windows machine depends on the remote desktop client.
If you are not at the UZH, connect to the UZH network with VPN first.
- MacOS, Microsoft Remote Desktop available through the App Store:
- Start the program
- Click on "New" and fill in the form:
- Connection name: choose a name (e.g. "myWindowsOnScienceCloud")
- PC name: provide the floating IP you associated before (the IP starting with 172.23)
- User name: the name of the user (e.g. "Rantanplan")
- Password: the password (e.g. the "Rantanplan" password you specified while creating the user)
- Optional: click on "Redirection" and add a local folder to share with the Windows VM (you will be able to transfer data from and to this folder)
- Leave everything else as it is and close the form (with the red close button in the top-left corner)
- Select the newly created connection and click "Start"
- Note: The "Verify Certificate" warning can be ignored
- Linux, different tools can be used, remmina is a feature rich Remote Desktop Application for Linux
- Start the program
- Click on "New" and fill in the form:
- "Server": provide the IP address of the Windows instance you'd like to connect to (typically, the IP starting with 172.23)
- "User Name": the user name you have created to allow connections (typically not Administrator)
- "Password: you can either enter the password and store it in your Remmina connection configuration or password will be asked during the connection process
- For standard configurations leave the following options with their default settings:
- "Domain", "Resolution", "Color depth"
- "Save" the new connection type
- Select the newly created connection and click "Connect"
- Note: The "Verify Certificate" warning can be ignored