Abstract: Embodiments are directed to authenticating a user to a remote application provisioning service. In one scenario, a client computer system receives authentication credentials from a user at to authenticate the user to a remote application provisioning service that provides virtual machine-hosted remote applications. The client computer system sends the received authentication credentials to an authentication service, which is configured to generate an encrypted token based on the received authentication credentials. The client computer system then receives the generated encrypted token from the authentication service, stores the received encrypted token and the received authentication credentials in a data store, and sends the encrypted token to the remote application provisioning service. The encrypted token indicates to the remote application provisioning service that the user is a valid user.

Abstract: Embodiments are directed to authenticating a user to a remote application provisioning service. In one scenario, a client computer system receives authentication credentials from a user at to authenticate the user to a remote application provisioning service that provides virtual machine-hosted remote applications. The client computer system sends the received authentication credentials to an authentication service, which is configured to generate an encrypted token based on the received authentication credentials. The client computer system then receives the generated encrypted token from the authentication service, stores the received encrypted token and the received authentication credentials in a data store, and sends the encrypted token to the remote application provisioning service. The encrypted token indicates to the remote application provisioning service that the user is a valid user.

Abstract: Exemplary techniques for enabling single sign-on to an operating system configured to conduct a remote presentation session are disclosed. In an exemplary embodiment, a user credential can be encrypted using an encryption key generated by a remote presentation session server and sent to a client. The client can send the encrypted user credential to the remote presentation session server. The remote presentation session server can decrypt the user credential and use it to log a user into an operating system running on the remote presentation session server. In addition to the foregoing, other techniques are described in the claims, the detailed description, and the figures.

Abstract: Exemplary techniques for enabling single sign-on to an operating system configured to conduct a remote presentation session are disclosed. In an exemplary embodiment, a user credential can be encrypted using an encryption key generated by a remote presentation session server and sent to a client. The client can send the encrypted user credential to the remote presentation session server. The remote presentation session server can decrypt the user credential and use it to log a user into an operating system running on the remote presentation session server. In addition to the foregoing, other techniques are described in the claims, the detailed description, and the figures.

Abstract: Techniques are provided for preserving state—both machine state and user state—in a virtual machine (VM) in a server deployment. User state may be preserved among a plurality of VMs in a server deployment by storing data specific to the user in a virtual hard drive (VHD). When a user logs into a particular VM, the VM remaps portions of a guest OS file system that correspond to user state to the VHD and mounts the VHD. Machine state may be preserved by storing information particular to a VM apart from that VM. When a VM is to be recreated, a diff disk containing the information particular to the VM is determined based on the current VM, the information particular to the VM, and a gold image that the VM is to be created with. Then, the VM is created with the gold image and the diff disk.