Abstract: Systems and methods for a network environment for client-side remote access of a server device from a client device may utilize a biometric sensor device of the client device and a pluggable authentication and authorization framework. The biometric sensor device may capture a gesture of a target user. The server device may authenticate the target user based on previously registered encrypted biometric information of the target user utilizing the pluggable authentication and authorization framework and a remote desktop protocol. When the target user has been authenticated, the client device may be authorized to access a service of the server device.

Abstract: Fault recovery of a video bitstream can be performed in a remote session. A decoder of a remote display protocol client can be configured to process a video bitstream that is transferred over a virtual channel of a remote session. As part of processing the video bitstream prior to passing it to a hardware decoder, the decoder can detect the occurrence of an error in the bitstream and then cause the remote display protocol client to employ the remote display protocol which encapsulates the virtual channel to request an I-frame from the remote display protocol service. This will force the encoder to send an I-frame even if the desktop has low entropy thereby minimizing how long a glitch may persist. Because the remote display protocol itself is employed to request the I-frame, there is no requirement to modify the video stream protocol.

Abstract: Audio and video devices can be virtualized using synchronous A/V streaming. When a video device such as a webcam is connected to a client terminal while the client terminal has established a remote session on a server, video data generated by the video device can be encoded into an encoded video stream using the H.264 or similar standard. Additionally, audio data corresponding to the video data can be embedded into the encoded video stream. The encoded video stream with the embedded audio can then be transferred to the server. The server-side components can extract the audio from the stream and perform the necessary decoding on the video and possibly on the audio data prior to providing the decoded data to drivers that function as virtualized audio and video devices on the server.

Abstract: A remote desktop can be shared with a number of clients. A proxy client can be employed to establish a remote desktop connection with a server for the purpose of accessing a remote desktop. The proxy client can receive desktop display data pertaining to the remote desktop and forward it to a remote desktop client on one or more clients to cause the remote desktop to be displayed on each of the clients. When users interact with the remote desktop displayed on the clients, the remote desktop client can send desktop input data to the proxy client. The proxy client can then forward this desktop input data to the server over the remote desktop connection. The proxy client may selectively block desktop input data received from a client that is not currently authorized to provide input to the remote desktop.

Abstract: Local network resources can be seamlessly accessed from a remote session. A remoting client that executes on a client terminal and a remoting service that executes in a remote session can each be configured to implement a virtual network pseudo device. These virtual network pseudo devices can be configured to communicate network communications via a virtual channel with the virtual channel endpoints performing any necessary network address translation. As a result, when the remote session host attempts to discover local network resources, the corresponding network communications will be routed over the virtual channel and transmitted over the client's local area network. Any resources on the client's local area network will respond accordingly with this responses being routed back over the virtual channel to the remote session host thus causing the resources to appear as if they were part of the same local area network as the remote session host.

Abstract: Authentication can be performed on thin clients using independent mobile devices. Because many users have smart phones or other similar mobile devices that include biometric scanners, such mobile devices can be leveraged to perform authentication of users as part of logging in to a thin client desktop. A mapping can be created on a central server between a user's mobile device and the user's domain identity. A mapping can also be created between the user's domain identity and the user's thin client desktop. Then, when a user desires to log in to his thin client desktop, the user can employ the appropriate biometric scanner on his mobile device to perform authentication. The central server can then rely on this authentication to identify and log the user into his thin client desktop.

Abstract: In a desktop virtualization environment, a server-side agent can be employed on the server to function as a cast device. Applications executing on a remote desktop will therefore see the agent as a cast device and can direct cast requests to the agent. When the agent receives a cast request, it can forward the cast request to a client-side proxy. The proxy can then transmit the cast request to an actual cast device that is part of the same subnet as the client. In this way, an application executing on the server will be able to seamlessly cast content to a cast device that is not part of the same subnet.

Abstract: A generic client engine can associate a transcoder process with a requested server-side application so that the transcoder process can act as an intermediary between the browser-based application and the server-side application. The transcoder process can be configured to communicate with the browser-based application using a browser-supported protocol. The transcoder process can be further configured to transcode between the browser-supported protocol and a protocol employed by the server-side application. In cases where a gateway service provides access to the server-side application, the transcoder process can also act as an intermediary between the browser-based application and the gateway service to transcode between the browser-supported protocol and a gateway protocol. In some cases, the transcoder process, and possibly the gateway service, can alternatively be located on the client device that hosts the browser-based application.

Abstract: Systems and methods for a network environment for client-side remote access of a server device from a client device may utilize a biometric sensor device of the client device and a pluggable authentication and authorization framework. The biometric sensor device may capture a gesture of a target user. The server device may authenticate the target user based on previously registered encrypted biometric information of the target user utilizing the pluggable authentication and authorization framework and a remote desktop protocol. When the target user has been authenticated, the client device may be authorized to access a service of the server device.

Abstract: In particular embodiments, a first computing device may receive a request from a software to access information of a remote device of a client device, the client device being coupled to the first computing device, and access the information of the remote device based at least on a virtual interface of the remote device, and send, responsive to the received request, the accessed information to the software.

Abstract: A secure access client can be employed to enforce limitations on a user's access to a file while also allowing the user to access the file using an application of choice. To provide this functionality, the secure access client can implement an RDP client that is configured to create an RDP session with an RDP service executing on the same computing device. The RDP service can allow the secure access client to display the user interface of an application employed to open a file. The secure access client can be configured to selectively apply access limitations on a per file basis. This selective enforcement can be accomplished by only implementing a virtual channel extension to provide a particular type of access to the file when the file's access limitations would allow such access.

Abstract: Fault recovery of a video bitstream can be performed in a remote session. A decoder of a remote display protocol client can be configured to process a video bitstream that is transferred over a virtual channel of a remote session. As part of processing the video bitstream prior to passing it to a hardware decoder, the decoder can detect the occurrence of an error in the bitstream and then cause the remote display protocol client to employ the remote display protocol which encapsulates the virtual channel to request an I-frame from the remote display protocol service. This will force the encoder to send an I-frame even if the desktop has low entropy thereby minimizing how long a glitch may persist. Because the remote display protocol itself is employed to request the I-frame, there is no requirement to modify the video stream protocol.

Abstract: Local network resources can be seamlessly accessed from a remote session. A remoting client that executes on a client terminal and a remoting service that executes in a remote session can each be configured to implement a virtual network pseudo device. These virtual network pseudo devices can be configured to communicate network communications via a virtual channel with the virtual channel endpoints performing any necessary network address translation. As a result, when the remote session host attempts to discover local network resources, the corresponding network communications will be routed over the virtual channel and transmitted over the client's local area network. Any resources on the client's local area network will respond accordingly with this responses being routed back over the virtual channel to the remote session host thus causing the resources to appear as if they were part of the same local area network as the remote session host.

Abstract: In a desktop virtualization environment, a server-side agent can be employed on the server to function as a cast device. Applications executing on a remote desktop will therefore see the agent as a cast device and can direct cast requests to the agent. When the agent receives a cast request, it can forward the cast request to a client-side proxy. The proxy can then transmit the cast request to an actual cast device that is part of the same subnet as the client. In this way, an application executing on the server will be able to seamlessly cast content to a cast device that is not part of the same subnet.

Abstract: A remote desktop can be shared with a number of clients. A proxy client can be employed to establish a remote desktop connection with a server for the purpose of accessing a remote desktop. The proxy client can receive desktop display data pertaining to the remote desktop and forward it to a remote desktop client on one or more clients to cause the remote desktop to be displayed on each of the clients. When users interact with the remote desktop displayed on the clients, the remote desktop client can send desktop input data to the proxy client. The proxy client can then forward this desktop input data to the server over the remote desktop connection. The proxy client may selectively block desktop input data received from a client that is not currently authorized to provide input to the remote desktop.

Abstract: A method for managing a session between a local computing device and a remote computing device, in which a session is established between a local computing device and a remote computing device, a lock session signal is transmitted from the remote computing device to the local computing device, a lock session signal is received at the local computing device, and the session is locked, at the local computing device. Furthermore, the user is prompted for identification information at the remote computing device, and the identification information is transmitted from the remote computing device to the local computing device. Moreover, the identification information is received at the local computing device, the identification information is authenticated at the local computing device, and the session is unlocked, at the local computing device.

Abstract: Authentication can be performed on thin clients using independent mobile devices. Because many users have smart phones or other similar mobile devices that include biometric scanners, such mobile devices can be leveraged to perform authentication of users as part of logging in to a thin client desktop. A mapping can be created on a central server between a user's mobile device and the user's domain identity. A mapping can also be created between the user's domain identity and the user's thin client desktop. Then, when a user desires to log in to his thin client desktop, the user can employ the appropriate biometric scanner on his mobile device to perform authentication. The central server can then rely on this authentication to identify and log the user into his thin client desktop.

Abstract: Audio and video devices can be virtualized using synchronous A/V streaming. When a video device such as a webcam is connected to a client terminal while the client terminal has established a remote session on a server, video data generated by the video device can be encoded into an encoded video stream using the H.264 or similar standard. Additionally, audio data corresponding to the video data can be embedded into the encoded video stream. The encoded video stream with the embedded audio can then be transferred to the server. The server-side components can extract the audio from the stream and perform the necessary decoding on the video and possibly on the audio data prior to providing the decoded data to drivers that function as virtualized audio and video devices on the server.

Abstract: A Native Client-based remote display client can efficiently perform multimedia redirection by routing un-rendered multimedia content to browser code executing outside the sandbox in which the remote display client is executed. In this way, a remote display client implemented as a Native Client module will not be limited to using the APIs available within the sandbox to render the multimedia content. The Native Client module can communicate with the browser code to provide parameters necessary for the browser code to submit a web-based request to the Native Client module via localhost to thereby obtain the multimedia content via one or more web-based communications.

Abstract: In particular embodiments, a computing device may receive device data from a client device. The computing device may encode the data for transmission to a remote desktop client. The re-encoding may be performed according to a pre-defined import/export protocol.