Abstract: A user accesses a remote session, the connection to which is managed by a connection broker, according to a single sign-on (SSO) process. The SSO process includes the user entering his or her credentials and being authenticated to the connection broker. In addition to user authentication, the SSO process includes connection broker authentication to confirm that the connection broker is trustworthy. When the connection broker is authenticated, the user credentials are transmitted to the connection broker in a secure manner and the connection broker forwards them onto a machine hosting the remote session so that the user can be logged into the remote session without entering his or her credentials again.

Abstract: In one set of embodiments, a Virtual Desktop Infrastructure (VDI) client running on a client device can receive first client-side data from a client telemetry service, where the first client-side data includes information pertaining to a current state of the client device. The VDI client can further retrieve second client-side data including information pertaining to the VDI client and/or a VDI session established between the VDI client and a VDI agent running on a server system, and can aggregate the first client-side data and the second client-side data to produce aggregated client-side data. The VDI client can then transmit the aggregated client-side data to the VDI agent.

Abstract: Systems and methods are provided for dynamically optimizing and configuring various aspects of virtual desktops in virtual desktop infrastructure. Data collectors can be installed on and operate on various components in the virtual desktop infrastructure, such as on the virtual desktops running on the server, on the virtual desktop clients running on user devices, and on the connection server. The data collectors can operate to collect various types of information from corresponding components, such as application usage data and status, device performance, networking environment and speed, application or system crash data, and so on. The collected data can be logged, tracked, and analyzed to perform various actions on the virtual desktop.

Abstract: The present disclosure relates to methods, systems, and machine-readable media for passwordless access to virtual desktops. A request can be received to launch a virtual desktop provided by a software defined data center from a client having previously authenticated a user via a passwordless login. The client can be authenticated to a connection server and a virtual desktop. Authenticating the client to the virtual desktop can include receiving a request from the connection server to initiate a session, wherein the request includes an identifier generated by the client in association with the passwordless login, caching the identifier with the session, connecting to the client to establish a virtual channel connection, specifying a key storage provider to perform the authentication via the cached identifier, and performing cryptographic operations with the client via the virtual channel connection. The virtual desktop can be launched responsive to authenticating the client to the virtual desktop.

Abstract: A user accesses a remote session, the connection to which is managed by a connection broker, according to a single sign-on (SSO) process. The SSO process includes the user entering his or her credentials and being authenticated to the connection broker. In addition to user authentication, the SSO process includes connection broker authentication to confirm that the connection broker is trustworthy. When the connection broker is authenticated, the user credentials are transmitted to the connection broker in a secure manner and the connection broker forwards them onto a machine hosting the remote session so that the user can be logged into the remote session without entering his or her credentials again.

Abstract: A hybrid account logon is disclosed for logging into remote desktops. In one embodiment, the hybrid logon combines local and domain accounts by building a local primary access token which provides credentials for local and domain-based accounts. In one embodiment, a credentials provider creates a serialized structure including both local account information and domain credentials and sends the serialized structure to a logon user interface (UI) process. The logon UI process calls a user authentication service that itself calls a hybrid authentication package which performs a domain logon, discards any identity associated with the domain logon session, and builds a local identity for the local account. The user authentication service then generates a primary access token including the local identity and the domain logon session data, thereby supporting interactive logon based on the local user identity which is also linked to network credentials for use in accessing network resources.

Abstract: A hybrid account logon is disclosed for logging into remote desktops. In one embodiment, the hybrid logon combines local and domain accounts by building a local primary access token which provides credentials for local and domain-based accounts. In one embodiment, a credentials provider creates a serialized structure including both local account information and domain credentials and sends the serialized structure to a logon user interface (UI) process. The logon UI process calls a user authentication service that itself calls a hybrid authentication package which performs a domain logon, discards any identity associated with the domain logon session, and builds a local identity for the local account. The user authentication service then generates a primary access token including the local identity and the domain logon session data, thereby supporting interactive logon based on the local user identity which is also linked to network credentials for use in accessing network resources.

Abstract: Examples described herein enable memory state sharing among a plurality of virtual machines (VM) including a parent VM and a child VM. A request for memory state sharing between the parent VM and the child VM is received, and the parent VM is suspended. The child VM resumes execution of one or more suspended applications. In one example, the child FM is forked with pre-loaded, suspended applications from the parent VM. Aspects of the disclosure offer a high performance, resource efficient solution that outperforms traditional approaches in areas of software compatibility, stability, quality of service control, re-source utilization, and more.

Abstract: A user accesses a remote session, the connection to which is managed by a connection broker, according to a single sign-on (SSO) process. The SSO process includes the user entering his or her credentials and being authenticated to the connection broker. In addition to user authentication, the SSO process includes connection broker authentication to confirm that the connection broker is trustworthy. When the connection broker is authenticated, the user credentials are transmitted to the connection broker in a secure manner and the connection broker forwards them onto a machine hosting the remote session so that the user can be logged into the remote session without entering his or her credentials again.

Abstract: Examples described herein enable memory state sharing among a plurality of virtual machines (VM) including a parent VM and a child VM. A request for memory state sharing between the parent VM and the child VM is received, and the parent VM is suspended. The child VM resumes execution of one or more suspended applications. In one example, the child FM is forked with pre-loaded, suspended applications from the parent VM. Aspects of the disclosure offer a high performance, resource efficient solution that outperforms traditional approaches in areas of software compatibility, stability, quality of service control, re-source utilization, and more.

Abstract: A user accesses a remote session, the connection to which is managed by a connection broker, according to a single sign-on (SSO) process. The SSO process includes the user entering his or her credentials and being authenticated to the connection broker. In addition to user authentication, the SSO process includes connection broker authentication to confirm that the connection broker is trustworthy. When the connection broker is authenticated, the user credentials are transmitted to the connection broker in a secure manner and the connection broker forwards them onto a machine hosting the remote session so that the user can be logged into the remote session without entering his or her credentials again.

Abstract: Examples described herein enable memory state sharing among a plurality of virtual machines (VM) including a parent VM and a child VM. A request for memory state sharing between the parent VM and the child VM is received, and the parent VM is suspended. The child VM resumes execution of one or more suspended applications. In one example, the child FM is forked with pre-loaded, suspended applications from the parent VM. Aspects of the disclosure offer a high performance, resource efficient solution that outperforms traditional approaches in areas of software compatibility, stability, quality of service control, re-source utilization, and more.

Abstract: Examples described herein enable memory state sharing among a plurality of virtual machines (VM) including a parent VM and a child VM. A request for memory state sharing between the parent VM and the child VM is received, and the parent VM is suspended. The child VM resumes execution of one or more suspended applications. In one example, the child FM is forked with pre-loaded, suspended applications from the parent VM. Aspects of the disclosure offer a high performance, resource efficient solution that outperforms traditional approaches in areas of software compatibility, stability, quality of service control, re-source utilization, and more.

Abstract: A user accesses a remote session, the connection to which is managed by a connection broker, according to a single sign-on (SSO) process. The SSO process includes the user entering his or her credentials and being authenticated to the connection broker. In addition to user authentication, the SSO process includes connection broker authentication to confirm that the connection broker is trustworthy. When the connection broker is authenticated, the user credentials are transmitted to the connection broker in a secure manner and the connection broker forwards them onto a machine hosting the remote session so that the user can be logged into the remote session without entering his or her credentials again.

Abstract: Methods, computer-readable storage medium, and systems described herein facilitate enabling access to a virtual desktop of a host computing device. An authentication system receives one of an authentication token and a reference to the authentication token, wherein the authentication token is indicative of whether a user successfully logged in to an authentication portal using a client computing device. The authentication system generates a private key, a digital certificate, and a personal identification number (PIN) for the user in response to receiving the one of the authentication token and the reference to the authentication token. The private key, the digital certificate, and the PIN are stored in a virtual smartcard, and the client computing device is authorized to log into a virtual desktop using the virtual smartcard.

Abstract: Methods, computer-readable storage medium, and systems described herein facilitate enabling access to a virtual desktop of a host computing device. An authentication system receives one of an authentication token and a reference to the authentication token, wherein the authentication token is indicative of whether a user successfully logged in to an authentication portal using a client computing device. The authentication system generates a private key, a digital certificate, and a personal identification number (PIN) for the user in response to receiving the one of the authentication token and the reference to the authentication token. The private key, the digital certificate, and the PIN are stored in a virtual smartcard, and the client computing device is authorized to log into a virtual desktop using the virtual smartcard.