Citrix / Remote Desktop – for an Access-developer

Author: Rickard Olsson from Ricol IT in Sweden ~ January 2005  English Link here

Running an Access-application from anywhere over Internet (modem connections included) with great performance sharing the data in a local mdb-file – That is what Citrix and Remote Desktop is all about!! At least seen with the perspective of an Access- or Office- developer.

No hassles of sending data back and forth from client to server, the data is where it should be, close to the program, the only known way to construct user friendly software with good performance.

If any of your users need assistance, have a glimpse on their screen in a few seconds to help them. Or use ‘shadowing’ to test their impressions of your prototype for the new functions they have asked for.

This should be a dream-scenario for the future when everybody has dotnet and Microsoft has solved all their problems and we have converted all our code to dotnet. But it is here right now, if you develop and distribute your Office application in the Citrix environment.

That is my view of Citrix when trying to convince people about it, but for sure it has both pros and cons so I will try to be more honest from right now…

Background.

Some years ago one of my customers declared they have chosen Citrix as their platform for delivering PC-power to their users, and I was suspicious, very suspicious to say the least. Having heard of it a little about it, I wasn;t confidant that it would work? So I was given a logon with a password tool to logon to their system through a secure connection over Internet using a virtual private network (VPN) and started to use it. At the time they were using a mainframe as host for their ERP-system. My mission was to deliver monthly sales statistics, which I delivered from my computer with Access and Excel through email and FTP. After downloading the ICA-client from Citrix I was up flying in ten minutes. The reasons they had chosen Citrix was primarily for cost of ownership and that they wanted a controlled environment with high security. At the time of their decision they had some old 486-PC:s that were all to be modernized at the same time. Instead of buying 50 new PC:S they bought three new servers where they installed Citrix. On the 486:s they installed the Citrix client and in a snap everyone was up running Office 97 with good performance on 486 with 4 Mb.  Since they were mainframe people they also liked the centralized approach of Citrix, which means standardized desktop etc.

Behind the curtain.

How is now this achieved? There are two secrets to understand, first is the remote desktop, which is fundamentally the same as PC-Anywhere and Windows XP remote desktop. This provides the ability to run a PC remote where your interaction with the remote is only through the desktop where your mouse-actions and keyboard actions are sent to the remote to be handled. The remote sends back the desktop updates to your PC. With some restrictions on number of colours and with a smart protocol, this could be handled smoothly with a bandwidth of 20 kbaud, which everyone who has used PC-Anywhere with modem will agree on. The second secret is timesharing, a principle used around mainframes for long times. 99% of the time your PC is just idle waiting for you to do some action, in other word your PC could easily be used by at least ten other people when it comes to capacity. In a timesharing environment a second is split into say 100 frames, you have a queue of programs wanting computing power so you give the first frame to the one with highest priority. After the frame is gone you go back and look at the queue and chose the one with highest priority at this moment, which is given the next slot…. From the outside this gives the impression that all sharing the resource get almost simultaneous service and in this way a PC could easily handle the desktops for 10 or 20 persons depending on the load and the capacity of the server in terms of CPU and memory. Win NT has always been capable of working in a timeshared way. This is what is Citrix is all about at the server, running many users simultaneously and letting them share the resources of the server with timesharing techniques. The first releases were released soon after NT was released. More info around the company and products could be found on: www.citrix.com, or a direct link to white papers.

The products – Metaframe and Terminal Server.

Metaframe as Citrix calls their product, is mostly sold to solve the well known problems of having a bunch of PC:s with Windows installed, i.e. Cost of ownership, Cost of installation, DLL-hell, Controlled environment, Security Updates etc etc. Instead of having all PC:s spread over the globe, you centralize the computing power to a centre to which the user connects to run their Windows (or other) desktops. The terminal could be almost any device capable of having a screen equipped with a keyboard and probably a mouse pointer.

Microsoft has shown some interest in this technology so they have an agreement with Citrix, which gives them the right to use the technology in the Windows environment. This product which is called Terminal Server was announced before Windows 2000 was released but became known to me at that time. The TS-service is also included with Windows 2000 Server and Windows 2003 Server, the protocol used is called RDP which corresponds to what Citrix calls ICA. For a smaller operation, Microsoft’s offering could be compelling since it’s cheaper than Metaframe, but the rules of licensing are very complex to say the least, and few people seems to understand them. If you have a Windows Server 2003 you could easily install it and get started with two simultaneous users (must be administrators). This is included in the ordinary licence.

Few people in Microsoft seem to understand the potential of the technology. When listening to Microsoft their TS-product is never mentioned, if asking for it, they will probably tell you it is an interesting technology. I have asked Microsoft about the product here in Sweden on a number of occcasions and most of the time I have had very confusing answers or been pointed in the way of the dot net juggernaut. Probably this ignorance will delay the breakthrough of Citrix and TS a couple of years, but here in Sweden the installed base of Citrix has started to grow faster and faster without any marketing support from Microsoft.

Citrix/Terminal Server and MS Access.

As a developer of Access you know that the best solutions you could offer is a database and a front end on the user’s computer with a good hard disk and with memory for a good cache. In this situation few tools could beat the application when it comes to user friendliness, development costs and performance. Unfortunately these cases are not standard, most of the time people want to share information so you have to put the backend on a server share and you will have multiple front ends to maintain on the user’s PC:s. In most cases this gives reasonable costs to the cost of performance penalty. Many of the problems reported from US with performance disasters, I have never encountered here in Sweden. The probable explanation to that fact could be that the LAN:s and WAN:s used here are of better quality and staffed with more skilled personals than in the US. I have only been up to a handful case where upsizing to SQL Server has been needed, so to me there has been few bucks to earn in that business.

The Citrix model of having all running in the same CPU seems more than ideal for setting up an Access-application. You gain all the performance benefits of the standalone solution and you have only one machine to care about when distributing fixes or new releases, and the bandwidth needed could be handled by a modem connection. All known problems with multi-user Access-applications in LAN/WAN environment will vanish. Only problem is that Microsoft doesn’t seem to understand. It is amazing but this is the only hit you get when searching on ‘citrix’ inside Access on Technet. The text: (‘Note Access was not tested on a Citrix server. Therefore, Access is supported on a best-effort basis on a Citrix server.’  ) The underlined text was recently changed from ‘not supported’, so there might be some hope…

Being on the ‘farm’.

I suppose your applications are like mine. Not important enough to finance the concept of Citrix on their own, or you are not interested in getting involved in the sales job for Citrix or a TS-initiative. So most of the time Citrix or terminal server is already there and you just want your application to run smooth. If your customer does not have Citrix or TS installed, you have the option of delivering your application at an independent ASP-site where your customer runs the application over Internet, which means this site could be anywhere on the globe. (For example www.donator.se where I deliver my solutions.)

Whichever is your scenario, you will probably be presented to the farm concept. The farm is a bunch of servers set up to service a bigger bunch of users. In most cases this means people want their hardware to run smooth delivering the best service to all users, and this means something called ‘load balancing’.  This concept is essentially trying to balance the load of the user’s at all times to be spread among the available servers to get the best performance for all users at the current time. When a user logs on this means he or she is connected to the server which could serve him or her best, i.e. probably the server, which has the fewest user’s active right now. This concept could be disturbing for an Access application at the farm, since this most of the time means you won’t get the control you want, i.e. both the backend and the front end then has to be on a networked drive. In many cases this is not a problem, because in the farm the servers are connected with high speed connections, with much better performance than you get in a LAN or WAN. Sometimes it could be a disturbing factor, especially if the are many servers active on the same disk drive you could get long response time example when the first user opens the backend. This is depending on the creation of new files (i.e. the ldb-file) on a heavy loaded disk-share could be a performance issue as far as I have understood. If you run into such trouble your best way out is to make your application dedicated to a certain server. This means that you put up your application to the users as dedicated, which means they don’t start it in the computer where they run their desktop in Citrix, but instead start it in a server dedicated for your application. If put up in this way your are in the dream-scenario, you put both the backend and the front end mdb’s on a local disk on this dedicated server and you just get what you want, the best performance available for your application, since you have no networked drive whatsoever. The size and capacity of this dedicated server will of course set the limit of how scalable your solution will be. In most of my application this has never been an issue since as far as I understand a reasonable server is well capable of severing at least twenty simultaneous users or more. If you have solutions with heaver loads you better test if this approach is feasible. With Microsoft’s current view of support of Access in Citrix environment you won’t get any recommendation from them though.

What is "Difficult" about citrix and remote desktop?

So far we have just covered the pros. To run a Citrix’ farm is more technically complicated than running a bunch of PC:s at the users’ desktop, period. The central approach is much more vulnerable than the decentralized approach. This means that the service your application will accomplish is dependent on the service level given by the technicians at the farm. If your customer is new to Citrix there is a danger that the technical support is far from perfect. I have seen very different service levels here in Scandinavia depending on the skill and experience of the technical staff at the farm. If the service is rather new be cautious about the promises you give your customers. So let us have a look at the most common hang-ups.

Printing issues.

Many of my users expect the computer to understand where they want their printout to be delivered. Many of them are not aware of how Windows handles this, i.e. default printer etc etc. When it comes to Citrix this is not a trivial issue. The printer the user expects to deliver the printout is specified as the default printer in his local Windows on his desktop. In the computer at the farm this printer could be a totally new story. If this computer is lucky it has heard of the type of printer the user is using, if not he is in trouble. From the farm’s perspective it is impossible to set up the server with all printer drivers to all printers available in the market, but still that is what is needed. In a Citrix farm with good technical staff this most of the time runs smoothly, having installed a lot of drivers for most printer and putting up mapping tables on how to handle different issues. If the knowledge of these problems is poor the trivial service of printing is poor. If you run into a farm of Terminal Server expect even more problems since Microsoft support for printing issues until recently have been rather poor. So be aware and test printing before giving any promises to your customers!! A desperate but functional approach is using PDF-files and learning your users to transfer these files to their local computer for printing. It always works…

Local drives.

Many of my users expect their C-drive to be in (citrix window) Windows Explorer as the C-drive. In Terminal Server and Citrix this is not trivial since this drive is on another computer (yours)  that could be far away connected over a modem connection. As you understand the C-drive on the server in the farm is a totally other story than the C-drive on the user’s local computer. The mapping of local drives is a complication that needs understanding of both technicians around the server, you and the users of your application. If your application don’t address local drives then you are lucky, if it does you need to address this complication that arises in the Citirx/TS-environment. In Citrix this has been well handled for a long time. In terminal server on Windows 2003, Microsoft handles it better than earlier releases where you needed a logon script with mapping for each user. Still I am not exactly aware of how it is handled in detail, but my overall impression is that it works far more better on Citrix-farms than on TS-farms. So as with printers you and your application are in the hands of the technicians around the farm. My best advice to Access developers in this area is that you had better make friends with with your technicians (and find out what their current level of knowledge is), because that is the best insurance for you and your relation to your customer. My experience is that this is confusing at the best of times. I have run into many confusing situations getting long response time when my program was at my local C-drive over a modem when I expected it to be on a local drive at the server. This often happens when I have uploaded a mdb-file with linked tables addressing my local drive. In some cases it seems better that C is not C because then you get an error message instead of unexpected long response. Most of the time you will be surprised of the fast and reliable file transfers done, when you work with files in the remote Explorer accessing the files on your local computer, at least when working with Citrix.

The local network and the network of the server.

This issue you will probably only have to address if your application is run on an ASP-provider outside your customers’ LAN. If this is the case you will sooner or later understand that the network of your user and the network of the server in the farm is two totally different stories. If your application runs on a local farm the network of your user and the server are probably almost the same so many hassles won’t arise. Technically it is possible to set up both cases smoothly, but as you understand there are many political issues in the external cases. One problem I run into a month ago was a customer wanting to save hyperlinks to documents in his local network in an mdb-file at an external ASP-provider. The IT-staff at his local network didn’t allow the external computer at the ASP to access the company network, so we had to drop the idea.

The clipboard.

Most of my users have their own ideas about the clipboard. This is one of the great wonders about Windows, almost all the time you get what you expect. Working with two different computers this is not as trivial anymore. If you copy anything in Excel on your local computer (including your citrix/remote desktop window), most users would expect that they could past it into Excel in their session on the farm. Behind the curtain this is not trivial, but fortunately the support for this is very good and most of the time you get what you expect. Sometimes though you will be surprised by the response time, which is due to the size of the clipboard that has to be moved over a thin modem connection, if you don’t have a better connection.

Roaming profiles.

Working on my local computer I use my local desktop to store files I am working with. Keeping that habit in the Citrix-environmet I have found could be a hassle. In the farm it is not possible to save your desktop and it’s content on a local drive at the computer you are working on, so behind the curtain someone saves the content of your profile issues on a networked drive in the farm when you log off. A feature called roaming profiles in the Windows environment handles this and it includes most of your local settings both in the registry and in the directory ‘Local Settings’. This means that when you re-enter your desktop on another computer in the farm all your settings are remembered as you expect and all the files on your desktop is where you left them. Unfortunately this is only in theory, if you loose contact with your remote desktop by other means than logging off, everything seems possible. Working over remote connections you could be dropped for other reasons than logging off in the correct way. Many times I have been up to losing my current updates of files on the desktop, so my best advice is to save your work in other places like a network drive now and then when having many updates in a file. Most of the time good technicians at the farm have been able to find my lost files on the computer I lost connection with before they were gone. This most of the time have solved my problems. This is another example where good relations to technicians are good investment in time.

NOTE: Garry's experience with remote desktop and terminal server is that if an internet connection drop's out, when you log back into the remote desktop, all applicaitons remain in the same state as they were before you dropped out.  ie they are open in the same spot.

Network connections.

Last summer I decided to work all summer from my cottage in the archipelago, so I rented an office in the neighbourhood and used my bicycle and motorboat when going to work. I had three wonderful months only possible due to Citrix. I worked on a project at my customer from the rented office in the same way as I could do being at home. Most of the time the network connection was better than what I have at my usual office at home so my productivity was equal or even better when working. The first two weeks though I had a problem in the afternoons. I lost contact with the Citrix-server 10-15 times per hour and had to logon over and over again. It took me two weeks effort to localize and get rid of the problem. It was at the local site in my rented office where they had a line, which dropped in the afternoon due to overloading problems. My experience is that the ICA- and RDP-protocols are much more sensitive for bad connections than for example HTTP, so always check the quality of the connections needed before getting into TS and Citrix-environmet.

Secure environment.

When working in Citrix environment you need to protect the environment much more than you usually do if your network consists of local PC:s. This is because if someone accidentally deletes a file in Windows\System they will cause a lot of trouble not only to themselves but also to everybody connected to that computer in the farm. To get a reliable environment for everybody the technicians responsible for the farm usually use much more of policies and NT-security than you will meet on many local PC:s. Sometimes this is good sometimes it is really disturbing, especially in the role as a developer. You will probably need more permission than you are given by default to solve your customer’s problems. You have to expect that you are not allowed to update the directories of Windows, Windows\System or Program\Files and most of the time those directories will not even be possible to browse because they are hidden in one way or the other. Registry updates are often prohibited, both of security reasons and problems with roaming profiles. Probably you will be given a home directory where you could save your private stuff, H seems to be most popular. If you are internal in the company you will also be given a shared drive where G seems most popular, and that is about all. If set up correct you can also browse your drives local on the PC, if you allow this to happen, not everybody seems to understand the need of this. You won’t see the networked drives on your local PC in the remote Explorer and I have never ever found the possibility to browse the network in the Citrix-environmet. In the early days most Citrix-sites disallowed the user to use the Windows Explorer on the remote, but this nowadays seems unusual. Don’t expect to be allowed to install programs or printers or change the settings for the display. Expect most of the functions of the Control Panel to be missing, so you will need good contacts with the administrator to live a comfortable life as a developer, send him a bottle of whiskey now and then. But without any doubt your application is in a much safer environment than if installed on a local PC.

ODBC-connections.

When I was new to Citrix one of my first surprises was ODBC-connections. I do a lot of my work with Excel Pivot tables, so I used ODBC-connections since many of my customers want to be able to handle the source of the pivot tables by the ugly tool MS-Query. If you get the permissions needed to put up a system wide ODBC-connection you will probably as I did expect it to be valid for the whole farm of computers at the remote. I defined the connection and tested my application, which went smooth, and was surprised when my customer reported the error of ODBC-specification missing. I went into the system and when I used it worked. It took me a long time to understand that the ODBC-definition I have put into one of the registries in one of the computers in the farm was not enough. My customer landed in another computer in the farm than the one where my spec was. So nowadays I most of the time use DSN-less specifications so my applications don’t have to rely on the unreliable registry in the Citrix-environmet.

Many computers’ syndrom.

If you start working with Citrix you will sooner or later ending up in trouble remembering in which computer you did what and where you saved it. You are up in two networks and if you use some of the nice features of Citrix being able to easily connect to another computer at the farm the confusing will escalate.

In many cases when I work I have my laptop where I handle email and some of my customer’s stuff. Then I have my server where I have some releases of SQL-Server and other stuff needed to test my applications. Between those two I switch with a nice hardware feature using doubled Scroll-Lock. I then decide to logon to Citrix at my customer’s site, so I get one desktop there, after a while I need to get into the SQL-Server machine at my customer so now I am up to four desktops. I get a phone call from another of my Citrix-clients which makes me logon to their site where I get a new desktop, but since it is a support issue I start shadowing from there so a reach my customer’s desktop. Now I am up to six desktops where I am active… After Christmas when I finally get Virtual-PC installed on my laptop I will probably end up with a dozen per day. Problem is my brain won’t manage this, and that is really a problem, and I haven’t got any good advice on this yet. Only trick so far is having the desktops in different colour schemes seems to help my confused brain a little.

Where does my keystrokes get evaluated? If I need to activate the Taskmanager Ctrl-Alt-Delete work on my local anytime, but in Citrix I need to do Ctrl/F1. When working with Citrix you switch between full screen and in a window on your local with Alt/F2, which is a useful keystroke in the VBA-editor that you will miss. This is also disturbing since you strike these keys without using your brain. All these settings could of course be handled in one way or the other but with many computers involved I have not yet come up with a good way of handling it. Only frustration…

Access runtimes.

After much trouble with runtimes in the past, I have almost totally given this approach up. My view today is that it is much cheaper for my customers to buy an Access-license than it will be if I set up a runtime. My support will also be much easier since I could debug the application where it is run if I ever get into trouble. So my experience in this topic is not very deep.  Garry Robinson totally agrees...

Installing software in the TS- and Citrix-environment needs special consideration since the installation of the program is shared among many users simultaneously. For example this means that setting up a reliable Office-installation needs special treatment that is described on the net. If you want to deploy an Access-runtime application in this environment it could be done, but you must be aware of the needs for putting all the registry stuff in all the servers at the farm where it should be run. My advice for runtimes is that you are probably much better off if you dedicate the application to one server in the farm and give your users a Citrix-icon to start it as a dedicated application instead running it from their current desktop in the usual way. In this way you only have to maintain the application on one server, which will be much easier. I have put up an Access97-runtime in this fashion and it runs stable, at least in testing… And as I said earlier don’t expect Microsoft to help you if you get into trouble. (Best effort…)

Licensing issues.

This could be an issue. I will not cover any of the troublesome parts since most of the time the people around the farm knows them much better than you will ever care about them. I would only like to stress out one fact, many times when you meet an external ASP they will offer you a complete desktop with Microsoft Office included on a monthly rate. If you have a legal Office-license on your local computer you will not need another license for the remote, as far as I have understood these rules when discussing them with Microsoft here in Sweden.

The future.

About it we know nothing!! But for sure I will of course try to speculate. The trend seen in Scandinavia is that the percentage of Citrix-desktops in the work related office environment is increasing, especially in large and midsize companies. The driving factors behind this is cost of ownership, cost of installation, DLL-hell related problems, controlled environment, security updates – ‘virus threats’ and ‘shadow’-support. Many people seem to be convinced that the cost of higher technical skill and a more vulnerable central approach is outbalanced by the achieved positive effects in these areas. The users louse some of their control but since many of them never used it they don’t feel the problem. The advanced user still often has the control of the local desktop on his laptop so when he looks for freedom this is where he goes. This means with TS or Citrix it is possible to set up the company standard desktop that is available everywhere, in the LAN, on the WAN, over Internet and even connected with a modem at your cottage, in other words you are connected everywhere. This is also what you get when you transform your systems to HTTP, XML and .NET, but the cost of achieving it is much higher since there is no way of achieving the connection freedom without a considerable conversion effort into your current applications with this technique. To me it is clear that there is a battle between Microsoft and Citrix to sell the concept of connection freedom, and here in Sweden Citrix has won the first round. When up in a fight against Microsoft few companies yet has succeeded. My best guess is that the remote desktop technique will win but the winner at last will probably be Microsoft…. They will either buy Citrix or they will finally understand that their .NET offer is too expensive and put more focus on TS than today.

For me this fight is very similar to the fight between IBM and Microsoft in the mid 90:ies around OS/2 and Windows. Windows was compatible but OS/2 was not – and who won? So far with 25 years in the IT-industry I have never seen an incompatible technique winning. The rule is very simple compatibility, compatibility and still more compatibility and the sooner Microsoft comes back to this wisdom the faster will the development in the IT-industry go.

Welcome to Sweden.

Reading so far your interest in this topic must be solid. If you would like to test the techniques described you have two choices. You could easily set up your Windows 2003 with TS and without any licenses hassles test the techniques. If you would like to go further and are primarily interested in developing application my advice is to stop there. You are much better off buying these services since they are rather complicated to grasp. If you are lucky you will have an ASP around the corner or a customer site where Citrix or TS is installed and the technical support is at place. If that is the case set up a pilot project and try it. If you have a networked Access-application with performance problems this is a good candidate. You will probably fix most problems moving it to Citrix on a dedicated server.

If you are interested and lack these possibilities feel free to contact me. The company Donator, which I cooperate with, is willing to set up some test users so you could freely test your application during a month before taking the step. If you are interested send an email to:

and I do my best to arrange this. If I fail to answer your mail it could depend on my spam-filters so if you don’t get any answer please let me know your email address by an SMS to +46 707 200 242 so I could put you up among my ‘friends’.

Other Pages at VB123.com That You May Want To Vist
Remote Queries In Microsoft Access
Processing E-Mail Orders using Outlook and Access
Building Your Own Wizard User Interface
Replace Your File API’s With The FileDialog Object

Microsoft Pages
http://www.microsoft.com/technet/prodtechnol/winxppro/evaluate/mblxp.mspx

Download remote desktop for XP Home
http://www.microsoft.com/windowsxp/downloads/tools/rdclientdl.mspx
 

Click on the button for the next help page in this Access Loop.

Links >>>  Home | Search | Workbench | Orders | Newsletter | Access Security | Access professionals