How-To

Hands-On with a Windows IoT Device

Tom Fenton finds that Windows IoT Enterprise works fine as a base OS to run a thin client used to connect to a VDI desktop and a local desktop using RDP.

• By Tom Fenton
• 07/07/2023

I am starting to see more and more thin clients, kiosks and other devices that need a secure, small-footprint OS running Windows IoT. For example, if you sign into a hotel lobby computer and it has a familiar Windows look and feel, it is probably running one of the three versions (for example, Core, Enterprise or Server) of Windows IoT (Internet of Things). If you have ever seen a large digital sign with a Windows error or crash message, it is also probably running IoT.

Many thin-client vendors, such as Dell, Lenovo, HP and even 10ZiG offer Windows IoT as an OS for their machines. This is the use case that I will be discussing in this article.

To investigate Windows IoT, I got a Lenovo M75n, which comes with Windows IoT Enterprise installed. For those unfamiliar with Windows IoT, including all its versions and how they differ, I suggest reading the previous article I wrote first.

The Lenovo M75n model 11G4 is a small device with a black body and red bottom. It has an AMD Ryzen CPU and 8GB of RAM. This model is designed to be used as a thin client to connect to Horizon, Citrix and other VDI desktops.

I was unsure what to expect when I powered on the device but was pleasantly surprised that it booted like any other Windows system. I was automatically logged on as MyUser and presented with the Windows background.

The desktop was severely locked down and had minimal applications and tools available through the Start menu. It did not have access to the command prompt or taskbar.

I logged out of MyUser and signed in as Administrator, where I had more tools and applications and was also able to install Chrome, Edge and other third-party tools. After I rebooted the system, all the applications were gone.

Many IoT installations use the Unified Write Filter (UWF) feature for security purposes and to save wear on SSD devices. This prevents the physical storage media from data writes as UWF intercepts all write attempts and redirects them to a virtual overlay that gets destroyed when a system is shut down or rebooted.

To gain the ability to add new applications, I first needed to disable UWF (uwfmgr.exe filter disable) and reboot the system (shutdown /r /t 0).

When the system booted back up, I received a message about UWF being disabled.

I installed the applications and enabled UWF (uwfmgr.exe filter enable). Then, I rebooted the system (shutdown /r /t 0).

After the system rebooted, I saw the applications that I had installed.

One of the applications that I installed was ControlUp Edge DX (as a disclaimer, I work for ControlUp). I felt that it would be a good test for third-party operability as it has an agent that runs as a service, monitors the device, connects to the device using a remote shell and console and remotely executes commands on the device. I was pleasantly surprised to see that all these features worked without issues.

I was able to connect to a Horizon desktop easily, and it had the same performance and experience that I had when using the Horizon client on a device with similar hardware running Windows 10 or Windows 11.

Likewise, I was able to connect to a local desktop using RDP without difficulty.

Over this article and my previous article, I looked at Windows IoT in general and specifically its suitability as a VDI client. During my investigation, I found that Microsoft designed its family of IoT OSes to provide a familiar Windows experience to users that can be managed using standard Windows tools.

The IoT family provides an OS to embedded systems and devices that provide only a single Universal Windows Platform (UWP) application (Core IoT), small footprint device (Enterprise), or more powerful devices that only offer a single service, such as a NAS (Server). IoT only has commercial licenses for corporations; individual licenses are not available.

I found that Windows IoT Enterprise worked out fine as a base OS to run a thin client that I used to connect to a VDI desktop and a local desktop using RDP. It had the familiar Windows look and feel and I could install Windows applications and third-party monitoring and management tools.