Virtual Insider

Blog archive

Cool, Free Virtualization Tool: Microsoft's RDS Application Compatibility Analyzer

For those of you that run Remote Desktop Services or Citrix XenApp environments, I'm sure you'd love it if there was a way to "automagically" test whether an application is compatible in an RDS/XenApp deployment. And when the app isn't compatible, wouldn't it be nice if that same tool could tell you what fixes would make the app work?

Well that tool exists and it's free from Microsoft: the Microsoft Remote Desktop Services Application Compatibility Analyzer. I mention XenApp and the reason for that is that any application that will work on RDS will also work on XenApp, since XenApp is an application that requires RDS and extends RDS's capabilities.

The cool thing about the RDS Application Compatibility Analyzer is that not only will it check application compatibility, but it will also suggest fixes that might increase the application's chances of running in that environment. So, it's a very proactive tool rather than just being a show-stopper.

When you run the Analyzer, the report will catalog the logs into tabs and categorize found issues by severity levels, warnings and problems. Unless you are troubleshooting or have a distinct interest in fixing the warnings as well, you should only focus your attention on the problems for now, which could potentially be show stoppers for the application to be installed on RDS/XenApp.

Here's what you get with each of the different tabs:

  • File/Registry lists file system and registry issues. An example of what it can detect is, if an application that writes to HKLM, which only administrators can access. This is a big issue because typically for applications to properly function in an RDS environment, you want the application to write to HKCU. Otherwise, if it is writing to HKLM and users can make changes to the application, then the result would be that changes made by user1 that logged on to the RDS server are visible to user2, and so on.
  • INI lists WriteProfile APIs. These APIs were originally used in 16-bit Windows but are still found even in some modern applications. (It's crazy, I know...)
  • Token lists access token checking. This process detects if an application is explicitly checking for the local administrator account SID. If it is, this means the application will not work for a standard user and would require elevated privileges.
  • Privilege lists privilege issues. For example, if an application needs the SeDebugPrivilege, it will not work for a standard user.
  • Name Space lists issues when an application creates system objects like events and memory mappings in restricted name spaces. If this error is detected, standard users will not be able to run the application, and elevated permissions and privileges are needed.
  • Other Objects lists issues related to objects other than files and registry, such as pipes, ports, shared libraries and components.
  • Process lists issues related to process elevation. If an application uses the CreateProcess API, it will not work for standard user.

The Analyzer can save you time and help find you a solution if one exists.

Now, this a free tool and while it is very helpful and useful, you can always resort to more advanced commercial tools that can give you greater details and prettier GUI interfaces. One such tool comes from App-DNA. They also have an analyzer specifically for XenApp that goes into greater detail and even tells you which applications will work on Windows Server 2008 R2.

Depending on what you are trying to accomplish either the RDS Application Compatibility Analyzer will suffice or the App-DNA for XenApp will most certainly knock it out of the park and save you a heck of a lot of testing time, especially when you're checking quite a few applications.

Posted by Elias Khnaser on 05/31/2011 at 12:49 PM


Subscribe on YouTube