Blogging about Royal TS/X, Royal Server and Royal Passwords

Royal TSX 3.2 Release

Today we’re glad to announce that another feature packed release of Royal TSX (for macOS) is available now! Version 3.2 contains lots of cool new features, various improvements across the board, many bugfixes and even a new object type that’ll help you stay organized.

So lets dive right into what’s new:

To-DoSupport for To-Do items

Since we’re already making your life easier by providing you with the tools to manage all your remote connections, we thought it would only be logical to also help you manage your day to day tasks. So starting with this release, you’ll be able to create To-Do items right in Royal TSX, add a title and description for them and when the time has come, mark them as completed.

To-Do items

Full Screen improvementsFull Screen improvements

We’ve long supported taking Royal TSX full screen, but full screen mode for individual connections has always been an RDP-only feature. Not anymore! With this release we’re allowing all connection types to be configured to launch straight into full screen mode. To configure a connection to launch in full screen mode, open the “Window Mode” properties of the connection and select “Open connection in – Full Screen”. If you’re a multi-screen user, you can of course also select the display you want to use for the full screen connection.

We’ve also added the much requested setting to remove the tab bar in external windows. You can find this under “Preferences – User Interface – Connection Tabs – Show Tab Bar in External Windows”.

Full Screen improvements

Copy to Clipboard improvements

Copy to Clipboard improvements

The “Copy to Clipboard” menu is a useful tool when automatic logon is not supported on a certain device or you need to copy some data, like a username to another application. In this release we’ve extended the “Copy to Clipboard” menu to allow peeking at the underlying values without having to copy them to the clipboard. To activate this mode, simply hold down the ⌥ (option/alt) key while the menu is open. This is especially useful if you’re using custom properties to store things like credit card information. Websites often don’t allow directly pasting the expiration date into a field so just peeking at the credit card’s data in Royal TSX instead of having to copy it to the clipboard, pasting it in some temporary area then filling it in on the website is a lot easier.

In this release we also added two new toolbar buttons for your convenience: “Copy Username” and “Copy Password”. Those two obviously come in handy if you need to copy login data between applications often.

Copy to Clipboard peeking

File Transfer ConnectionsFile Transfer Connections

File Transfer connections also received several noteworthy updates in this release. Here are some of the highlights:

  • Drag & drop is now supported between the two built-in browser panes as well as to and from Finder.
  • Live Edit automatically uploads files when the file is changed locally (double-click a remote file to start editing it).
  • We’ve added support for viewing and changing permissions (Option-click and select “Get Info…”).
  • It’s now possible to select a different credential when running into authentication errors while connecting to a server.

File Transfer Permissions

Other improvements

Other notable new features and improvements include:

  • Pressing ⌘+Return in the Ad Hoc Computer Name field will now establish an ad hoc connection using the last used protocol.
  • You can now create copies of objects with drag & drop (hold ⌥ option/alt while dragging).
  • We’ve added a keyboard shortcut for the “Documents” toolbar item (⇧⌘D) and also made sure that the search field is automatically selected when the menu is opened.
  • Import of mRemoteNG 1.75 documents is now supported (without passwords).
  • We re-enabled logging to Console.app (Sierra broke this, but the 10.12.4 update brought it back to live).
  • We added support for Date and Time replacement tokens in Key Sequence Tasks and Command Tasks.
  • You can now configure the browser extension authentication timeout.
  • We’ve finally added support for remapping modifier keys in Remote Desktop (RDP) connections. This has been requested time and again and is especially useful if you’re using a non-Apple keyboard.
  • A lot of work went into improving the stability of the RDP clipboard redirection feature. This should be rock solid now.
  • Secure Gateways can now be assigned to web connections. Note that this won’t work in 100% of cases. For instance if a website includes absolute or external links we won’t be able to tunnel them through the gateway. However, in most cases this should be sufficient.

 

Of course, this is just a quick peek at some of the highlights in this release. More detailed information and the full changeset (including bugfixes) is available in the release notes when updating the application and plugins.

For any feedback about Royal TSX 3.2 or our other releases, please don’t hesitate to contact us through our support portal.



How to install VMware.PowerCLI for the VMware Connection

vmware_powercli_installation

Royal TS and Royal Server are supporting the basic management of virtual machines in a vCenter or ESXi installation. This implementation is based on PowerCLI, a product of VMware which you need to install upfront on the machine where Royal TS or Royal Server is running.

So far, this installation was not straight forward, since you needed to have an account on vmware.com/ in order to download it and also find the correct/current version.

 

PowerCLI in the PowerShell Gallery

Starting with PowerCLI version 6.5.1 it is available in the PowerShell Gallery – finally!

Though there are some topics you need to be aware of:

  • Uninstall any previous version which were installed via an MSI installer before installing via the PowerShell Gallery
  • Check that the old installation directory is gone, usually C:\Program Files (x86)\VMware\Infrastructure\
  • Install it via
    Install-Module VMware.PowerCLI
  • If you use a regular PowerShell session, it will be installed for the current user. If you want to have it for all users (e.g. for Royal Server with its worker account) use a PowerShell session with administrative rights
  • The new path where you find the Vmware.Vim.dll is C:\Program Files\WindowsPowerShell\Modules\VimAutomation.Core\<version-number>\
  • Please be aware that the VMware Remote Console is not part of this and newer versions anymore (in previous versions this was included). So if you want to connect to the Console of your virtual machines, you need to manually install the Remote Console first. The latest version can be downloaded at vmware.com/go/download-vmrc

For more information see the VMware blogpost.

If Royal TS or Royal Server can not locate the VMware.Vim.dll automatically, point them manually to the new location.

 

VMware.PowerCLI installation via MSI

Versions before 6.5.1 needed to be downloaded first from https://www.vmware.com/ and installed manually.
A good overview of the different versions of PowerCLI can be found here.

 



New Feature: VMware Connection

Since we have had support for managing Hyper-V virtual machines for quite some time, it was only logical that quite some users requested VMware support as well. So here it is!

2017-04-03 13_41_38-ESXi 6.0

 

01_Mac_VMware_Overview

 

Note: This feature requires Royal TS (for Windows) V4 or Royal TSX (for macOS) V3 and Royal Server V2.

 

Prerequisites

Please note that our implementation is based on the VMware PowerCLI software that needs to be installed upfront (except on macOS). If you execute VMware connections over Royal Server, please install PowerCLI on the machine where Royal Server is installed. If you execute VMware connections directly from Royal TS (for Windows) you need to install it on the machine where Royal TS is running. For Royal TSX (for macOS) no additional software is required. We support all versions from 5.5 Update 2 and newer.

If you do not have it installed, you will see the following error message:

2017-04-03 11_18_41-VMware.Vim.dll Not Found

By default, VMware PowerCLI is installed at C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\.

Royal TS and Royal Server try to locate it automatically. If the automatic detection fails, please specify the location manually.

 

For Royal TS, click on the VIEW ribbon tab and select Plugins. Select the VMware plugin and click on Settings.

2017-04-03 11_19_22-Plugin Settings

For Royal Server click on the Royal Server navigation, click on Modules, select the VMware module and click on Settings… 

2017-04-03 11_27_37-VMware Module Settings

 

Use Cases

Our VMware support includes the following actions:

  • List all virtual machines hosted in an ESXi or vCenter environment with Name, State, Provisioned Space, Host Memory, Guest Memory, Guest IP Address, VNC enabled and Data Center
  • Extended information for virtual machines like Host Agent Update Level, Maximum CPU and Memory Usage, Private Memory, Number of Snapshots, Tools Version
  • Management of virtual machines: Power On, Power Off, Suspend, Reset, Shutdown, Restart
  • Connect to virtual machines via Ad Hoc RDP, VMware Instance (Console), VMware Instance (VNC) or VMware Host (SSH)

 

Creating a VMware Connection

Creating a VMware connection is simple:

In Royal TS (for Windows) click on Add in the context menu or the Ribbon and select More… Locate the VMware connection and click Next.
In Royal TSX (for macOS) option/right-click a folder and select AddVMware.

02_Mac_VMware_Add

Enter a Display Name and Computer Name (as usual, this can be a list of computers):

2017-04-03 13_28_54-Add VMware Management

03_Mac_VMware_NewConnection

The Computer Name in this case is the IP or name of the host where VMware is running. Do not enter http/https or any URL. The default port is 443 (and not 9443 as you might think)

Additionally specify the needed credentials for the ESXi or vCenter host.

 

You can use a Royal Server installation for the connection or use Direct Connect if possible.

2017-04-03 13_29_12-Add VMware Management

2017-04-03 13_29_23-Add VMware Management

04_Mac_VMware_RoyalServer

05_Mac_VMware_DirectConnect

 

Configure the VMware Connection

You can configure what information is shown in the virtual machine list via the Column Chooser which can be found either via the Settings icon in the toolbar (on Windows only) or by right-clicking on the column header of the virtual machine list.

2017-04-03 13_15_28-Royal TS

2017-04-03 13_16_09-Dev Environment (bp) - ESXi 6.0 - Royal TS

06_Mac_VMware_Columns

 

Managing the virtual machines

Just listing the registered virtual machines would be pretty boring so Royal TS/X enables you to change the state of them as well:

2017-04-03 13_22_32-Dev Environment (bp) style=

style="max-width:

 

Connecting to virtual machines in VMware ESXi or vCenter

The following options to connect to the powered on virtual machines are available:

  • VMware Instance (Console): connects to the console of the VM. Please note that this option requires VMware Remote Console (or, alternatively VMware Fusion on the Mac) to be installed.
  • VMware Instance (VNC): If you have enabled VNC in the virtual machine, you can directly connect to it via this option (Only available on Windows)
  • VMware Host (SSH): you can directly connect to the host via SSH (Only available on Windows)

 

 

Working with ESXi / vCenter in Royal TSi (for iOS)

This works the exact same way with Royal TSi (for iOS) as well if using Royal Server:

You have the same options to work with the virtual machines on iOS:



New Features in our Chrome based Web Page Connection

With Royal TS 4.1 for Windows, we’re introducing a couple of new features for web page connections which are based on our Chrome plugin. We also updated our documentation to reflect all those changes here.

When you open the connection properties, you will notice a new settings page in the navigation area:

engine-01

By default, all Chrome based web page connection tabs in Royal TS share one single engine (session) which is the same for all tabs. So if you log on to a web site and open a second connection in Royal TS to the same web site, you are already logged in because you share the same session.

Check the “Use Dedicated Engine” to let Royal TS create a dedicated/isolated engine for the web page connection tab. You may now ask yourself, what do I gain from having a dedicated engine?

Well, there are several benefits:

  • You have fine grained control over a lot of script, security and plugin related settings
  • You can specify additional plugin directories
  • You can configure the web page connection to use a proxy server
  • You can override CSS, disable the GPU or the spell checker

And the best of all, with the dedicated engine, you can have multiple tabs of Chrome browsers in Royal TS with different settings and an isolated session. This means that you can have browser tabs with different proxy configurations or you can have multiple browser tabs open to the same site/app with different credentials (sessions). Royal TS will consume more memory for each dedicated engine, so it’s wise to use the feature only when necessary.

Another very important improvement is the support for Secure Gateway as SOCKS proxy. If you are familiar with local/dynamic port forwarding, you are maybe aware that you can use an SSH based tunnel as a SOCKS5 proxy. We also made it super easy for you to configure:

engine-02

On the Proxy tab, simply select “Use Secure Gateway as proxy server” and configure the Secure Gateway (your Royal Server or SSH server to handle your tunnel). Also, if you just configure the Secure Gateway, Royal TS assumes that you want to use that as your proxy server and will take care of the engine settings.

That’s it for now. Stay tuned for some more blog posts about new features in Royal TS/X.



Configuring Royal Server for high availability

Since Royal Server acts as a gateway for managing servers and tunneling secure connections it plays a vital role in the IT infrastructure.

Now a logical question is: how can I configure Royal Server for high availability?

There are a couple of options you can achieve this:

1) Loadbalancing Royal Server

If you have a hardware loadbalancer you can use it to split the load on two or more installations of Royal Server. This scenario also helps you on upgrading Royal Server installations at runtime without going offline.

Royal Server is stateless which means that you can use a classic round robin strategy with no sticky sessions required. Be aware though that the configuration of Royal Server is kept locally to the server, so you need to make sure that the installations are configured the same. Most of the configuration is pretty static and can be synched via a PowerShell script very easily. Keep in mind that the local Windows groups “Royal Server Users”, “Royal Server Gateway Users” and “Royal Server Administrators” are important for Royal Server. So its best to define these groups in your Active Directory, add the appropriate users there and then add the AD group to the local Windows group.

Additionally make sure, you install the same certificates on all Royal Server installations, otherwise Royal TS is showing a warning if the fingerprint changes (when you hit another box behind the loadbalancer) all the time.

2) Automatic failover from the client to a standby installation

If you do not have a hardware loadbalancer, you can configure Royal TS/X to automatically failover from one Royal Server to another if the first is not answering. Simply configure two Computer Names separated with a semicolon:

2017-02-02 22_20_07-Dev Environment - 127.0.0.1 - Royal TS

After hitting a timeout from the first  Royal Server, Royal TS automatically tries the second, then the third and so on.

3) Manual failover from the client to a standby installation

You can always easily reconfigure your Royal Server object to use another installation when you get a problem with one installation. Use our bulk edit feature to configure this on multiple objects with one click if needed.

And what about a real cluster?

At the moment, we do not have a plan to implement a real cluster where you have nodes that know of each other.

Monitoring Royal Server

Royal Server is technically a Windows Service which can be monitored easily. If its stopped, you have a problem. Additionally since Royal Server basically is a web server, you also can check if it listenes on the configured port. By default it logs in the Windows Event Log, but you can also configure a file log and process this log in your monitoring infrastructure (e.g. Splunk).

Which licenses do I need for these installation options?

Starting from Royal Server V2 we do not license by installation anymore. With the exception of the Personal License you can have as many installations as you need in your environment (for the Site License the users that use the installations have to be in one site/office)