As part of the Microsoft Software Assurance package, subscribers had the option to download and implement Windows Thin PC (WinTPC) as a replacement end-point desktop operating system which provided a platform for accessing RDSH and VDI desktops. This has been available since July 2012, and is to all intents and purposes a copy of Windows Embedded Standard 7 (WES7) that is available to non-OEM’s.
WinTPC behaves in an almost identical way to WES7, it includes the Enhanced Write Filter (EWF) and the File Based Write Filter (FBWF) to lock the configuration once deployed. It has RemoteFX support as well as BitLocker and AppLocker, and through its licensing options allows the running of the Microsoft Remote Desktop Client as well as third party clients from Citrix, VMware etc. It also cannot be used to run productivity applications (Word, Excel etc) from its local disk, in the same way that they cannot be run from the Windows Embedded Family. So, it appears to offer many of the benefits of WES, but with no additional costs.
An even more compelling aspect to WinTPC that sets it above its WES7 stablemate, is the VDA license requirement. WES7 is not recognised by the Microsoft Software Assurance package as a qualifying operating system. This excludes it from a vital license for VDI deployments, the VDA license. This groups WES7 (and WE8S for that matter) in with Linux based devices (thin clients) Zero Clients, Macs, Chrome Books, iPads and smart phones in having to annually purchase this subscription. As the only way that you can obtain WinTPC is through the Software Assurance program, you immediately benefit from not having to purchase the VDA each year.
Sounds too good to be true. So why has it not been universally adopted as a de facto thin client operating system in the corporate sector? In all honesty, acquiring any metrics on how many deployments of WinTPC is very difficult so actual numbers are hard to establish. The biggest stumbling block for its popular deployment comes from a lack of third party support, specifically management. Microsoft provide documentation on how to deploy and configure by using SCCM to manage and maintain the OS, but this assumes that SCCM is in use throughout the Software Assurance world. Third party management products have long had a poor reputation for controlling the Write Filter, and thin client vendors sell devices with the Embedded products, so why would they offer management to a product which is a free competitor?
All sufficient reasons to avoid this free solution.
However, the product has been deployed, and is still in use today. Its low cost and ease of deployment are often compelling enough to deploy and then forget. Who needs to manage these endpoints? Well ask this question to an Admin which looks after a dedicated thin client estate and the reasons and answers are plentiful as to why end-point management is crucial.
This article is not to point score over the benefits of each approach. Quite the opposite in fact. Praim have been advocating an approach to end-point management that will address the issue that has been absent from WinTPC, a low cost, powerful and versatile management option which will provide the components that are missing to the WinTPC estate.
Praim Agile4PC in conjunction with Praim ThinMan will provide Write Filter control, remote access, software deployment, and device and user profiling for remote access connectivity. Agile4PC also can provide an alternative shell for simple access control to the virtual services that are being accessed from WinTPC. Also as an option, two factor authentication with smart cards can also be added with the use of Praim ThinMan Smart Identity.
WinTPC might be in the twilight years of its lifecycle, but adding Agile4PC to the end-point will rejuvenate the solution, and as Agile4PC is included in the Praim Windows based family will provide a migration path to Windows 10 IoT as the end-point going forwards.