win_rds_cap – Manage Connection Authorization Policies (CAP) on a Remote Desktop Gateway server
win_rds_cap – Manage Connection Authorization Policies (CAP) on a Remote Desktop Gateway server
Synopsis
- Creates, removes and configures a Remote Desktop connection authorization policy (RD CAP).
- A RD CAP allows you to specify the users who can connect to a Remote Desktop Gateway server.
Requirements
The below requirements are needed on the host that executes this module.
- Windows Server 2008R2 (6.1) or higher.
- The Windows Feature “RDS-Gateway” must be enabled.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
allow_only_sdrts_servers boolean |
|
Specifies whether connections are allowed only to Remote Desktop Session Host servers that enforce Remote Desktop Gateway redirection policy. |
auth_method string |
|
Specifies how the RD Gateway server authenticates users. When a new CAP is created, the default value is |
computer_groups list |
A list of computer groups that is allowed to connect to the Remote Gateway server. | |
idle_timeout integer |
Specifies the time interval, in minutes, after which an idle session is disconnected. A value of zero disables idle timeout. | |
name string / required |
Name of the connection authorization policy. | |
order integer |
Evaluation order of the policy. The CAP in which order is set to a value of '1' is evaluated first. By default, a newly created CAP will take the first position. If the given value exceed the total number of existing policies, the policy will take the last position but the evaluation order will be capped to this number. | |
redirect_clipboard boolean |
|
Allow clipboard redirection. |
redirect_drives boolean |
|
Allow disk drive redirection. |
redirect_pnp boolean |
|
Allow Plug and Play devices redirection. |
redirect_printers boolean |
|
Allow printers redirection. |
redirect_serial boolean |
|
Allow serial port redirection. |
session_timeout integer |
The maximum time, in minutes, that a session can be idle. A value of zero disables session timeout. | |
session_timeout_action string |
|
The action the server takes when a session times out.
|
state string |
|
The state of connection authorization policy. If If If If |
user_groups list |
A list of user groups that is allowed to connect to the Remote Gateway server. Required when a new CAP is created. |
See Also
See also
- win_rds_cap – Manage Connection Authorization Policies (CAP) on a Remote Desktop Gateway server
- The official documentation on the win_rds_cap module.
- win_rds_rap – Manage Resource Authorization Policies (RAP) on a Remote Desktop Gateway server
- The official documentation on the win_rds_rap module.
- win_rds_settings – Manage main settings of a Remote Desktop Gateway server
- The official documentation on the win_rds_settings module.
Examples
- name: Create a new RDS CAP with a 30 minutes timeout and clipboard redirection enabled
win_rds_cap:
name: My CAP
user_groups:
- BUILTIN\users
session_timeout: 30
session_timeout_action: disconnect
allow_only_sdrts_servers: yes
redirect_clipboard: yes
redirect_drives: no
redirect_printers: no
redirect_serial: no
redirect_pnp: no
state: enabled
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Kevin Subileau (@ksubileau)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/win_rds_cap_module.html