New in version 2.8.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
allow_only_sdrts_servers
boolean
|
|
Specifies whether connections are allowed only to Remote Desktop Session Host servers that enforce Remote Desktop Gateway redirection policy.
|
auth_method
string
|
|
Specifies how the RD Gateway server authenticates users.
When a new CAP is created, the default value is
password . |
computer_groups
list
|
A list of computer groups that is allowed to connect to the Remote Gateway server.
|
|
idle_timeout
integer
|
Specifies the time interval, in minutes, after which an idle session is disconnected.
A value of zero disables idle timeout.
|
|
name
string
/ required
|
Name of the connection authorization policy.
|
|
order
integer
|
Evaluation order of the policy.
The CAP in which order is set to a value of '1' is evaluated first.
By default, a newly created CAP will take the first position.
If the given value exceed the total number of existing policies, the policy will take the last position but the evaluation order will be capped to this number.
|
|
redirect_clipboard
boolean
|
|
Allow clipboard redirection.
|
redirect_drives
boolean
|
|
Allow disk drive redirection.
|
redirect_pnp
boolean
|
|
Allow Plug and Play devices redirection.
|
redirect_printers
boolean
|
|
Allow printers redirection.
|
redirect_serial
boolean
|
|
Allow serial port redirection.
|
session_timeout
integer
|
The maximum time, in minutes, that a session can be idle.
A value of zero disables session timeout.
|
|
session_timeout_action
string
|
|
The action the server takes when a session times out.
disconnect : disconnect the session.reauth : silently reauthenticate and reauthorize the session. |
state
string
|
|
The state of connection authorization policy.
If
absent will ensure the policy is removed.If
present will ensure the policy is configured and exists.If
enabled will ensure the policy is configured, exists and enabled.If
disabled will ensure the policy is configured, exists, but disabled. |
user_groups
list
|
A list of user groups that is allowed to connect to the Remote Gateway server.
Required when a new CAP is created.
|
See also
- name: Create a new RDS CAP with a 30 minutes timeout and clipboard redirection enabled
win_rds_cap:
name: My CAP
user_groups:
- BUILTIN\users
session_timeout: 30
session_timeout_action: disconnect
allow_only_sdrts_servers: yes
redirect_clipboard: yes
redirect_drives: no
redirect_printers: no
redirect_serial: no
redirect_pnp: no
state: enabled
Hint
If you notice any issues in this documentation you can edit this document to improve it.