ansible / ansible.builtin / v2.9.18 / module / win_rds_cap Manage Connection Authorization Policies (CAP) on a Remote Desktop Gateway server | "added in version" 2.8 of ansible.builtin" Authors: Kevin Subileau (@ksubileau) preview | supported by communityansible.builtin.win_rds_cap (v2.9.18) — module
pip
Install with pip install ansible==2.9.18
Creates, removes and configures a Remote Desktop connection authorization policy (RD CAP).
A RD CAP allows you to specify the users who can connect to a Remote Desktop Gateway server.
- name: Create a new RDS CAP with a 30 minutes timeout and clipboard redirection enabled win_rds_cap: name: My CAP user_groups: - BUILTIN\users session_timeout: 30 session_timeout_action: disconnect allow_only_sdrts_servers: yes redirect_clipboard: yes redirect_drives: no redirect_printers: no redirect_serial: no redirect_pnp: no state: enabled
name: description: - Name of the connection authorization policy. required: true type: str order: description: - Evaluation order of the policy. - The CAP in which I(order) is set to a value of '1' is evaluated first. - By default, a newly created CAP will take the first position. - If the given value exceed the total number of existing policies, the policy will take the last position but the evaluation order will be capped to this number. type: int state: choices: - absent - enabled - disabled - present default: present description: - The state of connection authorization policy. - If C(absent) will ensure the policy is removed. - If C(present) will ensure the policy is configured and exists. - If C(enabled) will ensure the policy is configured, exists and enabled. - If C(disabled) will ensure the policy is configured, exists, but disabled. type: str auth_method: choices: - both - none - password - smartcard description: - Specifies how the RD Gateway server authenticates users. - When a new CAP is created, the default value is C(password). type: str user_groups: description: - A list of user groups that is allowed to connect to the Remote Gateway server. - Required when a new CAP is created. type: list idle_timeout: description: - Specifies the time interval, in minutes, after which an idle session is disconnected. - A value of zero disables idle timeout. type: int redirect_pnp: description: - Allow Plug and Play devices redirection. type: bool computer_groups: description: - A list of computer groups that is allowed to connect to the Remote Gateway server. type: list redirect_drives: description: - Allow disk drive redirection. type: bool redirect_serial: description: - Allow serial port redirection. type: bool session_timeout: description: - The maximum time, in minutes, that a session can be idle. - A value of zero disables session timeout. type: int redirect_printers: description: - Allow printers redirection. type: bool redirect_clipboard: description: - Allow clipboard redirection. type: bool session_timeout_action: choices: - disconnect - reauth default: disconnect description: - The action the server takes when a session times out. - 'C(disconnect): disconnect the session.' - 'C(reauth): silently reauthenticate and reauthorize the session.' type: str allow_only_sdrts_servers: description: - Specifies whether connections are allowed only to Remote Desktop Session Host servers that enforce Remote Desktop Gateway redirection policy. type: bool