-
Understanding the Citrix Virtual Apps and Desktops Administration Model
-
-
-
-
-
New-BrokerEntitlementPolicyRule
-
-
-
-
-
-
-
-
-
-
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
New-BrokerEntitlementPolicyRule
Creates a new desktop rule in the site’s entitlement policy.
Syntax
New-BrokerEntitlementPolicyRule
[-ColorDepth <ColorDepth>]
[-Description <String>]
-DesktopGroupUid <Int32>
[-Enabled <Boolean>]
[-ExcludedUserFilterEnabled <Boolean>]
[-ExcludedUsers <User[]>]
[-IconUid <Int32>]
[-IncludedUserFilterEnabled <Boolean>]
[-IncludedUsers <User[]>]
[-LeasingBehavior <LeasingBehavior>]
[-MaxPerEntitlementInstances <Int32>]
[-Name] <String>
[-PublishedName <String>]
[-RestrictToTag <String>]
[-SecureIcaRequired <Boolean>]
[-SessionReconnection <SessionReconnection>]
[-UUID <Guid>]
[-LoggingId <Guid>]
[<CitrixCommonParameters>]
[<CommonParameters>]
<!--NeedCopy-->
Description
The New-BrokerEntitlementPolicyRule cmdlet adds a new desktop rule to the site’s entitlement policy.
A desktop rule in the entitlement policy defines the users who are allowed per-session access to a machine from the rule’s associated desktop group to run a full desktop session.
The following constraints apply when creating a desktop entitlement rule for a desktop group:
- The group’s desktop kind must be Shared
- The group’s delivery type must be DesktopsOnly or DesktopsAndApps
When a user selects a desktop entitlement published from a shared group, a machine is selected from the group on which to run the desktop session. No permanent association exists between the user and the selected machine; once the session ends the association also ends.
Multiple desktop rules in the entitlement policy can apply to the same desktop group. Where a user is granted an entitlement by more than one rule for the same group, they can use as many desktop sessions at the same time as they have entitlements.
Examples
EXAMPLE 1
Creates an desktop rule in the entitlement policy that entitles all members of the SUPPORT\uk-staff group to a desktop session from the Customer Support desktop group. The desktop entitlement name seen by users is Support Desktop.
$dg = Get-BrokerDesktopGroup 'Customer Support'
New-BrokerEntitlementPolicyRule 'UK Office' -DesktopGroupUid $dg.Uid -IncludedUsers support\uk-staff -PublishedName 'Support Desktop'
<!--NeedCopy-->
Parameters
-Name
Specifies the administrative name of the new desktop rule. Each rule in the site’s entitlement policy must have a unique name (irrespective of whether they are desktop or application rules).
| Type: | String |
| Position: | 2 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | True |
| Length range: | 1 to 64 |
| Disallowed characters: |
/;:#.*?=<>\|[]()"'`\ and all ASCII control characters |
-DesktopGroupUid
Specifies the unique ID of the desktop group to which the new desktop rule applies.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-ColorDepth
Specifies the color depth of any desktop sessions launched by a user from this entitlement.
Valid values are $null, FourBit, EightBit, SixteenBit, and TwentyFourBit.
The default null value indicates that the equivalent setting from the rule’s desktop group is used.
| Type: | ColorDepth |
| Position: | Named |
| Default value: | Null (dynamically inherited from the desktop group) |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-Description
Specifies an optional description of the new desktop rule. The text may be visible to the end user, for example, as a tooltip associated with the desktop entitlement.
The default null value indicates that the equivalent setting from the rule’s desktop group is used.
| Type: | String |
| Position: | Named |
| Default value: | Null (dynamically inherited from the desktop group) |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | True |
| Disallowed characters: | All ASCII control characters |
-Enabled
Specifies whether the new desktop rule is initially enabled. A disabled rule is ignored when evaluating the site’s entitlement policy.
| Type: | Boolean |
| Position: | Named |
| Default value: | True |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-ExcludedUserFilterEnabled
Specifies whether the excluded users filter is initially enabled. If the filter is disabled then any user entries in the filter are ignored when entitlement policy rules are evaluated.
| Type: | Boolean |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-ExcludedUsers
Specifies the excluded users filter of the desktop rule, that is, the users and groups who are explicitly denied an entitlement to a desktop session from the new rule.
This can be used to exclude users or groups who would otherwise gain access by groups specified in the included users filter.
| Type: | User[] |
| Position: | Named |
| Default value: | (empty list) |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-IconUid
Specifies the unique ID of the icon used to display the desktop session entitlement to the user.
The default null value indicates that the equivalent setting from the rule’s desktop group is used.
| Type: | Int32 |
| Position: | Named |
| Default value: | Null (dynamically inherited from the desktop group) |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-IncludedUserFilterEnabled
Specifies whether the included users filter is initially enabled. If the filter is disabled then any user who satisfies the requirements of the access policy is implicitly granted an entitlement to a desktop session by the new rule.
Users who would be implicitly granted access when the filter is disabled can still be explicitly denied access using the excluded users filter.
| Type: | Boolean |
| Position: | Named |
| Default value: | True |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-IncludedUsers
Specifies the included users filter of the rule, that is, the users and groups who are granted an entitlement to a desktop session by the new rule.
If a user appears explicitly in the excluded users filter of the rule or is a member of a group that appears in the excluded users filter, no entitlement is granted whether or not the user appears in the included users filter.
| Type: | User[] |
| Position: | Named |
| Default value: | (empty list) |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-LeasingBehavior
Defines the desired connection leasing behavior applied to sessions launched using this entitlement. Possible values are:
Allowed and Disallowed.
The Allowed value indicates that connection leasing should behave normally. The Disallowed value prevents users
from launching or reconnecting to sessions using this entitlement while connection leasing is active (typically during a database outage).
| Type: | LeasingBehavior |
| Accepted values: | Allowed, Disallowed |
| Position: | Named |
| Default value: | Allowed |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-MaxPerEntitlementInstances
Maximum allowed concurrently running instances of the desktop associated with this entitlement in the site . A value of zero allows unlimited usage.
| Type: | Int32 |
| Position: | Named |
| Default value: | 0 |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-PublishedName
The name of the new desktop session entitlement as seen by the user.
The default null value indicates that the equivalent setting from the rule’s desktop group is used.
| Type: | String |
| Position: | Named |
| Default value: | Null (dynamically inherited from the desktop group) |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | True |
| Disallowed characters: |
/;:#.*?=<>\|[]()"'\ and all ASCII control characters |
-RestrictToTag
Optional tag that may be used further to restrict which machines may be made accessible to a user by an entitlement policy rule. A machine may be made accessible by an entitlement policy rule only if either the rule has no tag restriction or the rule does have a tag restriction and the machine is tagged with the same tag.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | True |
| Disallowed characters: |
/;:#.*?=<>\|[]()"'`\ and all ASCII control characters |
-SecureIcaRequired
Specifies whether the new desktop rule requires the SecureICA protocol for desktop sessions launched using the entitlement.
The default null value indicates that the equivalent setting from the rule’s desktop group is used.
| Type: | Boolean |
| Position: | Named |
| Default value: | Null (dynamically inherited from the desktop group) |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-SessionReconnection
Defines reconnection (roaming) behavior for sessions launched using this rule. Possible values are:
Always, DisconnectedOnly, and SameEndpointOnly.
| Type: | SessionReconnection |
| Accepted values: | Always, DisconnectedOnly, SameEndpointOnly |
| Position: | Named |
| Default value: | Always |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-UUID
An optional GUID for this rule.
| Type: | Guid |
| Position: | Named |
| Default value: | A new GUID is generated if none is supplied. |
| Required: | False |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
-LoggingId
Specifies the identifier of the high level operation that this cmdlet call forms a part of. Desktop Studio and Desktop Director typically create High Level Operations. PowerShell scripts can also wrap a series of cmdlet calls in a High Level Operation by way of the Start-LogHighLevelOperation and Stop-LogHighLevelOperation cmdlets.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
CitrixCommonParameters
This cmdlet supports the common Citrix parameters: -AdminAddress, -AdminClientIP, -BearerToken, -TraceParent, -TraceState and -VirtualSiteId. For more information, see about_CitrixCommonParameters.
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None
You cannot pipe input into this cmdlet.
Outputs
Citrix.Broker.Admin.SDK.EntitlementPolicyRule
New-BrokerEntitlementPolicyRule returns the newly created desktop rule in the entitlement policy.
Related Links
Share
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.