Docs4dev
Docs
ansible / latest / collections / community / windows / win_rds_rap_module.html

community.windows.win_rds_rap – Manage Resource Authorization Policies (RAP) on a Remote Desktop Gateway server

Note

This plugin is part of the community.windows collection (version 1.7.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.windows.

To use it in a playbook, specify: community.windows.win_rds_rap.

Synopsis

  • Creates, removes and configures a Remote Desktop resource authorization policy (RD RAP).
  • A RD RAP allows you to specify the network resources (computers) that users can connect to remotely through a Remote Desktop Gateway server.

Requirements

The below requirements are needed on the host that executes this module.

  • Windows Server 2008R2 (6.1) or higher.
  • The Windows Feature “RDS-Gateway” must be enabled.

Parameters

Parameter Choices/Defaults Comments
allowed_ports
list / elements=string
List of port numbers through which connections are allowed for this policy.
To allow connections through any port, specify 'any'.
computer_group
string
The computer group name that is associated with this resource authorization policy (RAP).
This is required when computer_group_type is rdg_group or ad_network_resource_group.
computer_group_type
string
    Choices:
  • rdg_group
  • ad_network_resource_group
  • allow_any
The computer group type:
rdg_group: RD Gateway-managed group
ad_network_resource_group: Active Directory Domain Services network resource group
allow_any: Allow users to connect to any network resource.
description
string
Optional description of the resource authorization policy.
name
string / required
Name of the resource authorization policy.
state
string
    Choices:
  • absent
  • disabled
  • enabled
  • present
The state of resource authorization policy.
If absent will ensure the policy is removed.
If present will ensure the policy is configured and exists.
If enabled will ensure the policy is configured, exists and enabled.
If disabled will ensure the policy is configured, exists, but disabled.
user_groups
list / elements=string
List of user groups that are associated with this resource authorization policy (RAP). A user must belong to one of these groups to access the RD Gateway server.
Required when a new RAP is created.

See Also

See also

community.windows.win_rds_cap

The official documentation on the community.windows.win_rds_cap module.

community.windows.win_rds_rap

The official documentation on the community.windows.win_rds_rap module.

community.windows.win_rds_settings

The official documentation on the community.windows.win_rds_settings module.

Examples

- name: Create a new RDS RAP
  community.windows.win_rds_rap:
    name: My RAP
    description: Allow all users to connect to any resource through ports 3389 and 3390
    user_groups:
      - BUILTIN\users
    computer_group_type: allow_any
    allowed_ports:
      - 3389
      - 3390
    state: enabled

Authors

  • Kevin Subileau (@ksubileau)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/windows/win_rds_rap_module.html