Gateway

Populate RDP URLs based on LDAP attribute

You can configure a Citrix Gateway appliance to retrieve a list of RDP servers (IP/FQDN) from an LDAP server attribute. Based on the retrieved list, the appliance displays the RDP URLs for the servers that can be accessed by a user.

To populate RDP URLs based on the LDAP attribute by using the CLI

At the command prompt, type:

add rdpclientprofile <Name> –rdpUrlLinkAttribute <string>

add rdpclientprofile clientProfileName –rdpUrlLinkAttribute rdpServerAttribute

<!--NeedCopy-->

In the previous example, rdpServerAttribute corresponds to the RDP server details for a given user on the LDAP server.

Note: To fetch the LDAP attribute details from the LDAP server, the LDAP action must be configured with the same string that is configured with pUrlLinkAttribute as follows.

add authentication ldapAction dnpg_ldap -serverIP <IP address>-ldapBase <"domain name"> -ldapBindDn <username> -ldapLoginName sAMAccountName -ldapbindDnpassword <password>

add authentication ldapAction dnpg_ldap -serverIP 10.102.39.101 -ldapBase "dc=dnpg-blr,dc=com" -ldapBindDn sqladmin@dnpg-blr.com -ldapLoginName sAMAccountName -ldapbindDnpassword xxxx

add authentication ldapPolicy dnpg_ldap_pol ns_true dnpg_ldap

bind vpn vs vserver<name> -pol dnpg_ldap_pol

set ldapaction dnpg_ldap -attributes "rdpServerAttribute"

set rdpclientprofile ldap -rdpLinkAttribute rdpServerAttribute
<!--NeedCopy-->

LDAP server configuration

On the LDAP server, perform the following steps:

  1. Navigate to a particular User.
  2. In AD users and computers, click View, and click Detail.
  3. Right-click user name and click Attribute Editor.
  4. Change the required attribute (displayName) value and click OK.

To populate RDP URLs based on the LDAP attribute by using the GUI

  1. Navigate to Citrix Gateway > Policies > RDP.
  2. On the RDP Profiles and Connections page, click the Client Profiles tab and select the client profile where you want to configure the RDP link attribute.
  3. In the Configure RDP Client Profile page, in RDP Link Attribute, enter the LDAP attribute name.

    Note: The LDAP attribute value can be a comma separated list.

Populate RDP URLs based on LDAP attribute