You can use
exclusion filters through the SDK.
In this example,
there is a teaching lab on a subnet within the corporate network, and you want
to prevent any access from that lab to a certain Delivery Group regardless of
who is using the machines in the lab. To do so, enter the following SDK
Note: You can also
use the asterisk (*) as a wildcard to match all tags that start with the same
policy expression. For example, if you added the tag
VPDesktops_Direct to one machine and
VPDesktops_Test to another, setting the tag in the
Set-BrokerAccessPolicy script to
VPDesktops_* applies the filter to both machines.
About the XenApp and XenDesktop SDK
for more information about using the SDK.