Policy Rules & Rule sets

The Lens Portal uses rules to map user sessions to policies. This allows administrators to assign policies to users dynamically based on:

The user that is connecting
The pool the user is connecting to
The workstation the user is connecting to

You can combine rules into a ruleset, allowing for reusable groups of rules that can be used with multiple policies. Multiple rulesets can be associated with a policy too.

Rules

Attributes

The Lens portal provides administrators with many different attributes that they can assign policies based on.

Category	Attribute name	Description
User	`User Group`	A group that the connecting user is in
User	`User Name`	The user name of the connecting user
User	`LDAP Domain`	The AD/LDAP domain the connecting user is part of
Pool	`Pool Name`	The name of the pool the user is connecting to
Pool	`Pool Display Name`	The display name of the pool the user is connecting to
Workstation	`Workstation/Instance ID`	The ID of the workstation that the user is connecting to
Workstation	`Workstation/Instance Name`	The name of the workstation that the user is connecting to

Comparators

Comparators tell the policy engine how to evaluate the attribute values, and whether the policy should be assigned to the user. Different attributes have different comparators.

Category	Attribute name	Attribute type	Supported comparators
User	`User Group`	List	Normal: `Is in`, `Is not in`
User	`User Name`	String	Normal: `Equal to`, `Not equal to`, `Starts with`, `Ends with` Advanced: `Regex: Match`, `Regex: No match`, `Regex search: Found`, `Regex search: Not found`
User	`LDAP Domain`	String	Normal: `Equal to`, `Not equal to`, `Starts with`, `Ends with` Advanced: `Regex: Match`, `Regex: No match`, `Regex search: Found`, `Regex search: Not found`
Pool	`Pool Name`	String	Normal: `Equal to`, `Not equal to`, `Starts with`, `Ends with` Advanced: `Regex: Match`, `Regex: No match`, `Regex search: Found`, `Regex search: Not found`
Pool	`Pool Display Name`	String	`Normal: Equal to, Not equal to, Starts with, Ends with` `Advanced: Regex: Match, Regex: No match, Regex search: Found, Regex search: Not found`
Workstation	`Workstation/Instance ID`	String	Normal: `Equal to`, `Not equal to`, `Starts with`, `Ends with` Advanced: `Regex: Match`, `Regex: No match`, `Regex search: Found`, `Regex search: Not found`
Workstation	`Workstation/Instance Name`	String	`Normal: Equal to, Not equal to, Starts with, Ends with` `Advanced: Regex: Match, Regex: No match, Regex search: Found, Regex search: Not found`

Value

This is the value that you want to be checked against the workstation’s value.

Case-sensitivity

By default, the rules are case-insensitive. For example, Edit and EdIT would be treated as the same.
You can set case sensitivity on a rule-by-rule basis.