Policy Rules & Rule sets
The Lens Portal uses rules to map user sessions to policies. This allows administrators to assign policies to users dynamically based on:
The user that is connecting
The pool the user is connecting to
The workstation the user is connecting to
You can combine rules into a ruleset, allowing for reusable groups of rules that can be used with multiple policies. Multiple rulesets can be associated with a policy too.
Rules
Attributes
The Lens portal provides administrators with many different attributes that they can assign policies based on.
Category | Attribute name | Description |
---|---|---|
User |
| A group that the connecting user is in |
User |
| The user name of the connecting user |
User |
| The AD/LDAP domain the connecting user is part of |
Pool |
| The name of the pool the user is connecting to |
Pool |
| The display name of the pool the user is connecting to |
Workstation |
| The ID of the workstation that the user is connecting to |
Workstation |
| The name of the workstation that the user is connecting to |
Comparators
Comparators tell the policy engine how to evaluate the attribute values, and whether the policy should be assigned to the user. Different attributes have different comparators.
Category | Attribute name | Attribute type | Supported comparators |
---|---|---|---|
User |
| List | Normal: |
User |
| String | Normal: Advanced: |
User |
| String | Normal: Advanced: |
Pool |
| String | Normal: Advanced: |
Pool |
| String |
|
Workstation |
| String | Normal: Advanced: |
Workstation |
| String |
|
Value
This is the value that you want to be checked against the workstation’s value.
Case-sensitivity
By default, the rules are case-insensitive. For example, Edit
and EdIT
would be treated as the same.
You can set case sensitivity on a rule-by-rule basis.