ADC CLI Commands

ica-accessprofile

The following operations can be performed on “ica-accessprofile”:

set show unset rm add

set ica accessprofile

This command modifies the specified parameters of the specified ica accessprofile.

Synopsis

set ica accessprofile \[-ConnectClientLPTPorts \( DEFAULT | DISABLED )] \[-ClientAudioRedirection \( DEFAULT | DISABLED )] \[-LocalRemoteDataSharing \( DEFAULT | DISABLED )] \[-ClientClipboardRedirection \( DEFAULT | DISABLED )] \[-ClientCOMPortRedirection \( DEFAULT | DISABLED )] \[-ClientDriveRedirection \( DEFAULT | DISABLED )] \[-ClientPrinterRedirection \( DEFAULT | DISABLED )] \[-Multistream \( DEFAULT | DISABLED )] \[-ClientUSBDriveRedirection \( DEFAULT | DISABLED )] \[-ClientTWAINDeviceRedirection \( DEFAULT | DISABLED )] \[-WIARedirection \( DEFAULT | DISABLED )] \[-DragAndDrop \( DEFAULT | DISABLED )] \[-SmartCardRedirection \( DEFAULT | DISABLED )] \[-FIDO2Redirection \( DEFAULT | DISABLED )]

Arguments

name Name of the profile that you want to modify.

ConnectClientLPTPorts Allow Default access/Disable automatic connection of LPT ports from the client when the user logs on

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientAudioRedirection Allow Default access/Disable applications hosted on the server to play sounds through a sound device installed on the client computer, also allows or prevents users to record audio input

Possible values: DEFAULT, DISABLED Default value: DISABLED

LocalRemoteDataSharing Allow Default access/Disable file/data sharing via the Receiver for HTML5

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientClipboardRedirection Allow Default access/Disable the clipboard on the client device to be mapped to the clipboard on the server

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientCOMPortRedirection Allow Default access/Disable COM port redirection to and from the client

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientDriveRedirection Allow Default access/Disables drive redirection to and from the client

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientPrinterRedirection Allow Default access/Disable client printers to be mapped to a server when a user logs on to a session

Possible values: DEFAULT, DISABLED Default value: DISABLED

Multistream Allow Default access/Disable the multistream feature for the specified users

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientUSBDriveRedirection Allow Default access/Disable the redirection of USB devices to and from the client

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientTWAINDeviceRedirection Allow default access or disable TWAIN devices, such as digital cameras or scanners, on the client device from published image processing applications

Possible values: DEFAULT, DISABLED Default value: DISABLED

WIARedirection Allow default access or disable WIA scanner redirection

Possible values: DEFAULT, DISABLED Default value: DISABLED

DragAndDrop Allow default access or disable drag and drop between client and remote applications and desktops

Possible values: DEFAULT, DISABLED Default value: DISABLED

SmartCardRedirection Allow default access or disable smart card redirection. Smart card virtual channel is always allowed in CVAD

Possible values: DEFAULT, DISABLED Default value: DISABLED

FIDO2Redirection Allow default access or disable FIDO2 redirection

Possible values: DEFAULT, DISABLED Default value: DISABLED

Example

set ica accessprofile profile1 -ClientAudioRedirection DEFAULT

show ica accessprofile

Displays details of the specified ica accessprofile. If no accessprofile is specified, displays a list of ica accessprofiles on the Citrix ADC.

Synopsis

show ica accessprofile []

Arguments

name Name of the ica accessprofile.

Output

stateflag ConnectClientLPTPorts Allow Default access/Disable automatic connection of LPT ports from the client when the user logs on

ClientAudioRedirection Allow Default access/Disable applications hosted on the server to play sounds through a sound device installed on the client computer, also allows or prevents users to record audio input

LocalRemoteDataSharing Allow Default access/Disable file/data sharing via the Receiver for HTML5

ClientClipboardRedirection Allow Default access/Disable the clipboard on the client device to be mapped to the clipboard on the server

ClientCOMPortRedirection Allow Default access/Disable COM port redirection to and from the client

ClientDriveRedirection Allow Default access/Disables drive redirection to and from the client

ClientPrinterRedirection Allow Default access/Disable client printers to be mapped to a server when a user logs on to a session

Multistream Allow Default access/Disable the multistream feature for the specified users

ClientUSBDriveRedirection Allow Default access/Disable the redirection of USB devices to and from the client

ClientTWAINDeviceRedirection Allow default access or disable TWAIN devices, such as digital cameras or scanners, on the client device from published image processing applications

WIARedirection Allow default access or disable WIA scanner redirection

DragAndDrop Allow default access or disable drag and drop between client and remote applications and desktops

SmartCardRedirection Allow default access or disable smart card redirection. Smart card virtual channel is always allowed in CVAD

FIDO2Redirection Allow default access or disable FIDO2 redirection

refCnt Number of entities using this accessprofile

builtin Indicates that the ICA accessprofile is a built-in (SYSTEM INTERNAL) type.

feature The feature to be checked while applying this config

isDefault A value of true is returned if it is a default accessprofile

devno count

Example

sh ica accessprofile profile1

unset ica accessprofile

Use this command to remove ica accessprofile settings.Refer to the set ica accessprofile command for meanings of the arguments.

Synopsis

unset ica accessprofile [-ConnectClientLPTPorts] [-ClientAudioRedirection] [-LocalRemoteDataSharing] [-ClientClipboardRedirection] [-ClientCOMPortRedirection] [-ClientDriveRedirection] [-ClientPrinterRedirection] [-Multistream] [-ClientUSBDriveRedirection] [-ClientTWAINDeviceRedirection] [-WIARedirection] [-DragAndDrop] [-SmartCardRedirection] [-FIDO2Redirection]

rm ica accessprofile

This command removes the specified ica accessprofile.

Synopsis

rm ica accessprofile

Arguments

name Name of the ICA accessprofile.

Example

rm ica accessprofile profile1

add ica accessprofile

This command creates an ica accessprofile that specifies status of the features (DEFAULT/DISABLED).

Synopsis

add ica accessprofile \[-ConnectClientLPTPorts \( DEFAULT | DISABLED )] \[-ClientAudioRedirection \( DEFAULT | DISABLED )] \[-LocalRemoteDataSharing \( DEFAULT | DISABLED )] \[-ClientClipboardRedirection \( DEFAULT | DISABLED )] \[-ClientCOMPortRedirection \( DEFAULT | DISABLED )] \[-ClientDriveRedirection \( DEFAULT | DISABLED )] \[-ClientPrinterRedirection \( DEFAULT | DISABLED )] \[-Multistream \( DEFAULT | DISABLED )] \[-ClientUSBDriveRedirection \( DEFAULT | DISABLED )] \[-ClientTWAINDeviceRedirection \( DEFAULT | DISABLED )] \[-WIARedirection \( DEFAULT | DISABLED )] \[-DragAndDrop \( DEFAULT | DISABLED )] \[-SmartCardRedirection \( DEFAULT | DISABLED )] \[-FIDO2Redirection \( DEFAULT | DISABLED )]

Arguments

name Name for the ICA accessprofile. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after the ICA accessprofile is added.

The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “my ica accessprofile” or ‘my ica accessprofile’).

Each of the features can be configured as DEFAULT/DISABLED. Here, DISABLED means that the policy settings on the backend XenApp/XenDesktop server are overridden and the Citrix ADC makes the decision to deny access. Whereas DEFAULT means that the Citrix ADC allows the request to reach the XenApp/XenDesktop that takes the decision to allow/deny access based on the policy configured on it. For example, if ClientAudioRedirection is enabled on the backend XenApp/XenDesktop server, and the configured profile has ClientAudioRedirection as DISABLED, the Citrix ADC makes the decision to deny the request irrespective of the configuration on the backend. If the configured profile has ClientAudioRedirection as DEFAULT, then the Citrix ADC forwards the requests to the backend XenApp/XenDesktop server.It then makes the decision to allow/deny access based on the policy configured on it.

ConnectClientLPTPorts Allow Default access/Disable automatic connection of LPT ports from the client when the user logs on

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientAudioRedirection Allow Default access/Disable applications hosted on the server to play sounds through a sound device installed on the client computer, also allows or prevents users to record audio input

Possible values: DEFAULT, DISABLED Default value: DISABLED

LocalRemoteDataSharing Allow Default access/Disable file/data sharing via the Receiver for HTML5

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientClipboardRedirection Allow Default access/Disable the clipboard on the client device to be mapped to the clipboard on the server

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientCOMPortRedirection Allow Default access/Disable COM port redirection to and from the client

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientDriveRedirection Allow Default access/Disables drive redirection to and from the client

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientPrinterRedirection Allow Default access/Disable client printers to be mapped to a server when a user logs on to a session

Possible values: DEFAULT, DISABLED Default value: DISABLED

Multistream Allow Default access/Disable the multistream feature for the specified users

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientUSBDriveRedirection Allow Default access/Disable the redirection of USB devices to and from the client

Possible values: DEFAULT, DISABLED Default value: DISABLED

ClientTWAINDeviceRedirection Allow default access or disable TWAIN devices, such as digital cameras or scanners, on the client device from published image processing applications

Possible values: DEFAULT, DISABLED Default value: DISABLED

WIARedirection Allow default access or disable WIA scanner redirection

Possible values: DEFAULT, DISABLED Default value: DISABLED

DragAndDrop Allow default access or disable drag and drop between client and remote applications and desktops

Possible values: DEFAULT, DISABLED Default value: DISABLED

SmartCardRedirection Allow default access or disable smart card redirection. Smart card virtual channel is always allowed in CVAD

Possible values: DEFAULT, DISABLED Default value: DISABLED

FIDO2Redirection Allow default access or disable FIDO2 redirection

Possible values: DEFAULT, DISABLED Default value: DISABLED

Example

add ica accessprofile profile1 -ClientAudioRedirection DISABLED

ica-accessprofile