Public/Get-CitrixDeliveryGroupUsers.ps1
|
<#
.SYNOPSIS Retrieves user or group names from specified Citrix Delivery Groups. .DESCRIPTION This function queries Citrix Delivery Groups to get access policy rules, particularly focusing on included users and groups. It outputs names, excluding a specific hardcoded group. .PARAMETER AdminAddress The address of the Citrix Administration server (e.g., Citrix Delivery Controller). .PARAMETER DeliveryGroup The name of the Citrix Delivery Group from which to retrieve user or group names. .EXAMPLE Get-CitrixDeliveryGroupUsers -AdminAddress "ctxddc001" -DeliveryGroup "win10-vdi" Queries the 'win10-vdi' delivery group on the 'ctxddc001' Citrix admin server to list all user and group names allowed access. .NOTES Requires Citrix PowerShell snap-ins/modules to be installed and configured properly on the machine where the script is run. #> Function Get-CitrixDeliveryGroupUsers { [CmdletBinding()] [OutputType([string[]])] Param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true)] [string]$AdminAddress, [Parameter(Mandatory = $true, ValueFromPipeline = $true)] [string]$DeliveryGroup ) Process { try { $CitrixParams = @{ AdminAddress = $AdminAddress MaxRecordCount = [Int32]::MaxValue AllowedConnections = "ViaAG" DesktopGroupName = $DeliveryGroup ErrorAction = 'Stop' } $AccessPolicyRules = Get-BrokerAccessPolicyRule @CitrixParams $OutputGroups = foreach ($rule in $AccessPolicyRules) { foreach ($user in $rule.IncludedUsers) { # Extracting group name from DOMAIN\GroupName format $groupName = $user.Name -split '\\' if ($groupName[1] -ne "CitrixApplicationAccess") { $groupName[1] } } } if ($OutputGroups) { Write-Output $OutputGroups } else { Write-Warning "No users found in delivery group '$DeliveryGroup' on '$AdminAddress'." } } catch { Write-Error "Error querying the Citrix Delivery Group from ${AdminAddress}: $_" } } } |