Dynamic Remote Desktop Objects

So, I've ran this question around, and haven't gotten a definitive answer, so I thought I'd see what the community had to say. I want to parse a string containing a variable number of hostnames from an attribute in AD and populate remote desktop links on a webtop. I've opted to use an irule, and have found that I am able to set session variables for remote desktop resources, but it seems that in order for an object to be usable, the 'container' must be defined on the system (Access Policy > Secure Connectivity > Application Access > Remote Desktops) otherwise, they do not appear on the webtop.

Here is the setup:

ad attribute: 'foo1:foo2'
defined full webtop: /Common/webtop
defined remote desktop object: /Common/foo_remote_host (type: rdp, ip:2.2.2.10, with associated acl)
vpe process: 
    1. login page
    2. auth user
    3. ad query
    4. assign resources (foo_remote_host, webtop)
    5. call irule with agent_id 'do_something'
    6. follows to ending 'Allow'


irule:

when ACCESS_POLICY_AGENT_EVENT {
    switch [ACCESS::policy agent_id] {
        "do_something" {
            set rdp_hosts [split [ACCESS::session data get session.ad.last.attr.someattribute] ":"]

             this could be a loop through the attribute list, but keeping it simplified with if/else
            if { [llength $rdp_hosts] == 1} {
                 modify the session variables for the defined remote desktop object
                set profile "/Common/foo_remote_host"
                set ip [RESOLV::lookup @1.1.1.10 -a "[llindex $rdp_hosts 0].corporation.org"]
                set acl "\{ allow tcp any $ip:3389 \}"
                ACCESS::session data set "config.connectivity_resource_remote_desktop.$profile.host" $ip
                ACCESS::session data set "session.assigned.resources.rd.$profile.acl" $acl
            } elseif { [llength $rdp_hosts] == 2} {
                     create the session variables on the fly for the defined remote desktop object
                    set profile "/Common/bar_remote_host"
                    set ip [RESOLV::lookup @1.1.1.10 -a "[llindex $rdp_hosts 1].corporation.org"]
                    set acl "\{ allow tcp any $ip:3389 \}"
                    ACCESS::session data set "config.connectivity_resource_remote_desktop.$profile.host" $ip
                    ACCESS::session data set "session.assigned.resources.rd.$profile.acl" $acl
                    ACCESS::session data set "session.assigned.resources.rd" "[ACCESS::session data get session.assigned.resources.rd] $profile"
                    ACCESS::session data set "session.connectivity_resource_remote_desktop.$profile.client.domain" ""
                    ACCESS::session data set "session.connectivity_resource_remote_desktop.$profile.client.password" "user_foo"
                    ACCESS::session data set "session.connectivity_resource_remote_desktop.$profile.client.username" "pass_foo"
                    ACCESS::session data set "config.connectivity_resource_remote_desktop.$profile.host" $host
                    ACCESS::session data set "session.assigned.resources.rd.$profile.acl" $acl
            } else {
                log local0. "attribute contains invalid host count"
            }
        }
    }
}

After the user authenticates and is presented the webtop, the following has occurred. 1) The first host has been updated, which can be seen reviewing the session variables, as well as clicking the remote desktop link. 2) The second host session variables have been created, and look similar to the first object's variables, but no webtop link appears.

Here is a mocked up screenshot of the session variables in the current session listing:

Is there a way to 'assign' programmatically, this new object, or does APM require the initial creation of these remote desktop containers? Any suggestions or directions to documentation on this would be great!

Thank you