Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article is part of the Microsoft Lync Server 2010 Administration Guide: PowerShell Supplement.
Enable or Disable External User Access for Your Organization
Enable or Disable Remote User Access for Your Organization
- To enable or disable remote user access for your organization
To enable remote user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowOutsideUsers property to True:
Set-CsAccessEdgeConfiguration –Identity global –AllowOutsideUsers $True
To disable remote user access, set the AllowOutsideUsers property to False:
Set-CsAccessEdgeConfiguration –Identity global –AllowOutsideUsers $False
Enable or Disable Federation for Your Organization
- To enable or disable federated user access for your organization
To enable federated user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowFederatedUsers property to True:
Set-CsAccessEdgeConfiguration –Identity global –AllowFederatedUsers $True
To disable federated user access, set the AllowFederatedUsers property to False:
Set-CsAccessEdgeConfiguration –Identity global –AllowFederatedUsers $False
Enable or Disable Anonymous User Access for Your Organization
- To enable or disable anonymous user access for your organization
To enable anonymous user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowAnonymousUsers property to True:
Set-CsAccessEdgeConfiguration –Identity global –AllowAnonymousUsers $True
To disable anonymous user access, set the AllowAnonymousUsers property to False:
Set-CsAccessEdgeConfiguration –Identity global –AllowAnonymousUsers $False
For more information
Manage Communications with External Users
Manage Remote User Access
- To configure an external access policy to support remote user access
To create an external user access policy that allows access by remote users, use the New-CsExternalAccessPolicy cmdlet and set the EnableOutsideAccess property to True:
New-CsExternalAccessPolicy –Identity "RedmondExternalAccess" –EnableOutsideAccess $True
Manage Federated Partner Access
Configure Policies to Control Federated User Access
- To configure a policy to support access by users of federated domains
To create an external user access policy that allows access by federated users, use the New-CsExternalAccessPolicy cmdlet and set the EnableFederationAccess property to True:
New-CsExternalAccessPolicy –Identity "RedmondExternalAccess" –EnableFederationAccess $True
Enable or Disable Discovery of Federation Partners
- To enable or disable automatic discovery of federated domains for your organization
To enable automatic discovery of federated domains, use the Set-CsAccessEdgeConfiguration cmdlet and the UseDnsSrvRouting parameter, and set EnablePartnerDiscovery to True:
Set-CsAccessEdgeConfiguration -UseDnsSrvRouting -EnablePartnerDiscovery $True
To disable automatic routing, use the UseDefaultRouting parameter, and set DefaultRouteFqdn to the fully qualified ___domain name of the Edge Server used for federation requests:
Set-CsAccessEdgeConfiguration -UseDefaultRouting -DefaultRouteFqdn "atl-edge-001.litwareinc.com"
Control Access by Individual Federated Domains
- To add an external ___domain to the list of allowed domains
To add a ___domain to the list of domains your users are allowed to communicate with, use the New-CsAllowedDomain cmdlet followed by the fully qualified ___domain name of the allowed ___domain:
New-CsAllowedDomain -Identity "fabrikam.com"
- To add an external ___domain to the list of blocked domains
To add a ___domain to the list of domains your users are not allowed to communicate with, use the New-CsBlockedDomain cmdlet followed by the fully qualified ___domain name of the "outlawed" ___domain:
New-CsBlockedDomain -Identity "contoso.com"
Enable or Disable Sending an Archiving Disclaimer to Federated Partners
- To enable or disable sending an archiving disclaimer to federated partners
To display an archiving disclaimer to federated partners at the beginning of an instant messaging session, use the Set-CsAccessEdgeConfiguration cmdlet and set the EnableArchivingDisclaimer property to True:
Set-CsAccessEdgeConfiguration –Identity global -EnableArchivingDisclaimer $True
To prevent the display of the archiving disclaimer, set the EnableArchivingDisclaimer property to False:
Set-CsAccessEdgeConfiguration –Identity global -EnableArchivingDisclaimer $False
For more information
- Haiku $107: The CsExternalAccessPolicy Cmdlets
- Haiku # 83: The CsAccessEdgeConfiguration Cmdlets
- Haiku #3: The CsBlockedDomain Cmdlets
- The Edit External Access Policy Dialog
- The Access Edge Configuration Dialog
- The New Federated Domains Dialog (Allowed Domains)
- The New Federated Domains Dialog (Blocked Domains)
Manage IM Provider Support
Configure Policies to Control Access by Users of IM Service Providers
- To configure an external access policy to support public user access
To enable users to communicate with a public provider such as MSN or AOL, use the Set-CsExternalAccessPolicy cmdlet to set the EnablePublicCloudAccess property of the appropriate external access policy to True:
New-CsExternalAccessPolicy -Identity site:Redmond -EnablePublicCloudAccess $True
Specify Supported IM Service Providers
- To configure support for an IM service provider
To enable users to communicate with a new public provider, use the New-CsPublicProvider cmdlet to add the new organization to the list of approved providers:
New-CsPublicProvider -Identity "Fabrikam" -ProxyFqdn "proxyserver.fabrikam.com" -Enabled $True -VerificationLevel "AlwaysUnverifiable"
Configure Conferencing Policies to Support Anonymous Users
- To configure policies to allow anonymous participation in meetings
To allow users to host meetings that include anonymous users, use the Set-CsConferencingPolicy cmdlet to set the AllowAnonymousParticipantsInMeetings property of the appropriate conferencing policy to True:
Set-CsConferencingPolicy –Identity global -AllowAnonymousParticipantsInMeetings $True
For more information
- Haiku #107: The CsExternalAccessPolicy Cmdlets
- Haiku #128: The CsPublicProvider Cmdlets
- No Conferencing Policy is an Island
- The Edit External Access Policy Dialog
- The Edit Provider Dialog
- The Edit Conferencing Policy Dialog
Apply Policies for External User Access to Users
Apply External User Access Policies to Users
- To apply an external user policy to a user account
To assign a per-user external access policy to a user, use the Grant-CsExternalAccessPolicy cmdlet.
Grant-CsExternalAccessPolicy –Identity "Ken Myer" –PolicyName "RedmondExternalAccess"
To unassign a per-user policy, use Grant-CsExternalUserAccess and set the PolicyName to a null value:
Grant-CsExternalAccessPolicy –Identity "Ken Myer" –PolicyName $null
Apply Conferencing Policies to Support Anonymous Users
- To configure a user policy for anonymous participation in meetings
To allow users to host meetings that include anonymous participants, use the Set-CsConferencingPolicy cmdlet and set AllowAnonymousParticipantsInMeetings to True:
Set-CsConferencingPolicy –Identity site:Redmond -AllowAnonymousParticipantsInMeetings $True
To prevent users from hosting meetings that include anonymous participants, set AllowAnonymousParticipantsInMeetings to False:
Set-CsConferencingPolicy –Identity site:Redmond -AllowAnonymousParticipantsInMeetings $False
Reset or Delete External User Access Policies
Delete a Site or User Policy for External User Access
- To delete a site or user policy for external user access
To delete a per-site external access policy, use the Remove-CsExternalAccessPolicy cmdlet followed by the policy Identity:
Remove-CsExternalAccessPolicy –Identity site:Redmond
You can also use this command to remove all the per-site policies:
Get-CsExternalAccessPolicy –Filter "site:*" | Remove-CsExternalAccessPolicy
To delete a per-user policy, use the Remove-CsExternalAccessPolicy cmdlet followed by the policy Identity:
Remove-CsExternalAccessPolicy –Identity "RedmondExternalAccessPolicy"
This command removes all the per-user policies:
Get-CsExternalAccessPolicy –Filter "tag:*" | Remove-CsExternalAccessPolicy
Reset the Global Policy for External User Access
- To reset the global policy to the default settings
To reset all the properties in the global external user access policy to their default values, use the Remove-CsExternalAccessPolicy cmdlet:
Remove-CsExternalAccessPolicy –Identity global
Note that this command will not remove the global policy. However, all the properties in that policy will be reset to their default values.
For more information