locked
SIP Federated domains with Office 365 RRS feed

  • Question

  • I have Skype for Business Server 2015.  I have created a SIP Federated Provider connection with Office 365.  That communication is working well.  

    Can I limit the domains accessible on Office 365?  there is only 1 domain I want federated access to.   I added the one domain we want to IM with as an allowed SIP Federated Domain -- communication still works with that domain, but other domains on Office 365 are not restricted.

    Monday, September 25, 2017 3:38 PM

All replies

  • Hi JFgriff,

    It sounds as though you're in a Hybrid configuration. If this is the case, Federated communication is controlled via the on premise Skype for Business policies, rather than those in Office 365.

    You can enable federation for allowed domains only on premise. This would allow you to limit who your users can communicate with.

    Hope this helps.

    Craig
    blog.chiffers.com

    Tuesday, September 26, 2017 6:38 AM
  • Hi JFgriff,

     

    If you have multiple domains on the O365, if you want to limit other domains to access the skype for business on-premise, you could open the SFB control panel on the SFB server ,set the block domains like the following screenshot.


    Best Regards,

    Leon-Lu
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, September 26, 2017 7:29 AM
  • Normally when you add hosting provider it will federate with all available domains in case of open federation(Discover mode).You may use block option in federation configuration on SFB control panel.

    Jayakumar K

    Tuesday, September 26, 2017 8:48 AM
  • Thank you for the responses.

    I setup Office 365 as a SIP Federated Provider:

    I added the domain I wanted to communicate with:

    communication with this domain works, but it is not restricted TO this domain.  I am able to communicate with any domain on Office 365.  I guess I was thinking since this was an "allow" rule, it would only allow this domain. 

    My goal would be to limit it to only this allowed domain. Is that possible?



    • Edited by JFgriff Tuesday, September 26, 2017 5:04 PM
    Tuesday, September 26, 2017 3:54 PM
  • Not exactly.   I am on premise communicating with Office 365, so I did make the settings in the on premise Skype for Business server.

    "You can enable federation for allowed domains only on premise. This would allow you to limit who your users can communicate with."

    This may be what I am missing.  Where is that set in Skype for Business server?

    Tuesday, September 26, 2017 4:00 PM
  • Hi JFgriff ,

    Run the Get-CsAccessEdgeConfiguration on the SFB management shell , check the enable partner discovery is false. if it is true,please change  enable partner discovery to false and make a test.

    if you have some doubts about the setting,you could refer to the following link.

    http://windowsitpro.com/skype-business/understanding-main-types-federation-skype-and-lync-environments

    https://technet.microsoft.com/en-us/library/gg425908%28v=ocs.15%29.aspx?f=255&MSPPError=-2147217396

    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.


    Best Regards,

    Leon-Lu
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, September 28, 2017 8:42 AM
  • That worked!  thank you very much.
    Thursday, September 28, 2017 1:37 PM
  • if the reply is helpful to you, please try to mark it as an answer, it will help others who has similar issue.

    Best Regards,

    Leon-Lu
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, September 29, 2017 1:33 AM