locked
Authentication Mechanism if Anonymous Allowed RRS feed

  • Question

  • Hi,

    We are having Skype for business server 2015 deployed with federation enabled.For conferencing, Participants are allowed to invite anonymous users.

    Can some one describe what is the authentication mechanism being followed in entire joining process, how can we ensure only authenticated external participants can join Skype meeting/conference ?

    -James


    -James

    Thursday, May 24, 2018 2:09 PM

All replies

  • Hi,

    This anonymous join scenario is only needed if you are trying to join a meeting hosted by a company that you are not federated with. Here is an overview of how this works is as follows:
    1.Client sends an INVITE message to your front end server with a request to join a meeting
    2.Server determines that you are not federated with the domain that the meeting organizer resides in
    3.Server responds with a SIP message and Diagnostic code indicating that you are not federated with the organizer's domain
    4.Client interprets the SIP message and Diagnostic code and decides if it should try to join anonymously
    5.Client does a DNS lookup to determine where to send the anonymous INVITE to
    6.Client sends an anonymous INVITE to the meeting organizer's Edge server in an attempt to join the meeting
    7.Client joins you to the meeting as an anonymous user and the word "Guest" appears next to your name in the meeting roster

    For authentication method, there is no specific document describes this.

    But based on my research, the following document describes “Anonymous join from Skype for Business and Lync clients”
    https://blogs.technet.microsoft.com/scottstu/2015/04/03/anonymous-join-from-skype-for-business-and-lync-clients/


    Best Regards,
    Alice Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Friday, May 25, 2018 2:52 AM
  • Hi Alice,

    Thanks for your answer.Kindly suggest if there is any way to check integrity of Anonymous participants before allowing him to get into the meeting ? Also suggest what will be the authentication process if user is from federated partner domain ?

    -James


    -James

    Friday, May 25, 2018 7:10 AM
  • Hi,

    Please suggest if there is any article describing about above scenario.

    -James


    -James

    Monday, May 28, 2018 9:38 AM
  • Hi,

    If you do not want Anonymous to join the meeting, I think when you create the meeting, you could configure the meeting option and modify the options:

    In addition, you could refer to this link for federated user call flow.

    https://blogs.technet.microsoft.com/rischwen/2015/04/13/federation-call-flow-skype-for-business-and-lync-clients/

    Regards

    Shaw Lu

    Tuesday, June 5, 2018 7:30 AM