How to restrict remote users access?

All replies

• 

  

  1

  Sign in to vote

  Hi - what you need is perfectly achievable through various policies, specifically

  - external access policies http://technet.microsoft.com/en-us/library/gg413051.aspx

  - conferencing policies http://blogs.technet.com/b/nexthop/archive/2011/08/11/confpoliciesintro.aspx

  ---

  Alessio Giombini | Microsoft Solutions Architect | Twitter: @AlessioGiombini
  Lync 2013 Detailed Design Calculator: try it at http://goo.gl/jU1hZR

  • Proposed as answer by Kent-Huang Tuesday, September 10, 2013 5:56 AM

  Monday, September 9, 2013 1:28 PM
• 

  

  0

  Sign in to vote

  Hi,

  The remote users access can be controlled by Lync external access policies. You can disable remote user access setting and assign this policy to user who you want to restrict.

  ---

  Kent Huang
  TechNet Community Support

  

  Tuesday, September 10, 2013 5:56 AM
• 

  

  0

  Sign in to vote

  Thank you for your answer, I appreciate it. However I think I didn't explain myself well enough. It's the same users that roam between internal and external computers.

  To simplify things:

  We have a user called Bob. He works in our company and will 90% of the time work from an internal computer on our network and here I want him to have 100% full access to ALL functionalities. Some times he connects with Lync from a personal computer from his home as an external user. However as an external user I want him to only be able to chat from that remote client, and specifically not be able to transfer files or remote control another users computer by using Lync.

  From the first link you posted, it seems like you can either completely disable or enable external access for users. I need to be able to set limitations on what they are able to use of functionalities when they are external.

  I've looked at Get-CsExternalAccessPolicy, however this only contains 5 settings to completely enable or disable stuff like external access, federation and so on.

  Then I looked at your second link about Conferencing Policies. This had at least some of what I needed, but unfortunately it seems like most of the parameters can't distinguish between if you're internal or external. Like the setting EnableAppDesktopSharing, which is exactly what I need, except that it would also remove the functionality when the users were internal.

  I hope you understand what I mean. Please let me know if you still believe it is possible and if at all, please post an example Lync Management Shell Command as an example for setting any of the parameters I've requested.

  Tuesday, September 10, 2013 6:23 AM
• 

  

  0

  Sign in to vote

  Hi Kent. Thanks for your reply. Please also see my reply to Alessio, which I think explains in more detail, what it is I need. The problem is that it is the same users roaming between internal and external computers and I need their functionalities to change dependant on their internal/external location.

  Tuesday, September 10, 2013 6:25 AM
• 

  

  0

  Sign in to vote

  Create an addition Conferencing Policy and disable options u like like "desktop sharing" and apply it to the users u want under conferencing policy.

  ---

  Praveen | MCSE Messaging 2003

  Tuesday, September 10, 2013 8:29 AM
• 

  

  1

  Sign in to vote

  Hi - that's something you cannot do out-of-the-box. Each given user is assigned a single conferencing policy, which is where (among other features) the ability to share desktop is granted. Most conferencing features do not discriminate between being an internal or external user.

  ---

  Alessio Giombini | Microsoft Solutions Architect | Twitter: @AlessioGiombini
  Lync 2013 Detailed Design Calculator: try it at http://goo.gl/jU1hZR

  • Marked as answer by Casper83DK Tuesday, September 10, 2013 11:16 AM

  Tuesday, September 10, 2013 9:25 AM