This article is part of the Microsoft Lync Server 2010 Administration Guide: PowerShell Supplement .
Enable or Disable External User Access for Your Organization
Enable or Disable Remote User Access for Your Organization
- To enable or disable remote user access for your organization
To enable remote user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowOutsideUsers property to True:
Set-CsAccessEdgeConfiguration –Identity global –AllowOutsideUsers $True
To disable remote user access, set the AllowOutsideUsers property to False:
Set-CsAccessEdgeConfiguration –Identity global –AllowOutsideUsers $False
Enable or Disable Federation for Your Organization
- To enable or disable federated user access for your organization
To enable federated user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowFederatedUsers property to True:
Set-CsAccessEdgeConfiguration –Identity global –AllowFederatedUsers $True
To disable federated user access, set the AllowFederatedUsers property to False:
Set-CsAccessEdgeConfiguration –Identity global –AllowFederatedUsers $False
Enable or Disable Anonymous User Access for Your Organization
- To enable or disable anonymous user access for your organization
To enable anonymous user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowAnonymousUsers property to True:
Set-CsAccessEdgeConfiguration –Identity global –AllowAnonymousUsers $True
To disable anonymous user access, set the AllowAnonymousUsers property to False:
Set-CsAccessEdgeConfiguration –Identity global –AllowAnonymousUsers $False
For more information
Manage Communications with External Users
Manage Remote User Access
- To configure an external access policy to support remote user access
To create an external user access policy that allows access by remote users, use the New-CsExternalAccessPolicy cmdlet and set the EnableOutsideAccess property to True:
New-CsExternalAccessPolicy –Identity "RedmondExternalAccess" –EnableOutsideAccess $True
Manage Federated Partner Access
Configure Policies to Control Federated User Access
- To configure a policy to support access by users of federated domains
To create an external user access policy that allows access by federated users, use the New-CsExternalAccessPolicy cmdlet and set the EnableFederationAccess property to True:
New-CsExternalAccessPolicy –Identity "RedmondExternalAccess" –EnableFederationAccess $True
Enable or Disable Discovery of Federation Partners
- To enable or disable automatic discovery of federated domains for your organization
To enable automatic discovery of federated domains, use the Set-CsAccessEdgeConfiguration cmdlet and the UseDnsSrvRouting parameter, and set EnablePartnerDiscovery to True:
Set-CsAccessEdgeConfiguration -UseDnsSrvRouting -EnablePartnerDiscovery $True
To disable automatic routing, use the UseDefaultRouting parameter, and set DefaultRouteFqdn to the fully qualified domain name of the Edge Server used for federation requests:
Set-CsAccessEdgeConfiguration -UseDefaultRouting -DefaultRouteFqdn "atl-edge-001.litwareinc.com"
Control Access by Individual Federated Domains
- To add an external domain to the list of allowed domains
To add a domain to the list of domains your users are allowed to communicate with, use the New-CsAllowedDomain cmdlet followed by the fully qualified domain name of the allowed domain:
New-CsAllowedDomain -Identity "fabrikam.com"
- To add an external domain to the list of blocked domains
To add a domain to the list of domains your users are not allowed to communicate with, use the New-CsBlockedDomain cmdlet followed by the fully qualified domain name of the "outlawed" domain:
New-CsBlockedDomain -Identity "contoso.com"
Enable or Disable Sending an Archiving Disclaimer to Federated Partners
- To enable or disable sending an archiving disclaimer to federated partners
To display an archiving disclaimer to federated partners at the beginning of an instant messaging session, use the Set-CsAccessEdgeConfiguration cmdlet and set the EnableArchivingDisclaimer property to True:
Set-CsAccessEdgeConfiguration –Identity global -EnableArchivingDisclaimer $True
To prevent the display of the archiving disclaimer, set the EnableArchivingDisclaimer property to False:
Set-CsAccessEdgeConfiguration –Identity global -EnableArchivingDisclaimer $False
For more information
- Haiku $107: The CsExternalAccessPolicy Cmdlets
- Haiku # 83: The CsAccessEdgeConfiguration Cmdlets
- Haiku #3: The CsBlockedDomain Cmdlets
- The Edit External Access Policy Dialog
- The Access Edge Configuration Dialog
- The New Federated Domains Dialog (Allowed Domains)
- The New Federated Domains Dialog (Blocked Domains)
Manage IM Provider Support
Configure Policies to Control Access by Users of IM Service Providers
- To configure an external access policy to support public user access
To enable users to communicate with a public provider such as MSN or AOL, use the Set-CsExternalAccessPolicy cmdlet to set the EnablePublicCloudAccess property of the appropriate external access policy to True:
New-CsExternalAccessPolicy -Identity site:Redmond -EnablePublicCloudAccess $True
Specify Supported IM Service Providers
- To configure support for an IM service provider
To enable users to communicate with a new public provider, use the New-CsPublicProvider cmdlet to add the new organization to the list of approved providers:
New-CsPublicProvider -Identity "Fabrikam" -ProxyFqdn "proxyserver.fabrikam.com" -Enabled $True -VerificationLevel "AlwaysUnverifiable"
Configure Conferencing Policies to Support Anonymous Users