Blog Post

Skype for Business Blog
3 MIN READ

Lync Server Admin Guide: Managing External Connectivity

NextHop_Team's avatar
NextHop_Team
Brass Contributor
May 20, 2019
First published on TECHNET on Jul 13, 2011





Enable or Disable External User Access for Your Organization



Enable or Disable Remote User Access for Your Organization




  • To enable or disable remote user access for your organization



To enable remote user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowOutsideUsers property to True:



Set-CsAccessEdgeConfiguration –Identity global –AllowOutsideUsers $True



To disable remote user access, set the AllowOutsideUsers property to False:



Set-CsAccessEdgeConfiguration –Identity global –AllowOutsideUsers $False




Enable or Disable Federation for Your Organization




  • To enable or disable federated user access for your organization



To enable federated user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowFederatedUsers property to True:



Set-CsAccessEdgeConfiguration –Identity global –AllowFederatedUsers $True



To disable federated user access, set the AllowFederatedUsers property to False:



Set-CsAccessEdgeConfiguration –Identity global –AllowFederatedUsers $False




Enable or Disable Anonymous User Access for Your Organization




  • To enable or disable anonymous user access for your organization



To enable anonymous user access, use the Set-CsAccessEdgeConfiguration cmdlet to set the AllowAnonymousUsers property to True:



Set-CsAccessEdgeConfiguration –Identity global –AllowAnonymousUsers $True



To disable anonymous user access, set the AllowAnonymousUsers property to False:



Set-CsAccessEdgeConfiguration –Identity global –AllowAnonymousUsers $False




For more information








Manage Communications with External Users



Manage Remote User Access




  • To configure an external access policy to support remote user access



To create an external user access policy that allows access by remote users, use the New-CsExternalAccessPolicy cmdlet and set the EnableOutsideAccess property to True:



New-CsExternalAccessPolicy –Identity "RedmondExternalAccess" –EnableOutsideAccess $True




Manage Federated Partner Access



Configure Policies to Control Federated User Access




  • To configure a policy to support access by users of federated domains



To create an external user access policy that allows access by federated users, use the New-CsExternalAccessPolicy cmdlet and set the EnableFederationAccess property to True:



New-CsExternalAccessPolicy –Identity "RedmondExternalAccess" –EnableFederationAccess $True




Enable or Disable Discovery of Federation Partners




  • To enable or disable automatic discovery of federated domains for your organization



To enable automatic discovery of federated domains, use the Set-CsAccessEdgeConfiguration cmdlet and the UseDnsSrvRouting parameter, and set EnablePartnerDiscovery to True:



Set-CsAccessEdgeConfiguration -UseDnsSrvRouting -EnablePartnerDiscovery $True



To disable automatic routing, use the UseDefaultRouting parameter, and set DefaultRouteFqdn to the fully qualified domain name of the Edge Server used for federation requests:



Set-CsAccessEdgeConfiguration -UseDefaultRouting -DefaultRouteFqdn "atl-edge-001.litwareinc.com"





Control Access by Individual Federated Domains




  • To add an external domain to the list of allowed domains



To add a domain to the list of domains your users are allowed to communicate with, use the New-CsAllowedDomain cmdlet followed by the fully qualified domain name of the allowed domain:



New-CsAllowedDomain -Identity "fabrikam.com"





  • To add an external domain to the list of blocked domains



To add a domain to the list of domains your users are not allowed to communicate with, use the New-CsBlockedDomain cmdlet followed by the fully qualified domain name of the "outlawed" domain:



New-CsBlockedDomain -Identity "contoso.com"




Enable or Disable Sending an Archiving Disclaimer to Federated Partners




  • To enable or disable sending an archiving disclaimer to federated partners



To display an archiving disclaimer to federated partners at the beginning of an instant messaging session, use the Set-CsAccessEdgeConfiguration cmdlet and set the EnableArchivingDisclaimer property to True:



Set-CsAccessEdgeConfiguration –Identity global -EnableArchivingDisclaimer $True



To prevent the display of the archiving disclaimer, set the EnableArchivingDisclaimer property to False:



Set-CsAccessEdgeConfiguration –Identity global -EnableArchivingDisclaimer $False




For more information









Manage IM Provider Support



Configure Policies to Control Access by Users of IM Service Providers




  • To configure an external access policy to support public user access



To enable users to communicate with a public provider such as MSN or AOL, use the Set-CsExternalAccessPolicy cmdlet to set the EnablePublicCloudAccess property of the appropriate external access policy to True:



New-CsExternalAccessPolicy -Identity site:Redmond -EnablePublicCloudAccess $True




Specify Supported IM Service Providers




  • To configure support for an IM service provider



To enable users to communicate with a new public provider, use the New-CsPublicProvider cmdlet to add the new organization to the list of approved providers:



New-CsPublicProvider -Identity "Fabrikam" -ProxyFqdn "proxyserver.fabrikam.com" -Enabled $True -VerificationLevel "AlwaysUnverifiable"




Configure Conferencing Policies to Support Anonymous Users



Updated May 20, 2019
Version 2.0
No CommentsBe the first to comment