As discussed in our previous blog article Custom Policies in Skype for Business Online, Skype for Business Online allows Skype administrators to create custom policies. We are now expanding with additional policies and parameters that can be configured.
What is new?
The additional functionality configured with customer policies to Skype for Business Online, include:
Block Federated point-to-point file transfer
Previously, Skype for Business Online already offered the ability to control P2P file transfer as part of the existing conferencing policy settings. However, this option allowed or blocked file transfer for users no matter if they are transferring files to a user who is hosted on the same company or Federated user.
The new feature allows you to block P2P file transfer with Federated partners only.
Imagine a scenario where you would like to allow internal users to use P2P file transfer, block file transfer with federated partners by default and allow exceptions to the rule.
This scenario would require, four components:
By default, EnableP2PFileTransfer is enabled in Global Policy. When created, your users are assigned BposSAllModality policy. You can ensure that your users have P2P Enabled, by checking the setting in the Global Policy and checking user policy assigned to the users.
Get-CsConferencingPolicy -Identity Global | Select Identity, EnableP2PFileTransferIn our example, the user has the SIP address firstname.lastname@example.org. To check policy assigned execute:
Get-CsOnlineUser -Identity email@example.com | Select SIPAddress, ConferencingPolicy
Set-CsExternalUserCommunicationPolicy -EnableP2PFileTransfer $False
New-CsExternalUserCommunicationPolicy -Identity BlockExternalFT -EnableP2PFileTransfer $False Grant-CsExternalUserCommunicationPolicy -PolicyName BlockExternalFT -Identity firstname.lastname@example.org
Blocking Federated file transfer considerations
Users of older versions of Skype for Business Windows client or Mac client can transfer files.
If a 3rd-party tries to send a file to the user where the policy is enforced, the federated party sending file will receive Transfer Failed error.
Custom External Access Policies
New-CsExternalAccessPolicy allows you to create additional External Access Policies. Unlike Client or Conferencing policies, where you have numerous combinations, with three pre-defined external access policies you can cover most of the scenarios:
Introduction of Custom External policies allows you to create additional polices that were not covered in the above list. During policy creation, you would be required to set all required parameters and you couldn't alter them later. This new command brings option to create policy like Skype Consumer Access only or policy to disable public cloud Audio/Video, something not covered with a pre-defined set. External access policies follow the same syntax as Client, Mobility and Conferencing policies.
Examples of new commands are:
New-CsExternalAccessPolicy -Identity BlockSkypeVideo -EnablePublicCloudAccess $True -EnablePublicCloudAudioVideoAccess $False -EnableFederationAccess $True -EnableOutsideAccess $True Grant-CsExternalAccessPolicy -PolicyName BlockSkypeVideo -Identity email@example.com Remove-CsExternalAccessPolicy -Identity BlockSkypeVideo
Call to action
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.