0 votes

I need to be able to change other settings related to the users that get provisioned in Lync. Specifically:
Conferencing Policy
PIN Policy
External Access Policy
Archiving Policy
Mobility Policy
Persistent Chat Policy.

I currently have this automated via a script that evaluates group membership and sets the properties via powershell. The issue I have with this script is it only runs as a scheduled task as a logged in user. I would like to move this to adaxes, but it looks like these options are not available via the SDK.

Is this something that can be accomplished?

by (370 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

Currently, Adaxes ADSI API doesn't support assigning Lync Policies, however you can still use your script. To execute the script automatically as a part of the user provisioning process, you need to add the script to the Business Rule that you use for provisioning users. For this purpose, you need to use the Run a program or PowerShell script action that executes the script.

For information on how to add an action to a Business Rule, see Modifying Business Rule Actions And Conditions.

In your script, you need to create a remote session to your Lync Server before you can call Lync management cmdlets, for example:

$lyncServer = "lyncserver.domain.com" # TODO: Modify me

$sessionOptions = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck
$session = New-PSSession -ConnectionUri https://$lyncServer/ocspowershell `
    -SessionOption $sessionOptions -Authentication NegotiateWithImplicitCredential

Import-PSSession -session $session

Grant-CsConferencingPolicy -identity "%userPrincipalName%" -PolicyName MyConferencingPolicy # Assign a Conferencing Policy
Grant-CsPinPolicy -Identity "%userPrincipalName%" -PolicyName MyPinPolicy # Assign a PIN Policy
Grant-CsExternalAccessPolicy -Identity "%userPrincipalName%" -PolicyName MyAccessPolicy # Assign an External Access Policy
Grant-CsArchivingPolicy -Identity "%userPrincipalName%" -PolicyName MyArchivingPolicy # Assign an Archiving Policy
Grant-CsMobilityPolicy -Identity "%userPrincipalName%" -PolicyName MyMobilityPolicy # Assign a Mobility Policy
Grant-CsPersistentChatPolicy -Identity "%userPrincipalName%" -PolicyName MyPersistentChatPolicy # Assign a Persistent Chat Policy

Remove-PSSession -Session $session

In the script, $lyncServer specifies the fully qualified domain name (FQDN) of your Lync Server.

If you need more help with adapting your script to use with a Business Rule, do not hesitate to ask.

0

Thanks!

Works perfectly. We actually have different levels of Lync access based on the policies specified in this script. If anyone else is trying to accomplish something similar, I'm using a value stored in a custom attribute to be evaluated by business rules on user create and on user update.

Related questions

0 votes
1 answer

During the creation of a new user I want to be able to select the job title from a drop-down list which populates different values based on which Department is selected. Is there a way to achieve this? Thanks. Dario.

asked Oct 2, 2020 by winstonsmith (40 points)
0 votes
1 answer

I am trying to see if I can implement this in Adaxes somehow to support role-based provisioning to external apps (using appropriate Powershell scripts) but struggling to work ... to invest in a full-blown role-based provisioning platform (would rather not!).

asked Dec 24, 2019 by Bernie (310 points)
0 votes
1 answer

In our environment, we have dirsync setup to assign the Office365 username based on the email property of the on-prem user. In Adaxes, if a newly created user doesn' ... instead utilize a property of our choosing? Currently using product version: 3.10.15918.0

asked Nov 8, 2018 by blaiseb (120 points)
0 votes
1 answer

Hi, We are trailing Adaxes and wanted to find out how to enable Litigation Hold on a user mailbox at the time of a new user creation. We are in a hybrid setup and are running a powershell script to enable remote mailbox onto O365 in the Business Rule.

asked Aug 17, 2018 by Shuja (100 points)
0 votes
1 answer

One of the ways we use Adaxes in our organization is for new user provisioning. We set up template accounts for different job functions with the needed groups and attributes in place ... manage the process and avoid this kind of 'rule creep'? Thank you, Tom F

asked May 25, 2018 by fostert (50 points)
3,589 questions
3,278 answers
8,303 comments
548,121 users