0 votes

Is it possible to provision Lync access to users through group membership? For example, let's say we don't want to provide Lync to all users so we have a security group called "Lync Users". Is it possible, using a Business Rule, to enable Lync access for a user when they are added to that group and disable it if they are removed from the group?

by (320 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

Yes, you can do this with the help of Business Rules. You can create two Business Rules, one triggered after adding a member to a group, and one triggered after removing a member from a group. Both the Business Rules will use PowerShell scripts to enable/disable users for Lync.

To create a Business Rule that enables users for Lync once they are added to a certain group:

  1. Create a new Business Rule.

  2. On the 2nd step of the Create Business Rule wizard, select Group and After adding a member to a Group.

  3. On the 3rd step, add the Run a program or PowerShell script wizard and paste the following script in the Script field:

     $lyncPool = "lyncserver.domain.com" # TODO: Modify me
     $sipAddress = "sip:%mail%" # TODO: Modify me
     $telephonyOptions = "ADM_LYNCTELEPHONYMODE_PC2PC" # TODO: Modify me
     $lineUri = $null # TODO: Modify me
     $lineServerUri = $null # TODO: Modify me
    
     $newMember = $Context.BindToObjectByDN("%member%")
     $newMember.LyncEnable($lyncPool, $sipAddress, $telephonyOptions, $lineUri, $lineServerUri)
    
  4. In the script:

    • $lyncPool - the fully qualified domain name (FQDN) of the Registrar pool where the user's Lync Server account will be homed,
    • $sipAddress - the user's SIP URI,
    • $telephonyOptions - specifies how Telephony Options must be configured for the user,
    • $lineUri - specifies the phone number assigned to the user,
    • $lineServerUri - the URI of the remote call control telephone gateway assigned to the user.

    Modify the script to your requirements. For more details, see the description of the LyncEnable method in our SDK.

  5. Enter a short description for the script and click OK.

  6. On the 4th step, click Add.

  7. Double-click the group that will be used for users who need access to Lync.

  8. In the Assignment Options dialog, check the This Group object option and uncheck the Members of this Group option.

  9. Click OK two times and finish creation of the Business Rule.

To create a Business Rule that disables users for Lync once they are removed from a certain group:

  1. Create a new Business Rule.

  2. On the 2nd step of the Create Business Rule wizard, select Group and After removing a member from a Group.

  3. On the 3rd step, add the Run a program or PowerShell script wizard and paste the following script in the Script field:

     $removedMember = $Context.BindToObjectByDN("%member%")
     $removedMember.LyncDisable()
    
  4. Enter a short description for the script and click OK.

  5. On the 4th step, click Add.

  6. Double-click the group that will be used for users who need access to Lync.

  7. In the Assignment Options dialog, check the This Group object option and uncheck the Members of this Group option.

  8. Click OK two times and finish creation of the Business Rule.

0

Awesome! Thank you!

Related questions

0 votes
1 answer

We have several Office 365 groups where the someone is an Owner but not a Member, and we'd like to give them the ability through the web interface to give them the ability ... option in the web interface to allow them to add or remove users via a custom task?

asked Nov 1, 2023 by PaulO (20 points)
0 votes
0 answers

Hello, I'm curious again... In this post: Lync Fails when Line URI is used its mentioned that because Adaxes uses PowerShell v2, and the Lync module from Microsoft ... scripts. How then, does Adaxes go about enabling and disabling users for Lync? Thanks.

asked Jan 27, 2016 by EgotisticalGiraffe (350 points)
0 votes
1 answer

Hi everyone, we're getting the below error when enabling a user for Lync: Connecting to remote server failed with the following error message : WinRM cannot process the request ... box' Lync enablement feature. Any ideas what might be going on? Thanks again!

asked Dec 6, 2013 by EgotisticalGiraffe (350 points)
0 votes
1 answer

Hi We are experiencing problems with the "Enable the user for Lync" function: Enable the user for Lync (Pool: 'lync-server.domain.local', SIP URI: 'sip:%mail%') Processing ... Help topic. This is for a managed domain, not the one Adaxes is installed in.

asked Oct 31, 2013 by kjesoo (960 points)
0 votes
1 answer

After disable user, not user found or show when try to enable...i follow and try many way yet still not showing.. please help i;m using the ... -not-show-disabled-account https://www.adaxes.com/help/PreventUsersFromViewingTheStructure/#change-top-level-node

asked Oct 23, 2023 by kimtienh (20 points)
3,293 questions
2,991 answers
7,664 comments
544,194 users