Conferencing Policy Settings: AllowAnonymousParticipantsInMeetings

This article is part of the series An In-Depth Guide to Conferencing Policy Settings.

Lync Server Control Panel Equivalent Setting: Allow participants to invite anonymous users

So with Microsoft Lync Server 2010, you probably have a very exclusive, very restricted list of people you can invite to meetings, right? Right.

No, wait: that's not right at all. Instead, you can basically invite anyone in the world to one of your meetings, even people who do not have accounts in your Active Directory domain (so-called "anonymous" users). How do you do that? Well, here's one way. From inside the meeting, click the Join Information and Meeting Options link. That will bring up a dialog box that shows the URI for your meeting:

Send that URI to anyone in the world (or at least anyone who has a supported Web browser) and they'll be able to access the meeting URI. At that point, they'll be presented with the following logon screen:

As you can see, people have the option of logging on using their organization credentials (assuming they have any) or of logging on anonymously. In the preceding dialog box, the user is logging on as a guest, and has chosen the screen name Bob. After clicking OK (and depending on how Lync Server has been configured) our anonymous user will then be admitted to the meeting lobby, where they'll sit until someone with presenter rights admits them to the meeting:

And what happens when someone with presenter rights does admit them to the meeting? At that point they will, well, be admitted to the meeting:

Kind of a nice feature, don't you think?

Oh, we see: you don't think it's a good idea for your users (or at least for some of your users) to be inviting every Tom, Dick, and Harry to their meetings. But that's fine. With Lync Server conferencing policies (and with the AllowAnonymousParticipantsInMeetings setting) you can prohibit your users from hosting meetings that allow anonymous users. To do that, simply set the value of AllowAnonymousParticipantsInMeetings in the appropriate conferencing policy to False:

Set-CsConferencingPolicy –Identity global –AllowAnonymousParticipantsInMeetings $False

Note. Or, set the value to True to allow anonymous users in meetings:

Set-CsConferencingPolicy –Identity global –AllowAnonymousParticipantsInMeetings $True

So what happens if you disallow anonymous participants in a meeting? Well, you can still retrieve the meeting URI, and you can still send that URI to anyone you want to. However, this is what happens to anyone who tries logging on as a guest, without supplying a valid user name and password:

Granted, that's not the best error message ever written. After all, there wasn't really an error that prevented the anonymous user from logging on; instead, it was the conferencing policy that explicitly prevented the anonymous user from logging on. Either way, though, anonymous users will not be allowed in. No shoes, no shirt, no valid Active Directory account, no service.

In case you're wondering (and, in this case, you should be wondering), AllowAnonymousParticipantsInMeetings is a per-organizer setting; that means it applies to the user who organizes the meeting. And what does that mean? Well, suppose we have two users and two conferencing policies:

As you can see, Pilar Ackerman's policy prohibits anonymous participants in meetings. That means that anonymous users will not be allowed in any meeting that Pilar organizes. By comparison, anonymous users are allowed in meetings that Ken Myer organizes. Why? You got it: because Ken's conferencing policy allows anonymous participants.

And yes, that was an easy one, wasn't it?