Conferencing Policy Settings: AllowParticipantControl

This article is part of the series An In-Depth Guide to Conferencing Policy Settings.

Lync Server Control Panel Equivalent Setting: None

Who said you can't have your cake and eat it, too?

Note. OK, technically the phrase first appeared in 1546 in John Heywood's treatise A dialogue Conteinyng the Nomber in Effect of All the Prouerbes in the Englishe Tongue. (Soon to be a major motion picture!) But that was supposed to be a rhetorical question.

In the old days, the phrase meant that you couldn't have two contradictory things: if you wanted to keep your cake as-is you couldn't eat it and, likewise, if you wanted to eat your cake then you couldn't keep it as-is. Today, of course, we don't mind contradictory things: after all, everyone wants to keep their favorite government programs while, at the same time, not paying any taxes. Because of that, the meaning has changed somewhat over the years: now, people tend to use the phrase "you can't have your cake and eat it, too" when they really mean this: you can't have everything.

But guess what: in Lync Server, you can have everything.

Well, pretty much anyway. At the very least you can have this: you can share your desktop or an application without giving anyone else in the meeting the ability to take control of that shared item.

What does that mean? Well, by default, any time you're in a meeting where someone is sharing an application (or their desktop) you have the ability to request control of that application (hence the Request Control link shown in the Microsoft Lync UI):

In addition to that, the user sharing the application (or desktop) can cede control of that application any time they want, and to anyone they want:

Well, unless a user has been assigned a conferencing policy that prohibits them from taking control of someone else's application or desktop. That doesn't mean this user can't share his or her desktop; that ability is governed by a different policy setting ( EnableAppDesktopSharing ). But if the user has a conferencing policy where AllowParticipantControl has been set to False, two things will happen. First, the user will no longer see the Request Control link in the UI; that's because they aren’t allowed to request control of a shared item:

Second, anyone sharing an application will not be allowed to give control to that user. For example, in this illustration both the Administrator and Ken Myer have been assigned a conferencing policy that prevents them from taking control of a shared application. As a result, the person sharing that application is not allowed to cede control to either of them:

Is that like having your cake and eating it, too? It's close enough.

AllowParticipantControl is a per-user setting; that means it applies to individual users as opposed to everyone in a meeting. Does that matter? You bet it does. Consider two users with two different conferencing policies:

Pilar Ackerman's conferencing policy prohibits her from taking control of a shared application. That applies to every single meeting that Pilar takes part in, including meetings that she organizes herself. Pilar can never take control of a shared application, ever. (Or at least not as long as her conferencing policy prohibits it.)

Note. Nor can she cede control of an application. If Pilar shares an application (or her desktop) then she's the only one who can maintain control of that application.

As for Ken Myer, his conferencing policy allows him to take (and cede) control of an application. And yes, this applies to any meeting that Ken takes part in, including meetings that Pilar organizes. In a case like that, Pilar (the meeting organizer) won't be able to take control of an application, but Ken Myer will.

Oh, hey. Thanks for reminding us: we never did show you how to modify this setting, did we? Well, that's easy enough to rectify. Here's a command which allows users to take (or give up) control of an application:

Set-CsConferencingPolicy –Identity global –AllowParticipantControl $True

And here's a command that prevents them from doing all of that:

Set-CsConferencingPolicy –Identity global –AllowParticipantControl $False