Topic Last Modified: 2010-12-14

Returns information about the client personal identification number (PIN) policies configured for use in your organization. PIN authentication enables users to access Microsoft Lync Server 2010 by providing a PIN instead of a user name and password.

Syntax

Get-CsPinPolicy [-Identity <XdsIdentity>] [-LocalStore <SwitchParameter>]
Get-CsPinPolicy [-Filter <String>] [-LocalStore <SwitchParameter>]

Parameters

Parameter Required Type Description

Identity

Optional

XdsIdentity

Unique identity assigned to the policy when it was created. PIN policies can be assigned at the global, site, or per-user scope. To refer to the global instance, use this syntax: -Identity global. To refer to a policy at the site scope, use this syntax: -Identity site:Redmond. To refer to a policy at the per-user scope, use syntax similar to this: -Identity RedmondPolicy.

Wildcard characters such as the asterisk (*) cannot be used with the Identity parameter. To do a wildcard search for policies, use the Filter parameter instead.

If neither the Identity nor the Filter parameter is specified Get-CsPinPolicy returns information about all the PIN policies configured for use in your organization.

Filter

Optional

String

Enables you to do a wildcard search for PIN policies. For example, to find all the policies configured at the site scope, use this Filter: site:*. To find the site policies Seattle, Seville, and Saskatoon (all of which start with the letter "S") use this Filter: site:S*. Note that this parameter can only filter on the Identity property.

LocalStore

Optional

Switch Parameter

Retrieves the PIN policy data from the local replica of the Central Management store rather than from the Central Management store itself.

Detailed Description

Lync Server 2010 enables users to connect to the system, or to join public switched telephone network (PSTN) conferences via telephone. Typically, logging on to the system or joining a conference requires the user to enter a user name or password; unfortunately, entering a user name and password can be a problem if you are using a phone that does not have an alphanumeric keypad. Because of that, Lync Server 2010 enables you to supply users with numeric-only PINs; when prompted, users can then log on to the system or join a conference by entering the PIN instead of a user name and password.

Lync Server uses PIN policies to manage PIN authentication properties; for example, you can specify the minimum length for a PIN and determine whether you will allow PINs that use "common patterns" such as consecutive digits (for example, a PIN like 123456). You can use the Get-CsPinPolicy cmdlet to retrieve information about the PIN policies currently configured for use in your organization.

Who can run this cmdlet: By default, members of the following groups are authorized to run the Get-CsPinPolicy cmdlet locally: RTCUniversalUserAdmins, RTCUniversalServerAdmins. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt:

Get-CsAdminRole | Where-Object {$_.Cmdlets –match "Get-CsPinPolicy"}

Input Types

None. Get-CsPinPolicy does not accept pipelined input.

Return Types

Get-CsPinPolicy returns one or more instances of the Microsoft.Rtc.Management.WritableConfig.Policy.UserPin.UserPinPolicy object.

Example

-------------------------- Example 1 ------------------------

Copy Code
Get-CsPinPolicy

The command shown in Example 1 returns a collection of all the PIN policies configured for use in the organization. Calling Get-CsPinPolicy without any parameters always returns the complete set of PIN policies.

-------------------------- Example 2 ------------------------

Copy Code
Get-CsPinPolicy -Identity "site:Redmond"

Example 2 returns a single PIN policy: the policy with the Identity site:Redmond.

-------------------------- Example 3 ------------------------

Copy Code
Get-CsPinPolicy -Filter "tag:*"

The command shown in Example 3 uses the Filter parameter to return all the policies that have been configured at the per-user scope. This is done by using the filter value "tag:*"; this value instructs Get-CsPinPolicy to return only those policies that have an Identity that begins with the characters "tag:".

-------------------------- Example 4 ------------------------

Copy Code
Get-CsPinPolicy | Where-Object {$_.AllowCommonPatterns -eq $True}

Example 4 returns all the PIN policies where the AllowCommonPatterns property is True. In this example, Get-CsPinPolicy is first called without any additional parameters; that returns a collection of all the PIN policies configured for use in the organization. That collection is then passed to the Where-Object cmdlet, which picks out only those policies where the AllowCommonPatterns property is equal to True.

-------------------------- Example 5 ------------------------

Copy Code
Get-CsPinPolicy | Where-Object {$_.PinLifetime -gt 30}

Like Example 4, the command shown in Example 5 uses Where-Object to return a subset of the existing PIN policies. In this case, Where-Object retrieves only those policies where the PinLifetime property is greater than 30. That means only policies that have PIN expiration times of more than 30 days will be returned.

See Also