Topic Last Modified: 2011-02-03
By default, no policies are configured to support external user access, including remote user access, federated user access, even if you have already enabled external user access support for your organization. To control the use of external user access, you must configure one or more policies, specifying the type of external user access supported for each policy. This includes the following external access policies:
- Global policy The global policy is
created when you deploy your Edge Servers. By default, no external
user access options are enabled in the global policy. To support
external user access at the global level, you configure the global
policy to support one or more types of external user access
options. The global policy applies to all users in your
organization, but site policies and user policies override the
global policy. If you delete the global policy, you do not remove
it. Instead, you reset it to the default setting.
- Site policy You can create and
configure one or more site policies to limit support for external
user access to specific sites. The configuration in the site policy
overrides the global policy, but only for the specific site covered
by the site policy. For example, if you enable remote user access
in the global policy, you might specify a site policy that disables
remote user access for a specific site. By default, a site policy
is applied to all users of that site, but you can assign a user
policy to a user to override the site policy setting.
- User policy You can create and
configure one or more user policies to limit support for remote
user access to specific users. The configuration in the user policy
overrides the global and site policy, but only for the specific
users to whom the user policy is assigned. For example, if you
enable remote user access in the global policy and site policy, you
might specify a user policy that disables remote user access and
then assign that user policy to specific users. If you create a
user policy, you must apply it to one or more users before it takes
To support participation by anonymous users in conferences, you must configure a conferencing policy and assign the policy to users. Assigning a conferencing policy in which anonymous participation is enabled to users or user groups enables those users to invite anonymous users to conferences that they host.
In addition to external user access policies and conferencing policies, some external user access options, including access by federated users and access by public users, require configuration of other options. This includes the following:
- Specifying allowed and blocked domains for federated partners,
in addition to any specific servers running the Access Edge service
that you want to allow or block.
- Specifying which specific service providers your organization
supports, including the name of the server running the Access Edge
service and the verification level supported for the provider.