Topic Last Modified: 2010-10-01

Assigns a conferencing policy at the per-user scope. Conferencing policies determine the features and capabilities that can be used in a conference. This includes everything from whether or not the meeting can include IP audio and video to the maximum number of people who can attend a meeting.


Grant-CsConferencingPolicy -Identity <UserIdParameter> [-PolicyName <String>] [-Confirm [<SwitchParameter>]] [-DomainController <Fqdn>] [-PassThru <SwitchParameter>] [-WhatIf [<SwitchParameter>]]


Parameter Required Type Description



User ID parameter

Indicates the Identity of the user account the policy should be assigned to. User Identities can be specified using one of four formats: 1) the user's SIP address; 2) the user principal name (UPN); 3) the user's domain name and logon name, in the form domain\logon (for example, litwareinc\kenmyer); and, 4) the user's Active Directory display name (for example, Ken Myer). User Identities can also be referenced by using the user’s Active Directory distinguished name.

Note that you can use the asterisk (*) wildcard character when specifying the user Identity. For example, the Identity "* Smith" returns all the users with a display name that ends with the string value " Smith".




"Name" of the policy to be assigned. The PolicyName is simply the policy Identity minus the policy scope (the "tag:" prefix). For example, a policy with the Identity tag:Redmond has a PolicyName equal to Redmond; a policy with the Identity tag:RedmondConferencingPolicy has a PolicyName equal to RedmondConferencingPolicy.

To unassign a per-user policy previously assigned to a user, set the PolicyName parameter to $Null.




Enables you to specify the fully qualified domain name (FQDN) of a domain controller to be contacted when assigning the new policy. If this parameter is not specified then Grant-CsConferencingPolicy will contact the first available domain controller.



Switch Parameter

Enables you to pass a user object through the pipeline that represents the user being assigned the policy. By default, the Grant-CsConferencingPolicy cmdlet does not pass objects through the pipeline.



Switch Parameter

Describes what would happen if you executed the command without actually executing the command.



Switch Parameter

Prompts you for confirmation before executing the command.

Detailed Description

Conferencing is an important part of Microsoft Lync Server 2010: conferencing enables groups of users (as few as two people to as many as 250 people) to come together online to view slides and video, share applications, exchange files, and otherwise communicate and collaborate.

It’s important for administrators to maintain control over conferences and conference settings. In some cases, there might be security concerns: by default, anyone, including unauthenticated users, can participate in meetings and save any of the slides or handouts distributed during those meetings. In other cases, there might be bandwidth concerns: having a multitude of simultaneous meetings, each involving hundreds of participants and each featuring video feeds and file sharing, has the potential to cause problems with your network. In addition, there might be occasional legal concerns. For example, by default meeting participants are allowed to make annotations on shared content; however, these annotations are not saved when the meeting is archived. If your organization is required to keep a record of all electronic communication, you might need to disable annotations.

Of course, needing to manage conferencing settings is one thing; actually managing these settings is another. In Lync Server 2010 conferences are managed by using conferencing policies. (In previous versions of the software, these were known as meeting policies.) As noted, conferencing policies determine the features and capabilities that can be used in a conference, including everything from whether or not the conference can include IP audio and video to the maximum number of people who can attend a meeting. Conferencing policies can be configured at the global scope, at the site scope, or at the per-user scope. This provides administrators with enormous flexibility when it comes to deciding which capabilities will be made available to which users.

When you create a site policy that policy is automatically assigned to the appropriate site at the time of creation. This is not the case with per-user policies: per-user policies are not assigned to anyone at the time they are created. Instead, you must use Grant-CsConferencingPolicy to explicitly assign per-user conferencing policies to a user or set of users.

Who can run this cmdlet: By default, members of the following groups are authorized to run the Grant-CsConferencingPolicy cmdlet locally: RTCUniversalUserAdmins. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt:

Get-CsAdminRole | Where-Object {$_.Cmdlets –match "Grant-CsConferencingPolicy"}

Input Types

String value or Microsoft.Rtc.Management.ADConnect.Schema.ADUser object. Grant-CsConferencingPolicy accepts pipelined input of string values representing the Identity of a user account. The cmdlet also accepts pipelined input of user objects.

Return Types

By default, Grant-CsConferencingPolicy returns no objects or values. However, if you include the PassThru parameter, the cmdlet will return instances of the Microsoft.Rtc.Management.ADConnect.Schema.OCSUserOrAppContact object.


-------------------------- Example 1 --------------------------

Copy Code
Grant-CsConferencingPolicy -identity "Ken Myer" -PolicyName SalesConferencingPolicy

In Example 1, Grant-CsConferencingPolicy is used to assign the policy SalesConferencingPolicy to the user with the Identity "Ken Myer".

-------------------------- Example 2 --------------------------

Copy Code
Get-CsUser -OU "ou=Finance,dc=litwareinc,dc=com" | Grant-CsConferencingPolicy -PolicyName FinanceConferencingPolicy

In the preceding example, the conferencing policy FinanceConferencingPolicy is assigned to all the users who have accounts in the Finance organizational unit. To assign the same policy to all the users in a given organizational unit (OU), the Get-CsUser cmdlet is used to retrieve all the accounts in that OU. After the user accounts have been retrieved, that information is then piped to the Grant-CsConferencingPolicy cmdlet, which assigns the FinanceConferencingPolicy policy to each user in the collection.

-------------------------- Example 3 --------------------------

Copy Code
Get-CsUser -OU "ou=Finance,dc=litwareinc,dc=com" | Grant-CsConferencingPolicy -PolicyName $Null

Example 3 represents a variation of Example 2: in this case, however, any per-user conferencing policies previously assigned to the users in the Finance OU are unassigned from these users. To do this, the command calls Grant-CsConferencingPolicy and specifies a null value ($Null) as the parameter value for the parameter PolicyName.

-------------------------- Example 4 --------------------------

Copy Code
Get-CsUser -LdapFilter "Department=Human Resources" | Grant-CsConferencingPolicy -PolicyName HRConferencingPolicy

In the preceding command, the policy HRConferencingPolicy is assigned to all the users who work in the Human Resource Departments. This is done by calling Get-CsUser and the LdapFilter parameter to retrieve the appropriate set of users; the parameter value "Department=Human Resources" limits the returned items to user accounts where the Department attribute has been set to "Human Resources". After the user accounts have been retrieved, that collection is piped to Grant-CsConferencingPolicy, which, assigns the policy HRConferencingPolicy to each user in the collection.

See Also