Topic Last Modified: 2011-05-11
In this documentation, we use the term external user to refer to a user who signs in to your Microsoft Lync Server 2010 deployment from outside the firewall. External users that you can authorize to use Microsoft Lync Server 2010 communications software to communicate with internal users (that is, users who sign in to Lync Server 2010 from inside the firewall) can include the following:
- Remote users Users within your
organization who sign in to Lync Server from outside the firewall
by using a virtual private network (VPN) when they are not
connected to the organization’s network (for example, business
travelers and telecommuters).
- Federated users Users who have an
account with a trusted customer or partner organization. When you
have established a trust relationship with this type of
organization’s domain, you can authorize users in that domain to
access your Lync Server deployment. This trust relationship is
called federation and it is not related to or dependent upon an
Active Directory trust relationship.
- Public IM users Users of public instant
messaging (IM) services, including any or all of the following:
Windows Live, AOL, and Yahoo!, in addition to XMPP-based providers
and servers, such as Google Talk and Jabber by using an Extensible
Messaging and Presence Protocol (XMPP) gateway. A public IM service
provider is a specific type of federated partner. Support for
public IM users has specific requirements that are different from
the requirements for users of other federated partners. Customers
that do not have a volume license for Lync Server 2010 require a
separate license if they choose to configure public IM connectivity
with Windows Live, AOL, and Yahoo! For details, see "Changes in
Office Communications Server Public IM Federation" at http://go.microsoft.com/fwlink/?linkid=197275 and
"Microsoft Lync: Pricing and Licensing" at http://go.microsoft.com/fwlink/?LinkId=202848.
Note: To use XMPP, you must install the XMPP Gateway. You can download the XMPP Gateway from the Microsoft Download Center at http://go.microsoft.com/fwlink/?LinkId=204552. After you install the XMPP Gateway, you need to install the hotfix, which is available for download from http://go.microsoft.com/fwlink/?LinkId=204561.
- Anonymous users Users who do not have a
user account in your organization's Active Directory Domain
Services (AD DS) or in a supported federated domain, but who have
received invitations to participate remotely in an on-premises
Your edge deployment authenticates these types of external users and controls external access for the following types of communication:
- IM and presence Authorized external
users can participate in IM conversations and conferences, and they
can get information about one another’s presence status. Users of
public IM service providers and federated users can participate in
IM conversations with individual Lync Server users in your
organization and access presence information, but they cannot
participate in Lync Server-based IM multiparty conferences. It is
strictly peer-to-peer communication. File transfer is not supported
for users of public IM service providers, and audio/video in
peer-to-peer communications is supported for Windows Live Messenger
2011 users, but not other users of public IM service providers.
- Web conferencing Authorized external
users can participate in conferences that are hosted on your Lync
Server deployment. Remote users, federated users, and anonymous
users can be enabled for participation in web conferencing, but
public IM users cannot participate in conferences. Depending on the
options that you select, web conferencing-enabled users can
participate in desktop and application sharing and can act as
meeting organizers or presenters.
- A/V conferencing Authorized external
users can share audio and video in conferences that your Lync
Server deployment provides.
In order to control communications across the firewall, you can configure one or more policies that define how users inside and outside your firewall communicate with each other. You can also configure settings and apply policies for individual internal users or for specific types of external users to control communications with external users.