Allowing or restricting custom policies for Sametime® clients
Optionally allow or restrict features for clients by creating exception rules for the policy service in the policyExceptions.xml file.
About this task
Sometimes you need to disable features for a specific client version or for particular client IDs; for example because of a known problem or a limitation. You can either allow or restrict custom policies for specific client versions and IDs.
The policy service on the Sametime® Community Server manages a list of exception rules for specific client versions and client types (IDs). The exceptions are assigned a "weight" and are then compared with the user's policy assignment weight, which was calculated by the policy service. If the exception is weighted higher, the user will be assigned the exceptions defined in the policyExceptions.xml file.
The code that handles exception rules is invoked after a user policy is calculated. The STPolicy application (on the Community Server) looks for exception rules defined for a client ID and for the client version. If more than one exception rule is found, the rule with the higher weight is selected. The selected exception rule is applied to the user only if its weight is higher than a weight of the policy that was already assigned to that user by his or her direct/group assignment).
The STPolicy application reads the exception rules when the server is started, and again every time the regular policy rules are loaded from the Sametime® System Console (once every 60 minutes).
Procedure
- Create an XML file using standard XML syntax rules with
a text or XML/HTML editor.
Use the following opening and closing tags:
<PolicyExceptionsRules> ... </PolicyExceptionsRules>
- Determine values for the
client_ids
andclient_versions
settings.The exceptions can apply to either client versions, client IDs, or a combination of both.
- The client version is a base version of the client that includes all fix levels (for example
8.5.2.0). You can specify multiple client versions.
The
client_versions
setting uses a 4 digit number that includes the base Sametime® version. The policy exception rules apply to any running client that matches one of the specifiedclient_versions
values. Table 1 lists examples of clients and their corresponding version values.Table 1. Examples of client versionsThe value for a client version specifies the base version, plus release and milestone versions, as a 4-digit number. Client client_versions
valueSametime® 8.5.2 8520 Sametime® 8.5.2 IFR1 8521 Sametime® 9 9000 - The client ID is a specific build of a particular client (such as Notes® 8.5.2 with Sametime® embedded 8.5.2). You can specify
multiple client IDs.
The
client_ids
setting must be formatted in decimal format. Use the HCL® knowledge article Table of Client types that are connecting to a Sametime server to identify the client IDs and their corresponding decimal values. Table 2 lists examples of clients and their corresponding hexadecimal IDs and decimal values, which are listed in the technote.Table 2. Examples of client IDsThe value for a client ID must be specified as the decimal equivalent of the client's hexadecimal ID. Client Hexadecimal ID Decimal equivalent Sametime® Connect client 8.5.2 0x130D 4877 Notes® 8.5.2 using the Embedded Sametime® 8.5.2 client 0x1240 4672 Notes® 9.0.1 using the Embedded Sametime® 8.5.2 client 0x1298 4760
- The client version is a base version of the client that includes all fix levels (for example
8.5.2.0). You can specify multiple client versions.
- Create the rules in the XML file by inserting a
<Rule />
section (one for each rule) between the opening and closing tags that you created in step 1. - For each policy setting that is affected by the rule, create
a
<Policy />
statement that specifies the policy ID and setting for each policy exception.The following example shows two rule sections with policy statements:
<PolicyExceptionsRules> <Rule id="1" weight="10" product="im" client_versions="8500,8520" client_ids="4870,4874"> <Policy id="2006" value="0" /> <Policy id="2012" value="http://sametime.server.com/updates" /> <Policy id="2014" value="800" /> </Rule> <Rule id="2" weight="20" product="av" client_versions="" client_ids="4868,4878"> <Policy id="av.avCapAvailableThroughSMS" value="0" /> <Policy id="av.allowChangesToPrefNumbers" value="0" /> <Policy id="2024" value="0" /> </Rule> </PolicyExceptionsRules>
Rule id="1"
uses a weight of "10"
and is enabled for instant messaging. It applies to client IDs4870
and4874
, but only for client versions8.5
and8.5.2
(other versions of those client IDs will not be affected). This rule specifies three policies that will be applied to the specified clients when used with instant messaging:2006
(Maximum days to save automatically saved chat transcripts) is set to 0 days, so transcripts will not be saved.2012
(Sametime® update site URL) specifies the URL where users can access client updates.2014
(Limit contact list size) is set to 800 contacts per user.
Rule id="2"
uses a weight of"20"
and is enabled for media services (audio and video). It applies to client IDs4868
and4878
, for all versions of those clients. This rule specifies three policies that will be applied to the specified clients when used with media services:av.avCapAvailableThroughSMS
(Voice and video capabilities available through the Sametime® Media Server) is set to 0, so audio/video will not be available through the Media Manager server for the specified clients.av.allowChangesToPrefNumbers
(Allow changes to preferred numbers) is set to 0, so users cannot change preferred phone numbers.2024
(Allow changes to the permanent call routing rule ) is set to 0, so users cannot change call routing rules.
- Deploy and test the policyExceptions.xml file.
- Save and close the policyExceptions.xml file.
- Open the file in a browser and confirm there are no syntax errors displayed (correct any errors before proceeding).
- Copy the policyExceptions.xml file to the Domino® program directory on every Sametime® Community Server in the deployment.
- Restart every Sametime® Community Server (or wait for the configuration refresh interval, which is approximately every 60 minutes).
- Restart your Sametime® client, log in, and confirm that the correct policy exceptions are displayed.