Configuring Policies
In previous versions of Sametime there was a graphical user interface available to configure policies. In Sametime 11 configuring policies is done in the policies.user.xml file, which is located on the Community server in the Domino program directory.
About this task
You can use the policies.user.xml file to restrict or grant access to users depending upon their level of need. For example, the maximum size for a file being transferred is set by default at 1 megabyte to help manage traffic over the servers. However, you might have a group of users who have a business need to transfer larger files. You can set a new policy specific to those users that has a higher maximum.
You need operating system access to the Sametime Community server for this task.
For Sametime 11 required manual settings, see the HCL Sametime 11 Limited Use after installation technote.
About the policies.user.xml file
- Instant Messaging default (im.default.policy)
- Instant Messaging Anonymous (im.anonymous.policy)
- Audio Video default (av.default.policy)
- Audio Video Anonymous (av.anonymous.policy)
- Meetings default (ms.default.policy)
- Meetings Anonymous (ms.anonymous.policy)
If you open the file using a text or XML editor, you will also notice a template that has been
commented with <!-
notation. This section is to be used as template to create
new policies. When making changes to policies ensure you are in the correct policy template.
- Ampersand (
&
) - Apostrophe (
'
) - Quotation mark (
"
) - Greater than character (
>
) - Less than character (
<
) - backslash character (
\
) - Forward slash (
/
) - spaces (
Modifying the Default or Anonymous Instant Messaging Policy
- Remote to the Sametime Community Server.
- Browse to the Domino program directory (typically c:\Program Files\HCL\Domino).
- Use a text or xml editor to open the policies.user.xml file.
- Locate the correct template:
- To make changes to the default template, look for the line that begins with:
<policy id="im.default.policy" weight="1">
- To make changes to the anonymous template, look for the line that begins with:
<policy id="im.anonymous.policy" weight="0">
- To make changes to the default template, look for the line that begins with:
This is the beginning of the policy. From here, the policy is divided into attribute groups:
Attribute group name | What is inside |
---|---|
imserver.policygroup.chat |
Persistent Chat enableOffline Messages im.thirdPartyMeetingEnabled = Set to true to enable Sametime 11.6 meetings im.metingsEnabled = Set to true to enable Sametime 11.6 meetings im.2019.label = User must set this community as the default server community (IC) im.2011.label = Allow user to add multiple server communities (IC) im.2001.label = Allow user to add external users using Sametime gateway communities im.2002.label = Allow user to save chat transcripts (IC) im.2004.label = Automatically save chat transcripts (IC) im.2006.label = Maximum days to save automatically saved chat transcripts (IC) im.2014.label = Limit contact list size im.2015.label = Contacts im.2010.label = Allow mobile client im.2012.label = Sametime update site URL (IC) im.3000.label = Allow all Sametime Connect features to be used with integrated clients (IC) |
imserver.policygroup.image |
im.2008.label = Allow custom emoticons (IC) im.2009.label = Allow screen capture and images (IC) im.2020.label = Set maximum image size for custom emoticons, screen captures, and inline images (IC) im.2021.label = KB |
imserver.policygroup.filetransfer |
im.1.label = Allow user to transfer files through server (IC) im.2.label = Maximum individual file transfer size, in Kilobytes, for files sent through the server (IC) im.3.label = Use exclude file types transfer list, for files sent through the server (IC) im.4.label = Types to exclude from transfer. Type the three-letter extension of each file type, separated by a comma or semicolon (IC) im.2005.label = Allow client-to-client file transfer (IC) im.allowTransferringMutipleFilesAndFolders = allows users to transfer multiple files and folders in a chat im.allowTransferringFiletoNWayParticipants = allows users to transfer files to all participants in a n-way chat im.maxNumberUsersToReceiveSingleFileInOneFileTransferSession = set a maximum numbers of users in the n-way chat to receive files during a file transfer. |
imserver.policygroup.plugin |
im.2013.label = Allow user to install plug-ins (IC) im.2022.label = Sametime optional plug-in site URLs. Type the URLs separated by a comma or semicolon (IC) |
imserver.policygroup.mobile |
im.mobile.allowLocationReporting.label = Allow location reporting im.mobile.disableUntrustedSsl.label = Disable untrusted SSL im.mobile.disablePasswordSave.label = Disable password save im.mobile.AllowSendFiles - Allows the mobile to send files if file transfer policy is also enabled im.mobile.AllowReceiveFiles - Allows the mobile to receive files if file transfer policy is also enabled (means files received over chat will be stored in Files app for iOS and on the synonymous thing for Android. If you don't want files outside the app, turn this off and all we have to do is not advertise the capability and no one can send to you.) im.mobile.restrictClipboard - Clipboard will be cleared when you go to the background. im.mobile.allowShareChatImages - Means that images sent to a user in a chat can be shared outside the container. To photos, Files, other apps, etc. im.mobile.allowSendImages - Allows the mobile to send photos if im.2009 (Allow screen capture and images) policy is also enabled. im.mobile.mamPolicySignature - Enables an administrator to require that mobile devices running HCL Sametime be managed. |
To enable or disable a feature, locate the feature’s current-value and change to either 0 for disabled, or 1 for enabled.
For example, to disable “User must set this community as the default server community”, locate the feature ‘s label (im.2019) then change the XML syntax from current-value=”0”
<p:policy-attribute id="im.2019" type="boolean" current-value="0" default-value="0"
master-attribute-link="null" possible-value-labels="null" possible-values="null"
label="im.2019.label" description="im.2019.desc" visible="true"/>
Change to current-value=”1”
<p:policy-attribute id="im.2019" type="boolean" current-value="1" default-value="0"
master-attribute-link="null" possible-value-labels="null" possible-values="null"
label="im.2019.label" description="im.2019.desc" visible="true"/>
Modifying the Default or Anonymous Meetings Policy
- Remote to the Sametime Community Server.
- Browse to the Domino program directory (typically c:\Program Files\HCL\Domino).
- Use a text or xml editor to open the policies.user.xml file.
- Locate the correct template:
- To make changes to the default template, look for the line that begins with:
<policy id="ms.default.policy" weight="1">
- To make changes to the anonymous template, look for the line that begins with:
<policy id="ms.anonymous.policy" weight="0">
- To make changes to the default template, look for the line that begins with:
This is the beginning of the policy. From here, the policy is divided into attribute groups:
Attribute group name | What is inside |
---|---|
ms.policygroup.1.label |
ms.9.label=Maximum persistent meeting rooms this user can own ms.15.label=Allow user to create instant (non-persistent) meeting rooms ms.17.label=Automatically connect to meeting server when logging into Sametime Connect (IC) ms.14.label=Allow searching for meeting rooms ms.13.label=Allow searching for hidden meeting rooms ms.16.label=Show "Scheduled Meetings" view (IC) ms.11.label=Allow meetings to be recorded (IC) ms.12.label=Allow meeting room content to be downloaded ms.1.label=Meeting room group chats ms.21.label=Allow meeting room polls ms.22.label=Allow annotations of uploaded content ms.25.label=Require meeting rooms to have a password ms.26.label=Allow guest access to meeting rooms |
ms.policygroup.2.label |
ms.7.label=Maximum file upload size, in Megabytes ms.8.label=Maximum total size of library, in Megabytes ms.23.label=Allow this user to add files from a content repository |
ms.policygroup.3.label |
ms.2.label=Allow screen sharing ms.3.label=Allow user to control another user's shared screen (IC) ms.18.label=Allow peer-to-peer application sharing (IC) ms.19.label=Enforce bandwidth limits ms.20.label=Maximum bandwidth size, in Kilobytes per second |
To enable or disable a feature, locate the feature’s current-value and change to either 0 for disabled, or 1 for enabled. Some of these policy attributes have values other than 0 or 1, please check the Meetings Policy IDs document.
For example, to enable meeting recording, change the syntax of the ms.11.label current-value from 1 to 0.
<p:policy-attribute id="ms.11" visible="true" description="" label="ms.11.label"
possible-values="" possible-value-labels="" master-attribute-link="" default-value="1"
current-value="0" type="boolean"/>
Modifying the Default or Anonymous Audio Video Policy
- Remote to the Sametime Community Server.
- Browse to the Domino program directory (typically c:\Program Files\HCL\Domino).
- Use a text or xml editor to open the policies.user.xml file.
- Locate the correct template:
- To make changes to the default template, look for the line that begins with:
<policy id="av.default.policy" weight="1">
- To make changes to the anonymous template, look for the line that begins with:
<policy id="av.anonymous.policy" weight="0">
- To make changes to the default template, look for the line that begins with:
This is the beginning of the policy. From here, the policy is divided into attribute groups:
Attribute group name | What is inside |
---|---|
avserver.policygroup |
av.allowAccessToTPartyFromCListAndIM.label = Allow access to third-party service provider capabilities from contact lists, instant messages, and meetings av.allowChangesToPrefNumbers.label = Allow changes to preferred numbers av.avCapAvailableThroughSMS.label = Voice and video capabilities available through the Sametime Media Server av.allowWebClient.label = Allow Audio/Video use in the web browser av.allowMultipointCalls.label = Allow access to internal service provider for audio and video conferences av.enableSVC.label = Enable Scalable Video Codec Support av.enableClientEncryption.label = Enable encryption for client av.videoResolution.label = Video resolution av.customVideoResolution.label = Custom video resolution av.lineRate.label=Client line rate (kbps) av.ConferenceTemplateList |
sut.policyGroup |
sut.2024.label = Allow changes to the permanent call routing rule sut.2025.label = Allow use of "Offline" status in call routing rules |
sutlite.policyGroup |
av.allowSIPTrunking |
av.mobilePolicy |
av.allowMobileClient av.allowmobileWifiOnly av.mobileLineRate av.mobileAllowCallHistory |
av.ConferenceDefaultTemplate |
av.isGroupEnabled av.ConferenceTemplateName_Default av.allowCascadedConference av.conferenceMode_Default av.conferenceModeExperience_default av.ConferenceLineRate_Default av.ConferenceEncryption av.videoQuality_Default |
To enable or disable a feature, locate the feature’s current-value and change to either 0 for disabled, or 1 for enabled. Some of these policy attributes have values other than 0 or 1, please check the Media services (audio and video) policy IDs.