立即与支持人员聊天
与支持团队交流

Active Roles 7.6 - Solutions Guide

Active Roles Solutions Overview Exchange Resource Forest Management Configuration Transfer Wizard Solution Active Roles SPML Provider Skype for Business Server Solution
Introducing Skype for Business Server User Management Supported Active Directory topologies User Management policy Master Account Management policy Access Templates for Skype for Business Server Deploying the Solution Managing Skype for Business Server Users
Management Pack for SCOM

Deployment in a single-forest environment

In a single-forest environment, you only need to link the Built-in Policy - Skype for Business - User Management Policy Object to the Active Directory domains or containers that hold user accounts for which you want Active Roles to perform Skype for Business Server user management tasks.

To link the Policy Object to an organizational unit or domain

  1. In the Active Roles console tree, select Configuration | Policies | Administration | Builtin.
  2. In the details pane, right-click the Built-in Policy - Skype for Business - User Management Policy Object, and then click Policy Scope.
  3. In the dialog box that appears, click Add, and then select the desired organizational unit or domain.

Out of the box, the Policy Object has all policy settings configured. You can use the Active Roles console to view or change policy settings as needed.

To view or change policy settings

  1. In the Active Roles console tree, select Configuration | Policies | Administration | Builtin.
  2. In the details pane, double-click the Built-in Policy - Skype for Business - User Management Policy Object.
  3. In the Properties dialog box that appears, go to the Policies tab, and double-click the entry in the list of policies.
  4. In the Properties dialog box that appears, do any of the following:
    • On the Server tab, specify how you want Active Roles to select a computer running Skype for Business Server.
    • On the SIP User Name tab, configure a rule for generating the SIP user name in the user SIP address.
    • On the SIP Domain tab, configure a rule to restrict selection of a SIP domain for the user SIP address.
    • On the Pool tab, configure a rule to restrict selection of an Enterprise Edition Front End pool or Standard Edition server to which Skype for Business Server users can be assigned.
    • On the Telephony tab, configure a rule to restrict selection of a Telephony option for Skype for Business Server users.

For detailed description of the policy settings, see User Management policy settings earlier in this document.

Deployment in a multi-forest environment

In a multi-forest environment, you need to perform the following deployment tasks:

  • Apply the Master Account Management policy  Adjust the Forest Mode policy setting in the Built-in Policy - Skype for Business - Master Account Management Policy Object and then link that Policy Object to Active Directory domains or containers that hold logon-enabled user accounts in user forests (master accounts) for which you want Active Roles to perform Skype for Business Server user management tasks.
  • Apply the User Management policy  Link the Built-in Policy - Skype for Business - User Management Policy Object to Active Directory domains or containers in the Skype for Business Server forest that hold shadow accounts.

    In case of central forest, you also need to link the Built-in Policy - Skype for Business - User Management Policy Object to Active Directory domains or containers in the Skype for Business Server forest that hold logon-enabled user accounts for which you want Active Roles to perform Skype for Business Server user management tasks.

Apply the Master Account Management policy

The Built-in Policy - Skype for Business - Master Account Management Policy Object enables Active Roles to perform Skype for Business Server user management tasks on user accounts in Active Directory forests that are external to the Skype for Business Server forest. It needs to be configured as appropriate to your Skype for Business Server forest mode (resource forest or central forest) and then linked to domains or containers in external user forests.

To configure the Policy Object

  1. In the Active Roles console tree, select Configuration | Policies | Administration | Builtin.
  2. In the details pane, double-click the Built-in Policy - Skype for Business - Master Account Management Policy Object.
  3. In the Properties dialog box that appears, go to the Policies tab, and double-click the entry in the list of policies.
  4. In the Properties dialog box that appears, go to the Forest Mode tab and select the option that matches the Skype for Business Server forest mode in your Skype for Business Server deployment (see Skype for Business Server forest mode).
  5. Review other policy settings:
    • On the Shadow Account tab, view or change the container and default description for new shadow accounts.
    • On the Master Account tab, view or change the attribute to store a reference to shadow account.
    • On the Synced tab, view or change the list of synchronized properties.
    • On the Substituted tab, configure your custom list of substituted properties in addition to the default list.
    • On the Back-synced tab, view or change the list of back-synchronized properties.

For detailed description of the policy settings, see Master Account Management policy settings earlier in this document.

To link the Policy Object to an organizational unit or domain

  1. In the Active Roles console tree, select Configuration | Policies | Administration | Builtin.
  2. In the details pane, right-click the Built-in Policy - Skype for Business - Master Account Management Policy Object, and then click Policy Scope.
  3. In the dialog box that appears, click Add, and then select the desired organizational unit or domain.

Apply the User Management policy

The Built-in Policy - Skype for Business - User Management Policy Object enables Active Roles to perform Skype for Business Server user management tasks on user accounts in the Skype for Business Server forest. It needs to be linked to domains or containers in the Skype for Business Server forest that hold shadow accounts. In case of central forest, you also need to link that Policy Object to Active Directory domains or containers in the Skype for Business Server forest that hold logon-enabled user accounts for which you want Active Roles to perform Skype for Business Server user management tasks.

To link the Policy Object to an organizational unit or domain

  1. In the Active Roles console tree, select Configuration | Policies | Administration | Builtin.
  2. In the details pane, right-click the Built-in Policy - Skype for Business - User Management Policy Object, and then click Policy Scope.
  3. In the dialog box that appears, click Add, and then select the desired organizational unit or domain.

Out of the box, the Policy Object has all policy settings configured. You can use the Active Roles console to view or change policy settings as needed.

To view or change policy settings

  1. In the Active Roles console tree, select Configuration | Policies | Administration | Builtin.
  2. In the details pane, double-click the Built-in Policy - Skype for Business - User Management Policy Object.
  3. In the Properties dialog box that appears, go to the Policies tab, and double-click the entry in the list of policies.
  4. In the Properties dialog box that appears, do any of the following:
    • On the Server tab, specify how you want Active Roles to select a computer running Skype for Business Server.
    • On the SIP User Name tab, configure a rule for generating the SIP user name in the user SIP address.
    • On the SIP Domain tab, configure a rule to restrict selection of a SIP domain for the user SIP address.
    • On the Pool tab, configure a rule to restrict selection of an Enterprise Edition Front End pool or Standard Edition server to which Skype for Business Server users can be assigned.
    • On the Telephony tab, configure a rule to restrict selection of a Telephony option for Skype for Business Server users.

For detailed description of the policy settings, see User Management policy settings earlier in this document.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级