Compliance in the enterprise is a funny thing. Some companies take the approach that they have to save everything forever. Some take the opposite approach that they only keep limited backups, control what the user can save, and purge everything else. This post will describe how to control and prohibit users from saving IM’s to Outlook or their local folder structure.
There are three major ways to archive/save IM conversations for Lync:
- Install and configure the Lync Archiving Role
- Allow client side “Conversation History” through the Outlook client
- Allow users to save an IM to a file
We will not go into #1 since if you do not install or configure the Archiving role, then IM’s will not be centrally saved within a SQL database.
Disable Conversation History in Outlook
By default when Lync is installed, Lync integrates with Exchange/Outlook and creates a Conversation History folder to save all conversations including IMs, audio, video, and web conferences. Also by default, all conversation logs are set to save in this folder.
These options can be set in the client by the user:
The administrator can disable these settings from user control by setting a Lync client policy which gets applied to the client through in-band provisioning. There are two parameters that can be set here, one for IM conversations and one for call logs. The following command disables the automatic saving of both options:
Set-CsClientPolicy –Identity Test –EnableIMAutoArchiving $false –EnableCallLogAutoArchiving $false
Note that I am setting a specific policy which is already granted to my users. You could easily set these parameters on the Global Client Policy to apply to everyone.
After applying the policy, the options are now unchecked and disabled from user control:
With these policies configured, a user still has the option of saving IM conversation manually.
Disable the Ability to Save IM Conversations Manually
When in an IM conversation, a user has the option to save an IM to Outlook or as a separate file:
The administrator can disable this option by setting a Lync client policy which gets applied to the client through in-band provisioning. The following command disables the ability to manually save IM conversations:
Set-CsClientPolicy –Identity Test –DisableSavingIM $true
Note that I am setting a specific policy which is already granted to my users. You could easily set these parameters on the Global Client Policy to apply to everyone.
Now the option is no longer available within the IM conversation:
This post described how to disable IM conversation logging and saving. Hope this helps.