Sdílet prostřednictvím


Deploying policies to SharePoint Workspace users

 

Applies to: SharePoint Workspace 2010, Groove Server 2010

Topic Last Modified: 2011-08-05

This article describes how to set and deploy management policies to Microsoft SharePoint Workspace users who are Groove Server Manager domain members.

The procedure in this article requires that Groove Server Manager is installed as described in Install and configure Groove Server 2010 Manager.

In this article:

  • Deploying management policies to SharePoint Workspace users

  • SharePoint Workspace policy tables

Deploying Groove Server Manager policies to SharePoint Workspace users

The following procedure explains how to distribute member and security policies for Microsoft SharePoint Workspace users who are management domain members. The Groove Server Manager administrative interface lets you set policies that you can then assign to selected SharePoint Workspace users or groups. The Default template that appears in the navigation pane contains default settings for Groove Server Manager policies. You can distribute the default policies as is, or you can change them, as described in the following procedure.

To deploy management policies to SharePoint Workspace users

  1. Create a directory of SharePoint Workspace users for Groove Server 2010 Manager, as described in Create a SharePoint Workspace user directory for Groove Server Manager.

  2. Log on to the Groove Server Manager administrative Web site and expand the management domain in the navigation pane.

  3. Expand Policies in the navigation pane to review or change policy settings.

    Note

    The Default Policy template is assigned to new users by default.

  4. To change the policy template for the management domain or selected members, expand Members or a group in the navigation pane and select a template as follows:

    • To change the policy template for all management domain or group members, click Group Properties in the toolbar, select a template from the Policy Template drop-down menu, select Apply to all group members, and then click OK.

    • To change the policy template for the domain or a group without affecting template assignments for existing members or groups, click Group Properties in the toolbar, select a template from the Policy Template drop-down menu, and then click OK. Do not select Apply to all group members.

    • To change the policy template for a specific member, click the member name, select a template from the Policy Template drop-down menu, and then click OK.

    For information about how to create member groups, see Managing SharePoint Workspace users.

  5. To update an existing template, click Default or another template in the Policies list, click the Member Policies or Security Policies tab that you need, review or edit the policies, and then click OK. For guidance in editing policy settings, see the tables in SharePoint Workspace policy tables.

    Note

    To display policies for SharePoint Workspace 2010 only, Groove 2007 only, or for both SharePoint Workspace 2010 and Groove 2007, click the Default or other template and then select the applicable option in the View policies for menu.

  6. To create a template for a new collection of policies, click Add template in the toolbar, enter the name of the new template, and then click OK.

  7. To clone a policy template with its settings, you can copy the template and save it under a new name, as follows: click the Clone Template button shown after each template in the Policies list, enter a new template name and optional description in the appropriate fields, and then click OK.

  8. To change a policy template name or description, select the policy template, click Properties in the toolbar, edit the name or description, and then click OK.

  9. To delete a policy template from the Policies list, select the check box of the templates that you want to delete from the Policies list, click Delete Selected Templates in the toolbar, and then confirm your decision and click OK.

SharePoint Workspace policy tables

The following tables list and describe member, security, and audit policies that you can deploy to SharePoint Workspace users from Groove Server Manager.

Note

The tables describe Groove Server Manager 2010 policies, except where otherwise noted.

Member policies

Managed SharePoint Workspace user policies Policy settings Description

Account Policies

  • Members cannot create or import multiple accounts.

  • Members can only use managed identities from this domain on devices in this domain. (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)

Enables you to specify whether managed SharePoint Workspace users can create or import additional accounts (besides the account that you manage).

For a description of the Groove 2007 device policy, see Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).

Account Backup Policies

Backup account interval in days: <number of days>

Enables you to set a SharePoint Workspace account backup interval.

Public Contact Directory Policies

  • Allow publishing of vCard (identity information) to the Public Directory of SharePoint Workspace contacts.

  • Prevent members from searching the Public Directory of SharePoint Workspace contacts.

Enables you to specify whether managed SharePoint Workspace users can publish their identities to the Public Workspace Contact Directory.

Workspace Version Policies

  • Workspace Acceptance and Restoration Policy

    Minimum Workspace Version: Client default, Office Groove 2007, or No Minimum

  • Workspace Creation Policy

    Default Workspace Version: Office Groove 2007, SharePoint Workspace 2010, or Client Default

Enables you to specify what workspace versions are permitted on managed SharePoint Workspace clients.

Usage Policies

  • Prohibit non-Auditable tools.

  • Prohibit use of Shared Folders.

  • Prohibit use of SharePoint workspaces.

  • Prohibit use of Groove workspaces

  • Prohibit use of Forms and forms-based tools (including any InfoPath tools and the Discussion tool released with Groove 2007 and later).

  • Prohibit the use of games.

  • Prohibit use of the Files and Documents tools

  • Prohibit the use of the Pictures tool.

Enables you to restrict SharePoint Workspace usage. Note that prohibiting Groove tools can have unintended consequences due to relationships among Groove tools or between Groove tools and third-party tools. See the SharePoint Workspace client product Help for more information about Groove tools,.

Bandwidth Policies

Limit bandwidth to: bits/second, kilobits/second, megabits/second (minimum 4800 bits/second)

Enables you to set SharePoint Workspace bandwidth limitations. Limiting bandwidth may greatly affect the performance of the SharePoint Workspace client.

Security policies

Managed SharePoint Workspace security policies Policy settings Description

Blocked Files Policy

Override the Microsoft SharePoint Workspace default list of blocked files.

Enables you to change the Microsoft SharePoint Workspace default list of blocked files or delete the contents of the list to enable all files.

Account Usage Policy

Restrict Microsoft SharePoint Workspace identities to OS logon in listed forests only.

Enables you to prevent users who do not have a managed SharePoint Workspace identity from logging on to the client operating system.

User Verification Policy

  • Do not warn or restrict members when communicating with any contacts.

  • Warn member before communicating with contacts that have been neither administrator-certified nor manually verified by the member.

  • Only allow members to communicate with administrator-certified contacts.

Enables you to specify how SharePoint Workspace handles or flags unverified contacts.

Login Method

  • Password creation rules.

  • Smart cards

(This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)

For a description of this Groove 2007 policy, see Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).

Password Policies

Password content and creation rules, as described in Groove Management Domain Operations (https://technet.microsoft.com/en-us/library/cc262699.aspx). (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)

For a description of these Groove 2007 policies, see Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).

Account Lockout Policy

Number of invalid login attempts before account is locked. (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)

For a description of this Groove 2007 policy, see Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).

Audit policies

Managed SharePoint Workspace Audit policies Policy settings Description

Audit Server Policy

  • Audit Server URL:

    Upload audit logs every ___ days.

    Disable SharePoint Workspace if auditing fails.

Enables you to specify a URL for a Groove Audit server and enable client auditing, if you installed the optional Groove Auditing capability. For more information about how to install Groove Server Manager for Groove Audit, see Install and configure Groove Server 2010 Manager.

SharePoint Workspace Client Events

  • Audit all client events.

    Audit instant messages and invitations

    Audit logon and logoff events

    Audit contact events.

  • Audit workspace events.

Enables you to specify auditable SharePoint Workspace events.

Tool Events

  • Chat

  • Discussion

  • Document Review

  • Files

  • Forms Tool

  • Groove File Sharing

  • InfoPath Tool

  • SharePoint Mobile Workspaces

Enables you to select auditable tool events.

File contents policy

Audit contents of files added to tools. (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)

For a description of this Groove 2007 policy, see the Groove Audit Policies section of Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).