In the past I’ve heard at least a few discussions regarding administrators looking for a way to disable instant message functionality in Office Communications Server 2007. Some may want to block IM from certain workstations, while others may be looking to deploy OCS as a Presence-only application. Or possibly even as a contact management solution for a Remote Call Control deployment, but actually want to prevent IM conversations for work-performance or compliance-related matters.
Either way there must have been enough of a demand as Microsoft as introduced that ability as part of the latest Communicator hotfix, which is actually not yet available for widespread download. If your environment requires this ability then you’ll need to contact MS Product Support to request the hotfix referenced in the KB article 954439.
This hotfix applies to the Communicator client and once installed the client will recognize a new registry setting called DisableIM. The configuration details are covered in KB article 954648.
(Updated 1/10/09: The July hotfix referenced above was removed a few months ago due to a bug in one of the patches, but the most recent Communicator hotfix package still includes this new functionality. Currently the latest patch (12/19/2008) can be downloaded from KB article 957465.)
I requested the hotfix and installed it on one host in my virtual lab:
An attempt to send an instant message to any contact is blocked as the "Send an Instant Message" option is disabled:
And when someone else attempts to send an instant message to the user logged into a disabled client, the presence appears correctly but a message informs the sender that the recipient is unable to receive instant messages, which are then retroactively blocked if sent:
Since this is a new registry setting, it cannot be configured in the current communicator.adm Group Policy Template file. There are many resources available that cover how to create custom templates, here is a good place to start. So without going into too much detail, I created a separate custom template for this new value and added it into the Group Policy Object Editor.
This is a somewhat advanced step, so use this code sample at your own risk.
On whatever server or management console you centrally manage Group Policies, create a new text file called %SYSTEMROOT%\inf\CommunicatorExtras.adm. Copy/Paste the following text into this file:
CLASS MACHINE
CATEGORY !!OCSPOLICY_EXTRAS
POLICY !!PolicyDisableIM
EXPLAIN !!ExplainText_DisableIM
KEYNAME "Software\Policies\Microsoft\Communicator"
VALUENAME "DisableIM"
VALUEON NUMERIC 1
VALUEOFF NUMERIC 0
END POLICY
END CATEGORYCLASS USER
CATEGORY !!OCSPOLICY_EXTRAS
POLICY !!PolicyDisableIM
EXPLAIN !!ExplainText_DisableIM
KEYNAME "Software\Policies\Microsoft\Communicator"
VALUENAME "DisableIM"
VALUEON NUMERIC 1
VALUEOFF NUMERIC 0
END POLICY
END CATEGORY[strings]
OCSPOLICY_EXTRAS="Office Communicator Extra Settings"
PolicyDisableIM="Disable Instant Messaging"
ExplainText_DisableIM="Prevents user from sending or receiving instant messages.\n\nEnabling this policy will disable instant messaging, while disabling this policy will return Communicator to it’s default behavior.\n\nNote: The July 30 hotfix for communicator must be installed on the workstation, older versions of the client will ignore this setting.\n\nSee KB article 954439 for more details: http://support.microsoft.com/kb/954439"
Edit the desired existing group policy object (or create a new one), and right-click on the Administrative Templates folder under either the Computer or User Configuration and choose Add/Remove Templates. Browse for and add the new template file.
Once the CommunicatorExtras.adm template is loaded into the Group Policy Object Editor, you should see a new template grouping named "Office Communicator Extra Settings" which will contain a single policy setting for Disabling IM.
