Deploying policies to SharePoint Workspace users

 

Applies to: SharePoint Workspace 2010, Groove Server 2010

Topic Last Modified: 2011-08-05

This article describes how to set and deploy management policies to Microsoft SharePoint Workspace users who are Groove Server Manager domain members.

The procedure in this article requires that Groove Server Manager is installed as described in Install and configure Groove Server 2010 Manager.

In this article:

• Deploying management policies to SharePoint Workspace users

• SharePoint Workspace policy tables

Deploying Groove Server Manager policies to SharePoint Workspace users

The following procedure explains how to distribute member and security policies for Microsoft SharePoint Workspace users who are management domain members. The Groove Server Manager administrative interface lets you set policies that you can then assign to selected SharePoint Workspace users or groups. The Default template that appears in the navigation pane contains default settings for Groove Server Manager policies. You can distribute the default policies as is, or you can change them, as described in the following procedure.

To deploy management policies to SharePoint Workspace users

1. Create a directory of SharePoint Workspace users for Groove Server 2010 Manager, as described in Create a SharePoint Workspace user directory for Groove Server Manager.

2. Log on to the Groove Server Manager administrative Web site and expand the management domain in the navigation pane.

3. Expand Policies in the navigation pane to review or change policy settings.

   Note

   The Default Policy template is assigned to new users by default.

4. To change the policy template for the management domain or selected members, expand Members or a group in the navigation pane and select a template as follows:

   • To change the policy template for all management domain or group members, click Group Properties in the toolbar, select a template from the Policy Template drop-down menu, select Apply to all group members, and then click OK.

   • To change the policy template for the domain or a group without affecting template assignments for existing members or groups, click Group Properties in the toolbar, select a template from the Policy Template drop-down menu, and then click OK. Do not select Apply to all group members.

   • To change the policy template for a specific member, click the member name, select a template from the Policy Template drop-down menu, and then click OK.

   For information about how to create member groups, see Managing SharePoint Workspace users.

5. To update an existing template, click Default or another template in the Policies list, click the Member Policies or Security Policies tab that you need, review or edit the policies, and then click OK. For guidance in editing policy settings, see the tables in SharePoint Workspace policy tables.

   Note

   To display policies for SharePoint Workspace 2010 only, Groove 2007 only, or for both SharePoint Workspace 2010 and Groove 2007, click the Default or other template and then select the applicable option in the View policies for menu.

6. To create a template for a new collection of policies, click Add template in the toolbar, enter the name of the new template, and then click OK.

7. To clone a policy template with its settings, you can copy the template and save it under a new name, as follows: click the Clone Template button shown after each template in the Policies list, enter a new template name and optional description in the appropriate fields, and then click OK.

8. To change a policy template name or description, select the policy template, click Properties in the toolbar, edit the name or description, and then click OK.

9. To delete a policy template from the Policies list, select the check box of the templates that you want to delete from the Policies list, click Delete Selected Templates in the toolbar, and then confirm your decision and click OK.

SharePoint Workspace policy tables

The following tables list and describe member, security, and audit policies that you can deploy to SharePoint Workspace users from Groove Server Manager.

Note

The tables describe Groove Server Manager 2010 policies, except where otherwise noted.

Member policies

Managed SharePoint Workspace user policies	Policy settings	Description
Account Policies	Members cannot create or import multiple accounts. Members can only use managed identities from this domain on devices in this domain. (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)	Enables you to specify whether managed SharePoint Workspace users can create or import additional accounts (besides the account that you manage). For a description of the Groove 2007 device policy, see Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).
Account Backup Policies	Backup account interval in days: <number of days>	Enables you to set a SharePoint Workspace account backup interval.
Public Contact Directory Policies	Allow publishing of vCard (identity information) to the Public Directory of SharePoint Workspace contacts. Prevent members from searching the Public Directory of SharePoint Workspace contacts.	Enables you to specify whether managed SharePoint Workspace users can publish their identities to the Public Workspace Contact Directory.
Workspace Version Policies	Workspace Acceptance and Restoration Policy Minimum Workspace Version: Client default, Office Groove 2007, or No Minimum Workspace Creation Policy Default Workspace Version: Office Groove 2007, SharePoint Workspace 2010, or Client Default	Enables you to specify what workspace versions are permitted on managed SharePoint Workspace clients.
Usage Policies	Prohibit non-Auditable tools. Prohibit use of Shared Folders. Prohibit use of SharePoint workspaces. Prohibit use of Groove workspaces Prohibit use of Forms and forms-based tools (including any InfoPath tools and the Discussion tool released with Groove 2007 and later). Prohibit the use of games. Prohibit use of the Files and Documents tools Prohibit the use of the Pictures tool.	Enables you to restrict SharePoint Workspace usage. Note that prohibiting Groove tools can have unintended consequences due to relationships among Groove tools or between Groove tools and third-party tools. See the SharePoint Workspace client product Help for more information about Groove tools,.
Bandwidth Policies	Limit bandwidth to: bits/second, kilobits/second, megabits/second (minimum 4800 bits/second)	Enables you to set SharePoint Workspace bandwidth limitations. Limiting bandwidth may greatly affect the performance of the SharePoint Workspace client.

Security policies

Managed SharePoint Workspace security policies	Policy settings	Description
Blocked Files Policy	Override the Microsoft SharePoint Workspace default list of blocked files.	Enables you to change the Microsoft SharePoint Workspace default list of blocked files or delete the contents of the list to enable all files.
Account Usage Policy	Restrict Microsoft SharePoint Workspace identities to OS logon in listed forests only.	Enables you to prevent users who do not have a managed SharePoint Workspace identity from logging on to the client operating system.
User Verification Policy	Do not warn or restrict members when communicating with any contacts. Warn member before communicating with contacts that have been neither administrator-certified nor manually verified by the member. Only allow members to communicate with administrator-certified contacts.	Enables you to specify how SharePoint Workspace handles or flags unverified contacts.
Login Method	Password creation rules. Smart cards (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)	For a description of this Groove 2007 policy, see Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).
Password Policies	Password content and creation rules, as described in Groove Management Domain Operations (https://technet.microsoft.com/en-us/library/cc262699.aspx). (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)	For a description of these Groove 2007 policies, see Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).
Account Lockout Policy	Number of invalid login attempts before account is locked. (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)	For a description of this Groove 2007 policy, see Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).

Audit policies

Managed SharePoint Workspace Audit policies	Policy settings	Description
Audit Server Policy	Audit Server URL: Upload audit logs every ___ days. Disable SharePoint Workspace if auditing fails.	Enables you to specify a URL for a Groove Audit server and enable client auditing, if you installed the optional Groove Auditing capability. For more information about how to install Groove Server Manager for Groove Audit, see Install and configure Groove Server 2010 Manager.
SharePoint Workspace Client Events	Audit all client events. Audit instant messages and invitations Audit logon and logoff events Audit contact events. Audit workspace events.	Enables you to specify auditable SharePoint Workspace events.
Tool Events	Chat Discussion Document Review Files Forms Tool Groove File Sharing InfoPath Tool SharePoint Mobile Workspaces	Enables you to select auditable tool events.
File contents policy	Audit contents of files added to tools. (This policy appears if you selected a Groove 2007 policy display option, as described previously in this article.)	For a description of this Groove 2007 policy, see the Groove Audit Policies section of Managing Groove Device Policies (https://go.microsoft.com/fwlink/p/?LinkId=181198).

See Also

Concepts

Install and configure Groove Server 2010 Manager
Create a SharePoint Workspace user directory for Groove Server Manager