Block Point-to-Point file transfers
In Skype for Business Online, you have ability to control Point-to-Point (P2P) file transfers as part of existing conferencing policy settings. However, this allows or blocks file transfers for users whether or not they are transferring files to a user who is within the same organization or to a federated user from another organization. Following the steps below, you can block P2P file transfers with federated organizations or partners.
A very common scenario is when you want to allow internal users to use P2P file transfer but block file transfer with federated partners. For this scenario, you would need to do:
Assign a conferencing policy with P2P file transfer enabled (EnableP2PFileTransfer set to True) to users in your organization.
Create a global external user communication policy set to block external P2P file transfers (EnableP2PFileTransfer set to False) and assign it to a user in your organization.
You can find out more about those settings here.
If a federated user outside your organization tries to send a file to a user where the policy has been applied, they will receive a Transfer Failed error. And if a user tries to send a file, they will receive a File transfer is turned off error.
To make this work, the user must be using a supported version of a 2016 Click-to-Run Skype for Business app that supports it. The following minimum version of Skype for Business 2016 Click-to-Run client is required:
|First Release for Current Channel
||Version 1611 (Build 7571.2006)
||Version 1611 (Build 7571.2072)
||Version 1609 (Build 7369.2118)
Users that are using older versions of Skype for Business Windows apps or Mac clients will still be able to transfer files.
Verify and start Windows PowerShell
Check that you are running Windows PowerShell version 3.0 or higher
To verify that you are running version 3.0 or higher: Start Menu > Windows PowerShell.
Check the version by typing Get-Host in the Windows PowerShell window.
If you don't have version 3.0 or higher, you need to download and install updates to Windows PowerShell. See Windows Management Framework 4.0 to download and update Windows PowerShell to version 4.0. Restart your computer when you are prompted.
You will also need to install the Windows PowerShell module for Teams that enables you to create a remote Windows PowerShell session that connects to Skype for Business Online.
If you need to know more, see Connect to all Microsoft 365 or Office 365 services in a single Windows PowerShell window.
Start a Windows PowerShell session
From the Start Menu > Windows PowerShell.
In the Windows PowerShell window, connect to your Microsoft 365 or Office 365 by running:
Skype for Business Online Connector is currently part of the latest Teams PowerShell module.
If you're using the latest Teams PowerShell public release, you don't need to install the Skype for Business Online Connector.
Import-Module -Name MicrosoftTeams $credential = Get-Credential $session = New-CsOnlineSession -Credential $credential Import-PSSession $session
If you want more information about starting Windows PowerShell, see Connect to all Microsoft 365 or Office 365 services in a single Windows PowerShell window or Set up your computer for Windows PowerShell.
Disable P2P file transfers for your organization
By default, EnableP2PFileTransfer is enabled on the organization's global policy. When it was created, your users were assigned the BposSAllModality policy.
To allow P2P transfers for inside your organization but block external file transfers to another organization, you just need to change it at a global level. To do that, run:
Set-CsExternalUserCommunicationPolicy -EnableP2PFileTransfer $False
Disable P2P file transfers for a user
You can apply this to a user by creating a new policy and granting it to that user. To do that, run:
New-CsExternalUserCommunicationPolicy -Identity BlockExternalFT -EnableP2PFileTransfer $False
Grant-CsExternalUserCommunicationPolicy -PolicyName BlockExternalFT -Identity email@example.com
Want to know more about Windows PowerShell?
Windows PowerShell is all about managing users and what users are allowed or not allowed to do. With Windows PowerShell, you can manage Microsoft 365 or Office 365 and Skype for Business Online using a single point of administration that can simplify your daily work, when you have multiple tasks to do. To get started with Windows PowerShell, see these topics:
Windows PowerShell has many advantages in speed, simplicity, and productivity over only using the Microsoft 365 admin center such as when you are making setting changes for many users at one time. Learn about these advantages in the following topics: