Like my previous post on Exchange Mailbox Protocols, many companies limit the ability of some of their users (but not all of them) to use the audio/video functionality built into Skype for Business Online. Normally, this occurs in office environments that don’t have the internet bandwidth to support all that A/V traffic for a large number of users, so they limit that use to those who need it or executives, VIPs.
Unfortunately, it’s not possible to create a SIP profile that enables/disables the protocols for any user to which its assigned. Therefore, administrators must disable this functionality for each individual user. This is easily done for one or two users via the administrative console web page, but doing this in bulk requires PowerShell.
To help alleviate this, I’ve created a script that leverages security groups in Azure AD (and on-premises AD if they are synchronized via DirSync) as a way to indicate which users should be allowed the use of Audio/Video functionality in Skype for Business Online.
By default, the script will assume your group is named Office365-AllowSkypeAV, but you could use any group name you want and feed that to the script via a command-line parameter.
When run, the script will disable AudioVideo functionality for ANY user who is NOT a member of the above referenced groups.
This script also leverages my WriteTo-Log function so that a running log can be generated keeping track of each change made to each user for auditing purposes.
Finally, there are optional command-line parameters (-From, -To, -SMTPServer) that can be used to ensure the log is emailed to an address of your choice after completing.
You can download the script here.