Sun ONE logo      Previous      Contents      Index      Next     

Sun ONE Instant Messaging Administrator's Guide

Chapter 4
Managing Instant Messaging Policies Using Identity Server

This section describes what you need to know about administering Instant Messaging server when it is deployed with Sun ONE Identity Server. This section contains:

Instant Messaging Service

When you deploy Instant Messaging with Sun ONE Identity Server, an Instant Messaging service is added to the Sun ONE Identity Server. The Instant Messaging service enables the administrator to enforce policy mechanisms for accessing Sun ONE Instant Messaging.

Table 4-1 lists the Instant Messaging service attributes.

Table 4-1  Instant Messaging service attributes

Service Attributes

Description

sunIMEnable

This is a boolean attribute. When enabled it has Access and Deny permissions for an organization. These attributes will be added as dynamic attributes.

sunIMAllowAlertOnly

This is a boolean attribute. When enabled the instant messenger only displays the alerts. The contact list or the news is not displayed. This attribute is used in CHAT and POPUP flavors. By default this attribute is disabled.

sunIMAllowFileTransfer

This is a boolean attribute. When enabled it allows files to be attached to the messages. By default this attribute is enabled.

sunIMEnableModerator

This is a boolean attribute. It enables the moderated conference feature in Instant Messenger. By default, this attributed is enabled.

sunIMFlavor

This attribute can be selected from a drop down list. It describes the message type to be enabled. The values are ALL, IM, NEWS, CHAT and POPUP. The default selected value is ALL.

Restricting Users From Accessing Instant Messenger

You can restrict the users from running Instant Messenger by unassigning the Instant Messaging policy for the users.

Unassigning Instant Messaging Policy

This approach is recommended if the roles to which Instant Messaging policies should be assigned or unassigned are already present in the organization.

By default the Instant Messaging policy is added to the organization with the permission to run Instant Messenger. To disallow certain users in the organization from accessing Instant Messenger, you need to:

  1. Create a new policy. For example: “Disable IM”.
  2. Unassign the Instant Messaging Policy for the organization.
  3. Add Disable IM policy to the role for which you want to disallow access to Instant Messenger.
  4. Add users to whom you want to disallow access to Instant Messenger to this role.

To Create A New Policy

  1. Login to Sun ONE Identity Server as Administrator.
  2. Select Policy Management from View drop down list.
  3. Click the organization link in which you want to create the policy. For example: siroe.com.
  4. Select Policies from the Show drop down list
  5. Click New. The Create Policy page is displayed in the right panel.
  6. Specify the following details:

    7. Name. Enter the policy name in the field. For example: Disable IM.

    Service. Select Instant Messaging from the drop down list.

  7. Click Create. The policy is created.
  8. To add a rule, click Add Rule.
  9. To disable the access to Instant Messenger, uncheck “Has Privilege to Run IM” check box. To allow access to Instant Messenger select “Has Privilege to Run IM” check box.
  10. Click Save.

To Unassign the IM Policy from the Organization

  1. Select User Management from View drop down list.
  2. Click the organization link in which you want to unassign Instant Messaging policy. For example: siroe.com.
  3. Select Policies from Show drop down list.
  4. Select the name of the policy. For example, Enable IM.
  5. Click Unassign.


Previous      Contents      Index      Next     

Copyright 2003 Sun Microsystems, Inc. All rights reserved.