Instant Messaging provides the ability to control access to Instant Messaging features and preserve end-user privacy.
Can users access the presence status of other end users?
Can users send alerts to other end users?
Do you want users to save properties on the server?
Who do you want to be able to create and manage conference rooms?
Who do you want to be able to create and manage news channels?
Different sites using Instant Messaging server have different needs in terms of enabling and restricting the type of access end users have to the Instant Messaging service. The process of controlling end user and administrator Instant Messaging server features and privileges is referred to as policy management. You choose from two methods of policy management: through access control files or through Sun Java System Access Manager.
Managing Policies Using Access Control Files. The access control file method for managing policies allows you to adjust end-user privileges in the following areas: news channel management, conference room management, the ability to change preferences in the User Settings dialog, and ability to send alerts. It also allows specific end users to be assigned as system administrators.
Managing Policies using Sun Java System Access Manager. This method gives you control of the same privileges available with the access control file method; however, it additionally allows more fine-tuned control over various features, such as the ability to receive alerts, send polls, receive polls, and so forth. Furthermore, managing policies using Sun Java System Access Manager gives you finer-tuned control over privileges.
If your deployment does not include Access Manager, you must use the access control file method to manage policies. If you are using Access Manager with Instant Messaging, and you have installed the Instant Messaging and Presence services components, you can use either of the policy management methods. Managing policies using Access Manager is a more comprehensive method. One advantage of this method is that it allows you to store all end-user information in the directory.