I'm trying to "Hardening" the Lync 2010 online meeting service, one of my goals is to prevent the possibility to send\receive files for all external users (Federated and anonymous users) in order to do so, i've implemented the configuration specified in the following KB:

http://support.microsoft.com/kb/2621840

New-CsFileTransferFilterConfiguration -Identity EdgePoolIdentity -BlockFileExtension $True -Action BlockAll -Enabled $True

Unfortunately, this solution is not working as expected, the result is that an external users will not be able to receive files sent by internal users, but he will be able to send files from the internet to internal users,

This is a very major security risk, since the Lync 2010 File filtering mechanism is not sophisticated (for example: a malicious file can be sent with *.txt extension)

Is there a way to  completely disable the file transferring service for all external users? (we still want to use it on our internal environment)

Many thanks!

Try to run the command Invoke-CsManagementStoreReplication to force Microsoft Lync Server 2010 replication services to send complete configuration data.

Then run the command Get-CsManagementStoreReplicationStatus to check Lync Edge Server Replication is update to date.

The edge server replication is up to date, this is defiantly not the issue.

Any other thoughts?

Hi,

Does Edge and Front End are on the same Cumulative update version?

David

Hi, 

Did you enter the exact Identity name (Edge pool name) in place of "EdgePoolIdentity" ? Suggesting basic step thought ignore if you have done so.

@ As indicated in the Technet Run Get-CsService -EdgeServer for the exact value.