Pages

MSPL Script: Blocking Federated Presence

Ever wanted to stop another company your federated with seeing your presence but still wanted to do IM and all other UC functions. Well there is a way. As with all the scripts I post on VoIPNorm someone much smarter than me came up with the script. Thanks to Brad, I owe you a beer.

The script is in two parts.First part is the MSPL script which you install on the Lync Edge server and the second part is a text document which you could post on accessible file share to the Edge or straight on the Edge Servers themselves. The text document contains a list of domains your blocking presence for.

MSPL script text:

<?xml version="1.0"?>
<r:applicationManifest xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" r:appUri="http://sip.yourdomain.com/BlockFederatedPresence" xmlns:r="http://schemas.microsoft.com/lcs/2006/05">
   <r:allowRegistrationBeforeUserServices/>
   <r:serverFilter roles="ALL"/>

   <!-- handle NOTIFY, BENOTIFY, SUBSCRIBE requests -->
   <r:requestFilter methodNames="NOTIFY,BENOTIFY,SUBSCRIBE" strictRoute="true"/>

   <!-- Script-only application -->
   <r:scriptOnly/>

   <!-- Text file containing allowed domains -->
   <r:file name="AllowedPresenceDomains"
    path="C:\MSPLScripts\PresenceFilter\AllowedPresenceDomains.txt" delimitedBy="comma"
    keyColumnName="Domain" static="false">
    <r:column name="Domain" />
    <r:column name="Action" />
   </r:file>

   <r:splScript><![CDATA[
    
     function AllowedDomain(strURI) {
    bolIsAllowed = false;
    arrStrURI = Split(strURI, "@");
    foreach(strValue in arrStrURI) {
        strDomain = strValue;
    }
    if (strDomain == "yourdomain.com") {
       bolIsAllowed = true;
    }
    else {
       if(AllowedPresenceDomains[strDomain].Action == "allow") {
          bolIsAllowed = true;
       }
    }
    return bolIsAllowed;
     }
   
     skipScan = true;
     foreach(s in GetHeaderValues(StandardHeader.Event)) {
       skipScan = !EqualString(s, "presence", true);
       break;
     }

     if (!skipScan) {
    if (sipRequest) {
       fromUser = GetUri(sipRequest.From);
       toUser = GetUri(sipRequest.To);
    }
    if (sipResponse) {
       fromUser = GetUri(sipResponse.From);
       toUser = GetUri(sipResponse.To);
    }
     }
    
     if (!skipScan && ContainsString(sipMessage.Content, "<category name=\"state\"/>", true)) {
       if (!AllowedDomain(fromUser)) {
          newContent = "";
          foreach (element in Split(sipMessage.Content, "<")) {
            if (element!= "") {
              if(!ContainsString(element, "category name=\"state\"/>", true)) {
                newContent = Concatenate(newContent, Concatenate("<", element));
              }
            }
          }
          sipMessage.Content = newContent;
       }
     }
    
     if (!skipScan && ContainsString(sipMessage.Content, "<availability>", true)) {
       if (!AllowedDomain(toUser)) {
          newContent = "";
          foreach (element in Split(sipMessage.Content, "<")) {
            if (element!= "") {
              if(!ContainsString(element, "availability>", true)) {
                newContent = Concatenate(newContent, Concatenate("<", element));
              }
              if(ContainsString(element, "/availability>", true)) {
            newContent = Concatenate(newContent, "<availability>1800</availability>");
              }   
            }
          }
          sipMessage.Content = newContent;
       }
     }

     if (sipRequest) {
       ProxyRequest("");
     }
     else if (sipResponse) {
       ProxyResponse();
     }

   ]]></r:splScript>
</r:applicationManifest>

Format for text file:

domain1.com,allow
domain2.com,allow

Download both from here.

VoIPNorm

5 comments:

  1. You are missing a good part of the script here. The download is complete though.

    ReplyDelete
    Replies
    1. Thanks for the heads up Brad. Should be fixed now.

      Delete
  2. Coolest and most under-used, misunderstood, and least known feature in Lync Server. Thanks for a good article, Chris!

    ReplyDelete
  3. Could you provide the information how to install it?

    ReplyDelete
  4. Hi, thanks for the script, works liek a charm! Is it possible though, to extend the scripts functionality so that the presence status is blocked for all 'external contacts'?

    ReplyDelete

Note: Only a member of this blog may post a comment.