Share via


Block Point-to-Point file transfers

Important

Skype for Business Online operated by 21Vianet in China will be retired on October 1, 2023. If you haven't upgraded your Skype for Business Online users yet, they will be automatically scheduled for an assisted upgrade. If you want to upgrade your organization to Teams yourself, we strongly recommend that you begin planning your upgrade path today. Remember that a successful upgrade aligns technical and user readiness, so be sure to leverage our upgrade guidance as you navigate your journey to Teams.

Skype for Business Online, excluding the service operated by 21Vianet in China, was retired on July 31, 2021.

In Skype for Business Online, you have ability to control Point-to-Point (P2P) file transfers as part of existing conferencing policy settings. However, this allows or blocks file transfers for users whether or not they are transferring files to a user who is within the same organization or to a federated user from another organization. Following the steps below, you can block P2P file transfers with federated organizations or partners.

A very common scenario is when you want to allow internal users to use P2P file transfer but block file transfer with federated partners. For this scenario, you would need to do:

  • Assign a conferencing policy with P2P file transfer enabled (EnableP2PFileTransfer set to True) to users in your organization.

  • Create a global external user communication policy set to block external P2P file transfers (EnableP2PFileTransfer set to False) and assign it to a user in your organization.

You can find out more about those settings here.

If a federated user outside your organization tries to send a file to a user where the policy has been applied, they will receive a Transfer Failed error. And if a user tries to send a file, they will receive a File transfer is turned off error.

To make this work, the user must be using a supported version of a 2016 Click-to-Run Skype for Business app that supports it. The following minimum version of Skype for Business 2016 Click-to-Run client is required:

Type Release date Version Build
First Release for Current Channel
11/17/2016
16.0.7571.2006
Version 1611 (Build 7571.2006)
Current Channel
12/6/2016
16.0.7571.2072
Version 1611 (Build 7571.2072)
Deferred Channel
2/22/2017
16.0.7369.2118
Version 1609 (Build 7369.2118)

Caution

Users that are using older versions of Skype for Business Windows apps or Mac clients will still be able to transfer files.

Start Windows PowerShell

Note

Skype for Business Online Connector is currently part of the latest Teams PowerShell module. If you're using the latest Teams PowerShell public release, you don't need to install the Skype for Business Online Connector.

  1. Install the Teams PowerShell module.

  2. Open a Windows PowerShell command prompt and run the following commands:

    # When using Teams PowerShell Module
    
    Import-Module MicrosoftTeams
    $credential = Get-Credential
    Connect-MicrosoftTeams -Credential $credential
    

    If you want more information about starting Windows PowerShell, see Connect to all Microsoft 365 or Office 365 services in a single Windows PowerShell window or Set up your computer for Windows PowerShell.

Disable P2P file transfers for your organization

By default, EnableP2PFileTransfer is enabled on the organization's global policy. When it was created, your users were assigned the BposSAllModality policy.

To allow P2P transfers for inside your organization but block external file transfers to another organization, you just need to change it at a global level. To do that, run:

Set-CsExternalUserCommunicationPolicy -EnableP2PFileTransfer $False

Disable P2P file transfers for a user

You can apply this to a user by creating a new policy and granting it to that user. To do that, run:

New-CsExternalUserCommunicationPolicy -Identity BlockExternalFT -EnableP2PFileTransfer $False
Grant-CsExternalUserCommunicationPolicy -PolicyName BlockExternalFT -Identity [email protected]

Want to know more about Windows PowerShell?

Create custom external access policies

Set up client policies for your organization

Set up conferencing policies in your organization