• Managing Windows Meeting Space
  • Controlling the file types that are shared in Windows Meeting Space
  • Disabling file sharing in Windows Meeting Space
  • Logging activity that occurs in Windows Meeting Space
  • Changing the password strength requirement
  • Configuring Windows Meeting Space to restrict users from receiving an elevation prompt
  • Using Group Policy to enable Windows Meeting Space firewall policies
  • Disabling the ad-hoc
  • IPv6, ISATAP, and Windows Meeting Space




    Download 388 Kb.
    bet7/8
    Sana26.12.2019
    Hajmi388 Kb.
    #5326
    1   2   3   4   5   6   7   8

    IPv6, ISATAP, and Windows Meeting Space


    Windows Meeting Space does require IPv6. However, this does not mean it will not run on a traditional IPv4 network.

    Windows Meeting Space allows you to collaborate with individuals "near by" and with individuals who are "remote". If a user wishes to only collaborate with people nearby, no formal IPv6 infrastructure is needed. Windows Vista provides the needed link-local IPv6 addresses needed out of the box as part of the new stack. If a user wants to collaborate with remote people, the IP stack needs to obtain a globally routable IPv6 address.

    There are several ways of obtaining IPv6 hardware, but the simplest way is to set up an ISATAP server. An ISATAP server is easy to set up and run, and is included on Windows Server 2003. Companies do not need to upgrade their networking hardware; they simply have to run enough ISATAP servers to scale to their needs. ISATAP is as scalable (if not better) than DHCP.

    For more information about ISATAP and how to setup an ISATAP router, see pages 17-20 of the "IPv6 Transition Technologies" white paper on the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=67210).


    Managing Windows Meeting Space

    Disabling Windows Meeting Space


    Windows Meeting Space has a Group Policy option to disable the feature. This policy can be applied to a set of computers or to a set of users.

    To disable Windows Meeting Space using Group Policy

    1. Right-click the GPO, and then click Edit.

    2. Click Computer Configuration, click Administrative Templates, click Windows Components, and then click Windows Meeting Space.

    3. Double-click Turn off Windows Meeting Space auditing.

    4. Click Enabled, and then click OK.


    Controlling the file types that are shared in Windows Meeting Space


    Windows Meeting Space follows the rules set up for the Attachment Manager, which allows you to limit the file types that are shared in Windows Meeting Space. This is done in the same way as when you limit the file types that can be attached to an e-mail in an e-mail application, such as Microsoft Outlook Express.

    For more information about configuring the file types that are shared, see article 883260 in the Microsoft K.


    Disabling file sharing in Windows Meeting Space


    To disable the file sharing feature in Windows Meeting Space, a domain administrator needs to disable the DFS Replication Service.

    To disable file sharing (handouts) in Windows Meeting Space

    1. Create a Group Policy object. In the Group Policy Management Console (GPMC) console tree, right-click Group Policy object in the forest and domain in which you want to create a Group Policy object (GPO).

    2. Click New.

    3. In the New GPO dialog box, specify a name for the new GPO, and then click OK.

    4. Right-click the GPO, and then click Edit.

    5. Click Computer Configuration, click Windows Settings, click Security Settings, and then click System Services.

    6. Disable the service for the DFS Replication object.


    Logging activity that occurs in Windows Meeting Space


    Windows Meeting Space includes the ability to log activities that occur during a session. This may be used to track usage and activity to the event log.

    Windows Meeting Space logs the following activity:

    When a local user creates or joins a meeting:

     Meeting name

     Local IP address used

     PeerName used

     Local user name / machine name are written by default when the user writes a log

    When a remote user joins a session:

     Session Name

    Remote user PeerName

     IP Address of the joiner

    When a presentation is started/stopped on the presenter side:

     Session Name

     Machine Name

     User Name

     Presenter PeerName

     IP Address of the presenter

    When a presentation is started/stopped on the receiver side:

     Session Name

     Presenter PeerName

     IP Address of the presenter

    When a file is added on the sharing side:

    Filename

     File size

     File header (particularly the first 32 bytes)

     Session Name

     Machine Name

     User name

     User PeerName

    When a file is added on the receiver side:

     Filename

     File size

     File header (particularly the first 32 bytes)

     Session Name

     The PeerName of the person who shares

    To enable Windows Meeting Space Auditing through Group Policy


    1. Right-click the GPO, and then click Edit.

    2. Click Computer Configuration, click Administrative Templates, click Windows Components, and then click Windows Meeting Space.

    3. Double-click Turn on Windows Meeting Space auditing.

    4. Click Enabled, and then click OK.


    Changing the password strength requirement


    By default, Windows Meeting Space requires passwords to be the equivalent strength of a domain user account password. This requirement can be turned off for the entire Peer Grouping infrastructure, and therefore, also for Windows Meeting Space. When you disable this requirement, the passwords for meetings must only be eight characters in length.

    If you change your password strength domain policy, it will also change the password strength requirement for Windows Meeting Space and the Peer Group infrastructure.



    To disable domain-linked password requirement

    1. Right-click the GPO, and then click Edit.

    2. Click Computer Configuration, click Administrative Templates, click Windows Components, and then click Windows Meeting Space.

    3. Double-click Turn on Windows Meeting Space auditing.

    4. Click Enabled, and then click OK.


    Configuring Windows Meeting Space to restrict users from receiving an elevation prompt


    When a user starts Windows Meeting Space, by default several of the configuration options are not enabled. These options are in two major categories:

     File Replication Permissions

     Windows Firewall Exceptions

    In some companies, users are not allowed to run as administrators. Therefore, they cannot setup the feature, and the IT administrator must do this on their behalf. Follow the steps below to ensure users can use the feature without having to elevate to the full administrator account.



    To authorize users and set file replication permissions

    1. Open the WMI Control console: Click Start, click Run, type wmimgmt.msc and then click OK.

    2. In the console tree, right-click WMI Control, and then click Properties.

    3. Click the Security tab.

    4. Select the Microsoft DFS namespace to which you want to give a user or group access, and then click Security.

    5. In the Security dialog box, click Add.

    6. In the Select Users, Computers, or Groups dialog box, enter the name of the object (user or group) that you want to add. Click Check Names to verify your entry and then click OK. You might have to change the location or click the Advanced button to query for objects.

    7. In the Security dialog box, under Permissions, select to allow these permissions for the new user or group: Execute Methods, Provider Write, Enable Account, and Read Security.

    8. Click OK when finished.



    To enable the appropriate exceptions to Windows Firewall, you must use the Inbound/Outbound Exception wizard, which is accessed through the Group Policy object management console.

    To configure exceptions to Windows Firewall

    1. Right-click the GPO, and then click Edit.

    2. Click Computer Configuration, click Windows Security, click Security Settings, and then click Windows Firewall with Advanced Security.

    3. In Getting Started, select the inbound and outbound rules you want to use.

    Using Group Policy to enable Windows Meeting Space firewall policies


    To enable the appropriate exceptions to Windows Firewall, you must use the Inbound/Outbound Exception wizard, which is accessed through the Group Policy object management console.

    Connect to a Network Projector FW Rules - Inbound.txt

    NameGroupProfileEnabledActionOverrideProgramLocal AddressRemote AddressProtocolLocal PortRemote PortAllowed UsersAllowed Computers

    Connect to a Network Projector (TCP-In)Connect to a Network ProjectorPrivateYesAllowNoC:\Windows\system32\netproj.exeAnyLocal subnetTCPAnyAnyAnyAny

    Connect to a Network Projector (TCP-In)Connect to a Network ProjectorPublicYesAllowNoC:\Windows\system32\netproj.exeAnyLocal subnetTCPAnyAnyAnyAny

    Connect to a Network Projector (TCP-In)Connect to a Network ProjectorDomainYesAllowNoC:\Windows\system32\netproj.exeAnyAnyTCPAnyAnyAnyAny

    Connect to a Network Projector (WSD Events-In)Connect to a Network ProjectorPublicYesAllowNoSystemAnyLocal subnetTCP5357AnyAnyAny

    Connect to a Network Projector (WSD Events-In)Connect to a Network ProjectorDomainYesAllowNoSystemAnyAnyTCP5357AnyAnyAny

    Connect to a Network Projector (WSD Events-In)Connect to a Network ProjectorPrivateYesAllowNoSystemAnyLocal subnetTCP5357AnyAnyAny

    Connect to a Network Projector (WSD EventsSecure-In)Connect to a Network ProjectorPublicYesAllowNoSystemAnyLocal subnetTCP5358AnyAnyAny

    Connect to a Network Projector (WSD EventsSecure-In)Connect to a Network ProjectorDomainYesAllowNoSystemAnyAnyTCP5358AnyAnyAny

    Connect to a Network Projector (WSD EventsSecure-In)Connect to a Network ProjectorPrivateYesAllowNoSystemAnyLocal subnetTCP5358AnyAnyAny

    Connect to a Network Projector (WSD-In)Connect to a Network ProjectorPublicYesAllowNoC:\Windows\system32\netproj.exeAnyLocal subnetUDP3702AnyAnyAny

    Connect to a Network Projector (WSD-In)Connect to a Network ProjectorDomainYesAllowNoC:\Windows\system32\netproj.exeAnyLocal subnetUDP3702AnyAnyAny

    Connect to a Network Projector (WSD-In)Connect to a Network ProjectorPrivateYesAllowNoC:\Windows\system32\netproj.exeAnyLocal subnetUDP3702AnyAnyAny


    Connect to a Network Projector FW Rules - Outbound.txt

    NameGroupProfileEnabledActionProgramLocal AddressRemote AddressProtocolLocal PortRemote PortAllowed Computers

    Connect to a Network Projector (TCP-Out)Connect to a Network ProjectorPrivateYesAllowC:\Windows\system32\netproj.exeAnyLocal subnetTCPAnyAnyAny

    Connect to a Network Projector (TCP-Out)Connect to a Network ProjectorPublicYesAllowC:\Windows\system32\netproj.exeAnyLocal subnetTCPAnyAnyAny

    Connect to a Network Projector (TCP-Out)Connect to a Network ProjectorDomainYesAllowC:\Windows\system32\netproj.exeAnyAnyTCPAnyAnyAny

    Connect to a Network Projector (WSD Events-Out)Connect to a Network ProjectorPublicYesAllowSystemAnyLocal subnetTCPAny5357Any

    Connect to a Network Projector (WSD Events-Out)Connect to a Network ProjectorDomainYesAllowSystemAnyAnyTCPAny5357Any

    Connect to a Network Projector (WSD Events-Out)Connect to a Network ProjectorPrivateYesAllowSystemAnyLocal subnetTCPAny5357Any

    Connect to a Network Projector (WSD EventsSecure-Out)Connect to a Network ProjectorPublicYesAllowSystemAnyLocal subnetTCPAny5358Any

    Connect to a Network Projector (WSD EventsSecure-Out)Connect to a Network ProjectorDomainYesAllowSystemAnyAnyTCPAny5358Any

    Connect to a Network Projector (WSD EventsSecure-Out)Connect to a Network ProjectorPrivateYesAllowSystemAnyLocal subnetTCPAny5358Any

    Connect to a Network Projector (WSD-Out)Connect to a Network ProjectorPrivateYesAllowC:\Windows\system32\netproj.exeAnyLocal subnetUDPAny3702Any

    Connect to a Network Projector (WSD-Out)Connect to a Network ProjectorPublicYesAllowC:\Windows\system32\netproj.exeAnyLocal subnetUDPAny3702Any

    Connect to a Network Projector (WSD-Out)Connect to a Network ProjectorDomainYesAllowC:\Windows\system32\netproj.exeAnyLocal subnetUDPAny3702Any


    Windows Meeting Space FW Exceptions - Inbound.txt

    NameGroupProfileEnabledActionOverrideProgramLocal AddressRemote AddressProtocolLocal PortRemote PortAllowed UsersAllowed Computers

    @FirewallAPI.dll,-32285Windows Meeting SpaceDomainYesAllowNoAnyAnyAnyTCP135AnyAnyAny

    @FirewallAPI.dll,-32285Windows Meeting SpacePrivateYesAllowNoAnyAnyAnyTCP135AnyAnyAny

    @FirewallAPI.dll,-32285Windows Meeting SpacePublicYesAllowNoAnyAnyAnyTCP135AnyAnyAny

    Windows Meeting Space (DFSR-In)Windows Meeting SpaceDomainYesAllowNoC:\Windows\system32\dfsr.exeAnyAnyTCP5722AnyAnyAny

    Windows Meeting Space (DFSR-In)Windows Meeting SpacePublicYesAllowNoC:\Windows\system32\dfsr.exeAnyAnyTCP5722AnyAnyAny

    Windows Meeting Space (DFSR-In)Windows Meeting SpacePrivateYesAllowNoC:\Windows\system32\dfsr.exeAnyAnyTCP5722AnyAnyAny

    Windows Meeting Space (P2P-In)Windows Meeting SpacePublicYesAllowNoC:\Windows\system32\svchost.exeAnyAnyTCP3587AnyAnyAny

    Windows Meeting Space (P2P-In)Windows Meeting SpaceDomainYesAllowNoC:\Windows\system32\svchost.exeAnyAnyTCP3587AnyAnyAny

    Windows Meeting Space (P2P-In)Windows Meeting SpacePrivateYesAllowNoC:\Windows\system32\svchost.exeAnyAnyTCP3587AnyAnyAny

    Windows Meeting Space (TCP-In)Windows Meeting SpacePrivateYesAllowNoC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyTCPAnyAnyAnyAny

    Windows Meeting Space (TCP-In)Windows Meeting SpacePublicYesAllowNoC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyTCPAnyAnyAnyAny

    Windows Meeting Space (TCP-In)Windows Meeting SpaceDomainYesAllowNoC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyTCPAnyAnyAnyAny

    Windows Meeting Space (UDP-In)Windows Meeting SpacePublicYesAllowNoC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyUDPAnyAnyAnyAny

    Windows Meeting Space (UDP-In)Windows Meeting SpacePrivateYesAllowNoC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyUDPAnyAnyAnyAny

    Windows Meeting Space (UDP-In)Windows Meeting SpaceDomainYesAllowNoC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyUDPAnyAnyAnyAny



    Windows Meeting Space FW Exceptions - Outbound.txt

    NameGroupProfileEnabledActionProgramLocal AddressRemote AddressProtocolLocal PortRemote PortAllowed Computers

    Windows Meeting Space (DFSR-Out)Windows Meeting SpacePrivateYesAllowC:\Windows\system32\dfsr.exeAnyAnyTCPAny5722Any

    Windows Meeting Space (DFSR-Out)Windows Meeting SpaceDomainYesAllowC:\Windows\system32\dfsr.exeAnyAnyTCPAny5722Any

    Windows Meeting Space (DFSR-Out)Windows Meeting SpacePublicYesAllowC:\Windows\system32\dfsr.exeAnyAnyTCPAny5722Any

    Windows Meeting Space (P2P-Out)Windows Meeting SpaceDomainYesAllowC:\Windows\system32\svchost.exeAnyAnyTCPAny3587Any

    Windows Meeting Space (P2P-Out)Windows Meeting SpacePublicYesAllowC:\Windows\system32\svchost.exeAnyAnyTCPAny3587Any

    Windows Meeting Space (P2P-Out)Windows Meeting SpacePrivateYesAllowC:\Windows\system32\svchost.exeAnyAnyTCPAny3587Any

    Windows Meeting Space (TCP-Out)Windows Meeting SpacePublicYesAllowC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyTCPAnyAnyAny

    Windows Meeting Space (TCP-Out)Windows Meeting SpacePrivateYesAllowC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyTCPAnyAnyAny

    Windows Meeting Space (TCP-Out)Windows Meeting SpaceDomainYesAllowC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyTCPAnyAnyAny

    Windows Meeting Space (UDP-Out)Windows Meeting SpacePublicYesAllowC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyUDPAnyAnyAny

    Windows Meeting Space (UDP-Out)Windows Meeting SpacePrivateYesAllowC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyUDPAnyAnyAny

    Windows Meeting Space (UDP-Out)Windows Meeting SpaceDomainYesAllowC:\Program Files\Windows Collaboration\WinCollab.exeAnyAnyUDPAnyAnyAny


    Windows P2P Collab Foundations FW Exceptions - Inbound.txt

    NameGroupProfileEnabledActionOverrideProgramLocal AddressRemote AddressProtocolLocal PortRemote PortAllowed UsersAllowed Computers

    Windows Peer to Peer Collaboration Foundation (PNRP-In)Windows Peer to Peer Collaboration FoundationDomainYesAllowNoC:\Windows\system32\svchost.exeAnyAnyUDP3540AnyAnyAny

    Windows Peer to Peer Collaboration Foundation (PNRP-In)Windows Peer to Peer Collaboration FoundationPublicYesAllowNoC:\Windows\system32\svchost.exeAnyAnyUDP3540AnyAnyAny

    Windows Peer to Peer Collaboration Foundation (PNRP-In)Windows Peer to Peer Collaboration FoundationPrivateYesAllowNoC:\Windows\system32\svchost.exeAnyAnyUDP3540AnyAnyAny

    Windows Peer to Peer Collaboration Foundation (SSDP-In)Windows Peer to Peer Collaboration FoundationDomainYesAllowNoC:\Windows\system32\svchost.exeAnyAnyUDP1900AnyAnyAny

    Windows Peer to Peer Collaboration Foundation (SSDP-In)Windows Peer to Peer Collaboration FoundationPublicYesAllowNoC:\Windows\system32\svchost.exeAnyAnyUDP1900AnyAnyAny

    Windows Peer to Peer Collaboration Foundation (SSDP-In)Windows Peer to Peer Collaboration FoundationPrivateYesAllowNoC:\Windows\system32\svchost.exeAnyAnyUDP1900AnyAnyAny

    Windows Peer to Peer Collaboration Foundation (TCP-In)Windows Peer to Peer Collaboration FoundationPublicYesAllowNoC:\Windows\system32\p2phost.exeAnyAnyTCPAnyAnyAnyAny

    Windows Peer to Peer Collaboration Foundation (TCP-In)Windows Peer to Peer Collaboration FoundationDomainYesAllowNoC:\Windows\system32\p2phost.exeAnyAnyTCPAnyAnyAnyAny

    Windows Peer to Peer Collaboration Foundation (TCP-In)Windows Peer to Peer Collaboration FoundationPrivateYesAllowNoC:\Windows\system32\p2phost.exeAnyAnyTCPAnyAnyAnyAny

    Windows Peer to Peer Collaboration Foundation (WSD-In)Windows Peer to Peer Collaboration FoundationPublicYesAllowNoC:\Windows\system32\p2phost.exeAnyLocal subnetUDP3702AnyAnyAny

    Windows Peer to Peer Collaboration Foundation (WSD-In)Windows Peer to Peer Collaboration FoundationPrivateYesAllowNoC:\Windows\system32\p2phost.exeAnyLocal subnetUDP3702AnyAnyAny

    Windows Peer to Peer Collaboration Foundation (WSD-In)Windows Peer to Peer Collaboration FoundationDomainYesAllowNoC:\Windows\system32\p2phost.exeAnyLocal subnetUDP3702AnyAnyAny


    Windows P2P Collab Foundations FW Exceptions - Outbound.txt

    NameGroupProfileEnabledActionProgramLocal AddressRemote AddressProtocolLocal PortRemote PortAllowed Computers

    Windows Peer to Peer Collaboration Foundation (PNRP-Out)Windows Peer to Peer Collaboration FoundationDomainYesAllowC:\Windows\system32\svchost.exeAnyAnyUDPAny3540Any

    Windows Peer to Peer Collaboration Foundation (PNRP-Out)Windows Peer to Peer Collaboration FoundationPrivateYesAllowC:\Windows\system32\svchost.exeAnyAnyUDPAny3540Any

    Windows Peer to Peer Collaboration Foundation (PNRP-Out)Windows Peer to Peer Collaboration FoundationPublicYesAllowC:\Windows\system32\svchost.exeAnyAnyUDPAny3540Any

    Windows Peer to Peer Collaboration Foundation (SSDP-Out)Windows Peer to Peer Collaboration FoundationDomainYesAllowC:\Windows\system32\svchost.exeAnyAnyUDPAny1900Any

    Windows Peer to Peer Collaboration Foundation (SSDP-Out)Windows Peer to Peer Collaboration FoundationPublicYesAllowC:\Windows\system32\svchost.exeAnyAnyUDPAny1900Any

    Windows Peer to Peer Collaboration Foundation (SSDP-Out)Windows Peer to Peer Collaboration FoundationPrivateYesAllowC:\Windows\system32\svchost.exeAnyAnyUDPAny1900Any

    Windows Peer to Peer Collaboration Foundation (TCP-Out)Windows Peer to Peer Collaboration FoundationPublicYesAllowC:\Windows\system32\p2phost.exeAnyAnyTCPAnyAnyAny

    Windows Peer to Peer Collaboration Foundation (TCP-Out)Windows Peer to Peer Collaboration FoundationPrivateYesAllowC:\Windows\system32\p2phost.exeAnyAnyTCPAnyAnyAny

    Windows Peer to Peer Collaboration Foundation (TCP-Out)Windows Peer to Peer Collaboration FoundationDomainYesAllowC:\Windows\system32\p2phost.exeAnyAnyTCPAnyAnyAny

    Windows Peer to Peer Collaboration Foundation (WSD-Out)Windows Peer to Peer Collaboration FoundationPublicYesAllowC:\Windows\system32\p2phost.exeAnyLocal subnetUDPAny3702Any

    Windows Peer to Peer Collaboration Foundation (WSD-Out)Windows Peer to Peer Collaboration FoundationPrivateYesAllowC:\Windows\system32\p2phost.exeAnyLocal subnetUDPAny3702Any

    Windows Peer to Peer Collaboration Foundation (WSD-Out)Windows Peer to Peer Collaboration FoundationDomainYesAllowC:\Windows\system32\p2phost.exeAnyLocal subnetUDPAny3702Any


    To enable the appropriate exceptions to Windows Firewall, you must use the Inbound/Outbound Exception wizard, which is accessed through the Group Policy object management console.

    To configure exceptions to Windows Firewall

    1. Right-click the GPO, and then click Edit.

    2. Click Computer Configuration, click Windows Security, click Security Settings, and then click Windows Firewall with Advanced Security.

    3. In Getting Started, select the inbound and outbound rules you want to use.

    Disabling the ad-hoc


    For information about how to perform this procedure, see the Wireless Network Policies Extension Tools and Settings document at the Microsoft Web site.



    Download 388 Kb.
    1   2   3   4   5   6   7   8




    Download 388 Kb.

    Bosh sahifa
    Aloqalar

        Bosh sahifa



    IPv6, ISATAP, and Windows Meeting Space

    Download 388 Kb.