locked
Can file filtering be disabled on OC? RRS feed

  • Question

  • We're running OC07 R2 and some files (notably .exe) cannot be sent via OC.
    I've disabled file filtering on the server as well as within forefront.  Forefront does not show any blocked files.

    Is it possible to disable the file filtering on the client?  If so, how?

    Thanks
    Tuesday, March 31, 2009 1:40 PM

Answers

  • When the Office Communicator 2007 R2 client receives a file transfer request, it uses Windows Attachment Manager to decide if the file extension is safe.  (This is separate to the IIM Filter on the OCS.)

    You can configure the Attachment Manager settings using Group Policy editor:
    Start...Run...gpedit.msc
    Browse to user configuration / administrative templates / windows components / attachment manager
    Enable the "inclusion list for low file type" and specify ".exe"

    This will override the windows default setting for .exe, which is high risk

    Rob.

     
    Monday, June 1, 2009 12:10 PM

All replies

  • Yes you can do it via Group Policy

    Communicator.ADM
    DisableFileTransfer Prevent file transfer Disables the File Transfer command. REG_DWORD 0 = File transfer is enabled (default).
    1 = File transfer is disabled.

    - Belgian Unified Communications Community : http://www.pro-exchange.be -
    Tuesday, March 31, 2009 10:20 PM
  • That's the opposite of what I want to do.  I want to allow users to transfer any file, regardless of extension, not disable the entire feature.
    Wednesday, April 1, 2009 1:31 PM
  • So you should check if this policy is not implemented in your environment
    Also check Client Firewalls (disable them during the test)
    - Belgian Unified Communications Community : http://www.pro-exchange.be -
    Wednesday, April 1, 2009 7:34 PM
  • I have no issue transfering most file types.
    The issue is not related to firewalls or any policies in effect because there is no policy within the Communicator.adm that can restrict file types to be sent.  The server's IIM Filter has already been disabled and verified.

    The issue is specifically with files that end with .exe (and some other file types, but let's not confuse the issue).

    I can send and receive .xls, .xlsx, .doc, .txt, and .zip without issue to other users within the organization.
    I cannot send .exe files to other users nor can they send them to me.
    Wednesday, April 1, 2009 9:00 PM
  • How about anti virus software on the clients?
    - Belgian Unified Communications Community : http://www.pro-exchange.be -
    Wednesday, April 1, 2009 11:14 PM
  • No.  It is not anti-virus.
    Office Communicator 2007 R2 (the client) is blocking specific extensions from being transferred (nothing else is doing this).

    How do I control what extensions Office Communicator 2007 R2 (the client) blocks?
    Friday, April 3, 2009 1:15 PM
  • When the Office Communicator 2007 R2 client receives a file transfer request, it uses Windows Attachment Manager to decide if the file extension is safe.  (This is separate to the IIM Filter on the OCS.)

    You can configure the Attachment Manager settings using Group Policy editor:
    Start...Run...gpedit.msc
    Browse to user configuration / administrative templates / windows components / attachment manager
    Enable the "inclusion list for low file type" and specify ".exe"

    This will override the windows default setting for .exe, which is high risk

    Rob.

     
    Monday, June 1, 2009 12:10 PM
  • Rob,
    Thank you!
    Just a quick follow up.  A quick search indicates that this is the same system used by IE, and Outlook Express (Outlook too??).
    So by changing anything here, I'm potentially reducing the security of the entire system, yes?

    Thanks again!  I can at least tell someone how to change it, though I don't think I would want to control this at the domain level.

    Monday, June 1, 2009 4:12 PM
  • Yes I believe that's right, and I don't think there is any granularity that lets you change it for one application and not another.
    Rob
    Monday, June 1, 2009 4:15 PM