I ran across this while testing an issue a reader of my blog posted in the comments of an article I wrote about the Lync Basic 2013 client. They had mentioned that when a user using the Lync Basic 2013 client was set to A/V disabled the options for A/V were still presented in the client. In my testing I found this to be true and in fact the options were not only presented to the user, but A/V wasn't blocked if the user tried to initiate an A/V call to another user. For my testing I was using version 15.0.4420.1017 of the Lync Basic 2013 client. You can see in the screen shot below that even though the user is set to A/V disabled in Lync, the Phone tab and the Call Forwarding options still appear and the user is actually in a call with another user:
In addition, the options for starting an A/V call with another user are available:
Also, when looking at the A/V disabled user's presence from another client, you can see that they show as "Video Capable", even though they should be disabled for video:
If you compare this to the same user signed into the Lync 2013 client, you can see that the Phone tab and the Call Forwarding options are removed, as expected:
Also, the options for initiating an A/V call are removed as well:
So how does the Lync client know what features to make available when the user signs in? The answer is through information received by the client via in-band provisioning. The Lync client sends out a SIP SUBSCRIBE requesting provisioning information:
SUBSCRIBE sip:email@example.com SIP/2.0
The response is a SIP/2.0 200 OK and contained in the response is the setting we're interested in:
The telephonyMode setting can contain a couple of different values, depending on what the user is configured for:
It appears that currently the Lync Basic 2013 client is ignoring this setting and is allowing the user to initiate A/V sessions whether the user is enabled to do so or not.
Oh dear, hope my Lync Users don't read this!!!
Please fix MS!!
You may implement CAC to Limit the bandwidth over the WAN-Links. But not a solution for LAN.
Maybe you can configure static ports for A/V Usage and drop These on a Switch Level or Windows Firewall.