The first task in configuring the Persistent Chat environment is granting administrative permissions to the accounts that will be managing the environment. With all Lync Server roles, RBAC (role-based access control) is used to grant privileges by assigning users to predefined Lync Server administrative roles represented by Active Directory security groups, and this includes Persistent Chat. One such group is provided specifically for the administration of the Persistent Chat environment, the CsPersistentChatAdministrator
group. This security group, along with the rest of the predefined Lync security groups, is located by default in the top-level Users container in the forest root AD domain. Members of the CsPersistentChatAdministrator
group are granted access to the Lync Persistent Chat cmdlets, which can be executed using either the Lync Management Shell or the Lync Server Control Panel.
Note
While the CsPersistentChatAdministrator
group grants specific access to the Persistent Chat portion of the Lync environment, two other groups also have administrative access to much of the Persistent Chat configuration as part of their broader administrative scope: CsAdministrator
and CsUserAdministrator
. Therefore, in smaller organizations where one group of administrators manages the entire Lync environment including Persistent Chat, it might not be necessary to populate the CsPersistentChatAdministrator
group.
By default, there are no members of the CsPersistentChatAdministrator
group, and therefore the group must be populated with user accounts to delegate administrative rights to the Persistent Chat configuration.