Home » Lync » Custom Presence in #Lync 2013 Without Disabling SIP High Security Mode Using the Cloud

If you’re like me, you like to be able to customize most of your work environment.  When it comes to the Lync client, you’re limited to the default presence options out-of-the-box and no in-client method of altering them.


There have been methods to add up to 3 customized presence states since the days of Communicator 2007.  However, a big change now with Lync 2013, is that Lync 2013 enables High Security SIP Mode by default where previous client versions did not.  When SIP High Security Mode is enabled, the client can only make HTTPS connections for the custom presence file.  This can impact you if you want to use the old method of referencing a custom presence xml file locally on your computer’s file system via file:///c:/presence.xml.

SIP High Security mode can be disabled via a registry key, but if your machine is being managed and secured by a Lync Client Policy GPO, then High Security Mode may not be disabled as easily or if simply you don’t want to reduce the overall security of your machine and Lync related connections by disabling High Security SIP Mode.  Most people don’t take issue with disabling SIP High Security Mode, this article will help those that might have an issue with it.

The solution in keeping SIP High Security Mode enabled on your client and using a custom presence is to leverage a HTTPS hosted presence.xml file.   Microsoft guidance references hosting on the Lync Server Pool itself leveraging the already trusted SSL cert, but if you’re not a Lync Administrator this likely isn’t an option for you.  Furthermore, hosting a personal custom presence.xml file on a corporate Lync Pool probably isn’t the smartest move  and could likely be a resume generating event depending on how strict your company takes that sort of thing.

If you’re like me, you already had your custom presence file saved to Dropbox or similar service and aren’t being forced to use a company-wide custom presence.xml file via Policy.  For this article, I’m only focusing on Dropbox.  I tried to make this work via Skydrive, but ran into issues in creating a link directly to the presence.xml file.  If you know how to link directly to files in Skydrive WITHOUT the service renaming the file upon download, please let me know in the comments below.


  1. Local Admin on your machine so that you can edit the registry
  2. Access to Dropbox or similar service from wherever you are at that provides HTTPS direct file linking.  This could be challenging while behind your company firewall if your company filters cloud storage vendors.
  3. Your company isn’t already pushing down a custom presence.xml location, valid or invalid, via in-band provisioning.

First create and edit your presence.xml file, here is mine as an example
(my code plug-in isn’t displaying XML properly, so I’m resorting to pics)


Here is the example from Microsoft TechNet


Next upload the presence.xml file to Dropbox.  Once the file upload is complete, follow this Dropbox article on how to create a direct download link to your presence.xml file.  If you try to use the Share link from within the Dropbox WebUI you will end up with the file being rendered in the web page and it will not work for Lync.



Once you’ve got your link, test it via your favorite browser to validate it opens without issue.  If it looks similar to this, move onto the next step.



Next you’re going to need to create some registry keys if they don’t exist already.

  1. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft Key
  2. Create a new key called Office
  3. Underneath your newly created Office Key, create a new Key called 15.0
  4. Underneath your newly created 15.0 Key, create a new Key called Lync
  5. Now create a new String value / REG_SZ, named CustomStateURL
  6. Populate the Value of CustomStateURL with the direct file link URL you noted earlier.

Once the registry is set, Exit out of Lync and restart it.  You’ll now have your custom presence options available.



Like I mentioned before, there are some requirements/factors that could prevent this from working as described.  If you lack local admin rights to your PC, this is a non-starter.  If your company specifically blocks cloud storage providers, you may want to look at self hosting.  Self hosting along with a valid and trusted SSL cert will be pricey for this small customization.  You might just want to rethink if this is actually worth it.  Finally, your Lync Administrator(s) can configure an invalid location via Lync’s in-band client policies and this will effectively prevent you from using custom presence.  In-band provisioning always wins.

  • David

    using windows 8.1, Lync 2013, dropbox https, does not seem to work.

  • heino rask

    It is working like a charm LOCALLY other lync users can’t see the homemade status.

    Please advice?

    Best Regards