This blog post details how you would go about adding a trusted application to your Lync 2013 topology.
For this example I’m going to add the trusted application built by Johan Veldhuis which allows for configuration of the SefaUtil commands at a GUI level.
For the people who are unaware of what the Sefautil is. This is the extension features which is part of the Lync 2013 resource kit which allows for remote configuration of users call forwarding, sim ringing and call pickup group option. So essentially you can administer a users settings without whiteout actually visiting the users desk.
Johan has created a great utility which is GUI based as apposed to the powershell commands which is default to the sefautil running.
You can find details on Johan GUI here. http://johanveldhuis.nl/en/sefautil-gui/
ok back to the trusted application piece. Creating a trusted application is the same process contrary to what the software application is which you are wanting to use.
Starting the trust..
Creating the new trusted application pool. For this we do need to initially run some powershell commands to get us going, but before we do that we need to find some information about our pool to add to the powershell command. to do this we need to run the following PS Command
New-CsTrustedApplicationPool -id <Pool FQDN> -Registrar <Pool Registrar FQDN> -site Site:<Pool Site>
eg: New-CsTrustedApplicationPool -id lyncse.northernlync.local -Registrar lyncse.northernlync.local -site Site:1
Once this has successfully completed, we then need to run our second powershell command
New-CsTrustedApplication -ApplicationId sefautil -TrustedApplicationPoolFqdn <Pool FQDN> -Port 7489
eg: New-CsTrustedApplication -ApplicationId sefautil -TrustedApplicationPoolFqdn lyncse.northernlync.local -Port 7489
Note: you will be prompted at both PS commands to run the enable-cstopolgy command. its at this point now you need to run it
We are now complete with the Lync management shell and the powershell commands for setting up a trusted application. (its also worth noting if you went into your Lync control panel or the Lync topology the application trust will now be showing within these areas)
So to complete our blog now we need to download the sefautil.exe which is part of the Lync 2013 resource kit which can be found here http://www.microsoft.com/en-gb/download/details.aspx?id=36821
go ahead and install it using the default locations etc. <default location \Program Files\Microsoft Lync Server 2013\Reskit.>
Now lets check that our commands do actually work from a cmd line approach. To do this we need to open up the normal command prompt but as Administrator and navigate to the default location path of the sefautil. (ABOVE Path).
Once you are within the Reskit folder run this command line
SEFAUtil.exe <user SIP address> /server:<Lync Server/Pool FQDN>
eg: SEFAUtil.exe firstname.lastname@example.org /server:lyncse.northernlync.local
Running this will bring back the current call settings for the user.
Now the final piece of running Johan’s SefaUtil GUI.
to do this we need to head back to the Lync Management shell as Administrator and select Johan’s Powershell script. To do this navigate to the script (NOTE: you need to unzip the .zip file first)
Once your with the folder where the .ps1 file is located run the following command
start-sefautil -pool poolfqdn
eg: start-sefautil -pool lyncse.northernlync.local
<You will/might be prompt for a execution policy issue before the .ps1 will run.> If you are type this command set-executionpolicy Unrestricted. Then run the .ps1 command again.
Once the GUI is open you will have the ability to administer your users call settings.
Thank you for looking and below is the videoCast of me doing the above in my lab.
AND massive thanks from the Lync Comminitity goes to Johan for the excellent SefaUtil GUI.! You can find more information about Johan and the things he’s working on at his blog site. http://johanveldhuis.nl/