Skype for Business – Spectralink IP-DECT Server Integration – Trusted Application objects

I recently deployed a Spectralink IP-DECT solution into a Skype for Business Server 2015 topology.

Applications built with UCMA 5.0, as well as legacy 4.0, are supported with Skype for Business Server 2015.  Integration is via Trusted Application objects.

In this article I’ll run through the PowerShell commands I ran to create the Trusted Application objects (as per Spectralink documentation), what the objects look like once created, and the relationship between the objects.

FQDN of the Spectralink IP-DECT Server:
FQDN of the Skype for Business Front End Pool:

I ran the following PowerShell commands:

New-CsTrustedApplicationPool -Identity -Site 2 -RequiresReplication $false -ThrottleAsServer $true -TreatAsAuthenticated $true -Registrar
New-CsTrustedApplication -ApplicationId dect -Port 5061 -TrustedApplicationPoolFqdn

Trusted Application Pools

The first PowerShell command ran, New-CsTrustedApplicationPool, creates a new pool that will contain servers that host Trusted Applications.

New-CsTrustedApplicationPool -Identity -Site 2 -RequiresReplication $false -ThrottleAsServer $true -TreatAsAuthenticated $true -Registrar

The FQDN of the new pool.  Note that while the Identity value for creating a pool is the pool FQDN, the value that will be stored as the Identity with the new pool is actually an automatically generated service ID of the pool (e.g.

The Site ID of the site on which the pool will be homed.  Note Get-CsSite can be used to retrieve the SiteID property of a site.

Determines whether replication is required for the pool.

When set to $false, connections between the servers within the pool and Trusted Applications as clients are throttled.  This places greater restrictions on the connections than the default $true, which throttles connections as servers.  Throttling a connection places restrictions on the number of transactions that can occur at once.

Determines whether authentication is required for Trusted Applications connecting to servers within the pool.

The service ID or FQDN of the Registrar service for the pool.

The following is the output of Get-CsTrustedApplicationPool -Identity | fl

Identity :
Registrar :
FileStore :
ThrottleAsServer : True
TreatAsAuthenticated : True
OutboundOnly : False
RequiresReplication : False
AudioPortStart :
AudioPortCount : 0
AppSharingPortStart :
AppSharingPortCount : 0
VideoPortStart :
VideoPortCount : 0
Applications : {urn:application:dect}
DependentServiceList : {}
ServiceId : 2-ExternalServer-15
SiteId : Site:SpectralinkDECT
PoolFqdn :
Version : 7
Role : TrustedApplicationPool

Trusted Application Computers

Creating a new Trusted Application Pool (a new external service) also creates a new Trusted Application Computer.

By default the Trusted Application Computer will have the same FQDN as the pool.  A different FQDN can be specified using the -ComputerFqdn parameter.

The following is the output of Get-CsTrustedApplicationComputer -Identity | fl

Identity :
Pool :
Fqdn :

Trusted Application object relationship:

The Trusted Application Computer (Identity: is directly related to the Trusted Application Pool (

Trusted Applications

The second PowerShell command ran, New-CsTrustedApplication, adds a Trusted Application to a pool.

New-CsTrustedApplication -ApplicationId dect -Port 5061 -TrustedApplicationPoolFqdn

The name of the application.  This must be a string that is unique within the pool that is specified in the -TrustedApplicationPoolFqdn parameter.  The string cannot contain spaces.  If a value is supplied for ApplicationId, a value for the TrustedApplicationPoolFqdn parameter must also be supplied.  An ApplicationId and an Identity cannot be specified.

The port number on which the application will run.

The FQDN of the Trusted Application Pool on which the application will reside.

The following is the output of Get-CsTrustedApplication -Identity | fl

Identity :
ComputerGruus : {;gruu;opaque=srvr:dect:Oy3QV2APOVCt49eVbM2CkgBA}
ServiceGruu :;gruu;opaque=srvr:dect:Oy3QV2APOVCt49eVbM2CkgBA
Protocol : Mtls
ApplicationId : urn:application:dect
TrustedApplicationPoolFqdn :
Port : 5061
LegacyApplicationName : dect

Trusted Application object relationship:

The Trusted Application ( is directly related to the Trusted Application Pool (

The property that ties the two together is the Trusted Application Pool PoolFqdn.

The Trusted Application Pool has a corresponding Applications multivalued property, populated by all the Trusted Applications that are associated with it (via the ApplicationId properties).

Trusted applications need to be associated with Globally Routable User Agent URIs (GRUUs), both service GRUUs and computer GRUUs.  New-CsTrustedApplication automatically generates these values based on the computers and services associated with the pool on which this application is homed.

Trusted Application object relationship diagram:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s