Migrating your OCS Federated Partner Settings to Lync

During the edge migration stage of an OCS to Lync migration, you will likely need to re-establish existing OCS federated partner settings on the new Lync Edge pool.

If you have previously established direct federation connections between OCS and many federated partners that you explicitly allow, the thought of having to manually re-enter these federation settings in Lync isn’t very appealing.

Whenever a lot of manual administration is required, PowerShell comes to mind. Indeed, in this case it can be used to ease the pain of having to manually retype the federated partner domain, and optionally, the associated edge server FQDN.

In this post I provide a small PowerShell script that you can run on your OCS 2007 R2 Edge server that can be used to export your existing federated partner settings in the format of another PowerShell script that can be run to re-import those settings into Lync.

Caveatyour existing OCS partner federation settings could differ slightly. It is important to understand what this script is doing (it is straightforward) and tweak it to your configuration.

The following script runs on the OCS 2007 R2 edge and utilizes WMI – specifically the OCS 2007 R2 MSFT_SIPFederationPartnerTable class – to export a list of the federated partner domains:

Get-WmiObject -class MSFT_SIPFederationPartnerTable | ForEach-Object


   $domain = [System.String]$_.Domain

   $edgeProxy = [System.String]$_.EdgeProxyAddress

   if ($edgeProxy -eq "")


      write-output "New-CsAllowedDomain -Identity `"$domain`" -MarkForMonitoring `$True"




       write-output "New-CsAllowedDomain -Identity `"$domain`" -ProxyFqdn `"$edgeProxy`" -MarkForMonitoring `$True"



Save the above script to a PowerShell .ps1 file (e.g. EdgeFed.ps1). To run it in Powershell you will likely first need to set the ExecutionPolicy to allow scripts to run:

> Set-ExecutionPolicy Unrestricted

Invoking this script on the OCS Edge server (e.g. run “.\EdgeFed.ps1” in a PowerShell command window) will produce output similar to the following:

New-CsAllowedDomain -Identity "contoso.com" -MarkForMonitoring $True

New-CsAllowedDomain -Identity "fabrikam.com" -ProxyFqdn "im.fabrikam.com" -MarkForMonitoring $True



The script exports each federated partner setting and formats it into a Lync PowerShell “New-CsAllowedDomain” cmdlet which will add the partner as a new allowed federated domain in Lync.

Pipe the output of this script to another .ps1 file that can used on your Lync Edge (i.e. run “.\EdgeFed.ps1 > LyncFedSettings.ps1”).

To import the allowed federated partners into Lync, put the output file (e.g. LyncFedSettings.ps1) on your Lync Front-End or Edge server and run it in the Lync Management Shell.

You can see the new federated partner allow list with the Get-CsAllowedDomain cmdlet, or in the Lync Control Panel (External User Access | Federated Domains).

If your OCS federated partner settings differ from the explicit allow list method, and you need an automated solution, take a look at the WMI Classes for Office Communications Server. There is probably a WMI class that exposes these settings and can be scripted, and you can just modify the script above.

Addition OCS to Lync Migration Articles

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

1 comment to Migrating your OCS Federated Partner Settings to Lync

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>