Topic Last Modified: 2010-10-01

Retrieves information about one or more trusted application endpoints.


Get-CsTrustedApplicationEndpoint [-Identity <UserIdParameter>] [-ApplicationId <String>] [-Credential <PSCredential>] [-DomainController <Fqdn>] [-Filter <String>] [-OU <OUIdParameter>] [-ResultSize <Unlimited>] [-TrustedApplicationPoolFqdn <String>]


Parameter Required Type Description




The Identity (distinguished name), SIP address, or display name of the application endpoint to be modified.




Enables you to limit the returned data by filtering on specific attributes for Microsoft Lync Server 2010. For example, you can limit returned data to contacts whose display names or SIP addresses match a certain wildcard pattern.

The Filter parameter uses the same Windows PowerShell filtering syntax that is used by the Where-Object cmdlet. For example, a filter that returns only contacts that have been enabled for Enterprise Voice would look like this: {EnterpriseVoiceEnabled -eq $True}, with EnterpriseVoiceEnabled representing the Active Directory attribute, -eq representing the comparison operator (equal to), and $True (a built-in Windows PowerShell variable) representing the filter value.




The application ID of the trusted application for the endpoint you want to retrieve.




Alternate credentials to be used to retrieve the endpoint. You can retrieve a PSCredential object by calling the Get-Credential cmdlet.




Allows you to specify a domain controller. If no domain controller is specified, the first available will be used.




The OU in which the endpoint resides.




The maximum number of endpoint records to retrieve.




The fully qualified domain name (FQDN) of the trusted application pool associated with the application for the endpoint you want to retrieve.

Detailed Description

A trusted application endpoint is an Active Directory contact object that enables routing of calls to a trusted application. This cmdlet retrieves one or more existing endpoint contact objects in Active Directory Domain Services (AD DS).

Who can run this cmdlet: By default, members of the following groups are authorized to run the Get-CsTrustedApplicationEndpoint cmdlet locally: RTCUniversalUserAdmins, RTCUniversalServerAdmins, RTCUniversalReadOnlyAdmins. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt:

Get-CsAdminRole | Where-Object {$_.Cmdlets –match "Get-CsTrustedApplicationEndpoint"}

Input Types

String. Accepts a pipelined string value representing the Identity of a user account.

Return Types

Retrieves an object of type Microsoft.Rtc.Management.ADConnect.Schema.OCSADApplicationContact.


-------------------------- Example 1 ------------------------

Copy Code

This example retrieves information about all trusted application endpoints defined within the Lync Server 2010 deployment.

-------------------------- Example 2 ------------------------

Copy Code
Get-CsTrustedApplicationEndpoint -Identity ""

Example 2 retrieves information about the application endpoint contact with the SIP address Note that the sip: prefix is required when using a SIP address as the Identity.

-------------------------- Example 3 ------------------------

Copy Code
Get-CsTrustedApplicationEndpoint -Filter {DisplayName -like "*endpoint*"}

Example 3 retrieves all trusted application endpoints that have the string “endpoint” anywhere within their display name. To do this, the command uses the Filter parameter. The value of the parameter filters to find endpoint objects that have a display name (DisplayName) that contains (-like) the string endpoint (*endpoint* - the wildcard characters indicate that any characters can come before or after the string endpoint, meaning endpoint can be anywhere within the display name).

-------------------------- Example 4 ------------------------

Copy Code
Get-CsTrustedApplicationEndpoint -ApplicationId tapp2 | Select-Object SipAddress, DisplayName, OwnerUrn

Example 4 will return all trusted application endpoints associated with the application tapp2. This is accomplished by passing the ID tapp2 to the ApplicationId parameter. Notice that we didn’t supply a pool FQDN; this means that if an application with the ID tapp2 exists on more than one pool, endpoints for all those applications will be retrieved. The next part of this command pipes the returned object or objects to the Select-Object cmdlet, which displays only the SipAddress, DisplayName, and OwnerUrn properties of those objects.

See Also