[This is preliminary documentation and is subject to change. Blank topics are included as placeholders.]

Adds a domain to the list of domains approved for federation. When a domain has been approved for federation (by being added to the allowed list) that means your users can exchange instant messages and presence information with people who have accounts in the federated domain.

Syntax

New-CsAllowedDomain -Identity <XdsGlobalRelativeIdentity> [-Comment <String>] [-Confirm [<SwitchParameter>]] [-Force <SwitchParameter>] [-InMemory <SwitchParameter>] [-MarkForMonitoring <$true | $false>] [-ProxyFqdn <String>] [-WhatIf [<SwitchParameter>]]
New-CsAllowedDomain -Domain <String> [-Comment <String>] [-Confirm [<SwitchParameter>]] [-Force <SwitchParameter>] [-InMemory <SwitchParameter>] [-MarkForMonitoring <$true | $false>] [-ProxyFqdn <String>] [-WhatIf [<SwitchParameter>]]

Parameters

Parameter Required Type Description

Identity

Optional

String

Fully qualified domain name (e.g., fabrikam.com) of the domain to be added to the allowed list. You can use either the -Identity or the -Domain parameter (but not both) in order to specify the domain name. If you use -Identity, the Domain property will be set to the same value assigned to -Identity. If you use -Domain, the Identity property will be set to the same value assigned to -Domain.

Note that Identities must be unique: if the specified domain already exists on either the blocked or the allowed list your command will fail.

Domain

Optional

String

Fully qualified domain name (e.g., fabrikam.com) of the domain to be added to the blocked list. You can use either the -Identity or the -Domain parameter (but not both) in order to specify the domain name. If you use -Identity, the Domain property will be set to the same value assigned to -Identity. If you use -Domain, the Identity property will be set to the same value assigned to -Domain.

Note that Domains must be unique: if the specified domain already exists on either the blocked or the allowed list your command will fail.

Comment

Optional

String

Optional string value that provides additional information about the domain being added to the allowed list. For example, you might add a Comment that provides contact information for the federated domain.

ProxyFqdn

Optional

Fqdn

Fully qualified domain name (e.g., proxy-server.fabrikam.com) of the SIP proxy server deployed in the domain being added to the allowed list. This property is optional: if it is not specified (and if your Access Edge server is enabled for partner discovery) then DNS SRV discovery procedures will be used to determine the location of the SIP proxy server. With SRV discovery, DNS records for the remote domain will be used to determine the proxy server address.

MarkForMonitoring

Optional

Boolean

Indicates whether the federation connection between your domain and the remote domain will be monitored by Monitoring Server. By default, MarkForMonitoring is set to False, meaning that the connection will not be monitored.

This property will be ignored if you have not deployed Monitoring Server.

InMemory

Optional

Switch Parameter

Creates an object reference without actually committing the object as a permanent change. If you assign the output of this cmdlet called with this parameter to a variable, you can make changes to the properties of the object reference and then commit those changes by calling this cmdlet’s matching Set- cmdlet.

Force

Optional

Switch Parameter

Suppresses the display of any non-fatal error message that might arise when running the command.

WhatIf

Optional

Switch Parameter

Describes what would happen if you executed the command without actually executing the command.

Confirm

Optional

Switch Parameter

Prompts you for confirmation before executing the command.

Detailed Description

Federation is a means by which two organizations can set up a trust relationship that facilitates communication between the two groups. When a federation has been established, users in the two organizations can send each other instant messages, subscribe for presence notifications, and otherwise communicate with one another using SIP applications such as Microsoft Communicator "14". Microsoft Communications Server 2010 allows for three types of federation: 1) direct federation between your organization and another; 2) federation between your organization and a public provider; and, 3) federation between your organization and a third-party hosting provider.

Setting up direct federation with another organization involves several tasks. To begin with, you must enable your Access Edge servers to allow federation; for more information, type "Get-Help Set-CsAccessEdgeConfiguration" (without the quote marks) at the windows PowerShell prompt. In addition, the other organization must enable federation with you; federation cannot be established unless both parties agree to the relationship.

Equally important, you must manage two federation-related lists: the allowed list and the blocked list. The allowed list represents the organizations you have chosen to federate with; if a domain appears on the allowed list then (depending on your configuration settings) your users will be able to exchange instant messages and presence information with users who have accounts in that federated domain. Conversely, the blocked list represents domains that you are expressly forbidden from federating with: messages sent from a blocked domain will automatically be rejected by Communications Server 2010.

If you want to create a new federation relationship, you can use New-CsAllowedDomain to add a domain to the list of allowed domains.

Return Types

Creates instances of the Microsoft.Rtc.Management.WriteableConfig.Settings.Edge.AllowedDomain object.

Examples

-------------------------- Example 1 ------------------------

Copy Code
New-CsAllowedDomain -Identity "fabrikam.com"

In the preceding example, the domain fabrikam.com is added to the list of allowed domains. To do this, New-CsAllowedDomain is called, along with the -Identity parameter; -Identity is simply assigned the name of the domain to be blocked. Note that this command will fail if fabrikam.com is already on the allowed list, or if the domain is on the blocked list

-------------------------- Example 2 ------------------------

Copy Code
New-CsAllowedDomain -Identity "fabrikam.com" -ProxyFqdn "proxyserver.fabrikam.com" -MarkForMonitoring $True -Comment "Contact: Ken Myer (kenmyer@fabrikam.com)"

Example 2 is a variation of the command shown in Example 1. In this case, however, two additional parameters are included along with -Identity: -ProxyFqdn is used to specify the fully qualified domain name of the proxy server for fabrikam.com; and -MarkForMonitoring is used to add this federation connection to the list of items monitored by Monitoring Server.

-------------------------- Example 3 ------------------------

Copy Code
$x = New-CsAllowedDomain -Identity "fabrikam.com" -InMemory
$x.ProxyFqdn = "proxyserver.fabrikam.com" 
$x.MarkForMonitoring = $True 
$x.Comment = "Contact: Ken Myer (kenmyer@fabrikam.com)"
Set-CsAllowedDomain -Instance $x

Example 3 demonstrates how you can use the -InMemory parameter to create a new allowed domain that initially exists only in memory; after you modify the property values of this in-memory-only domain you can then call Set-CsAllowedDomain to add the domain to the allowed list. In order to do this, the first command in the example uses New-CsAllowedDomain and the -InMemory parameter to create an allowed domain that has the Identity fabrikam.com. After it is created, this virtual domain is stored in the variable $x.

Lines 2, 3, and 4 are used to modify the values of the ProxyFqdn, MarkForMonitoring, and Comment properties, respectively. After all the property values have been modified, the final command uses Set-CsAllowedDomain to add the virtual domain to the allowed domain list. Keep in mind that, until Set-CsAllowedDomain is called, fabrikam.com exists only in memory: if you run Get-CsAllowedDomain any time prior to the last line in the example fabrikam.com will not appear on the list of allowed domains. That will not happen until after you have called Set-CsAllowedDomain.