SEFAUtil is part of the Lync Server Resource Kit. This Kit is a collection of various tools to help with tasks while deploying and managing Lync Server.
This two part series of posts is all about SEFAUtil:
- Part 1 – Prerequisites and Installation: Set up a Trusted Application Server and get SEFAUtil to run
- Part 2 – Perform configuration using the tool
What is SEFAUtil?
As said SEFAUtil is part of the Lync Server Resource Kit tools. It’s a command-line tool that enables you to configure the following options:
- simultaneous ringing
- team-call settings
- group call pickup
Most of the options can be configured by the Lync user himself using the “call forwarding” settings within the Lync client. It therefore allows the administrator to enable/disable/modify call forwarding or simultaneously ringing on behalf of the user. You can also just read the currently active configuration.
SEFAUtil needs to be used on a computer that is part of a Trusted Application Pool. The tool needs to be defined as a Trusted Application. Additionaly, UCMA 3.0 must be installed on that computer. Therefore, the following steps are necessary for using SEFAUtil:
- Identify a server you want to use in a Trusted Application Pool
- Define the Server as a Trusted Application Pool
- Define SEFAUtil as a Trusted Application
- Get your Trusted Application server ready
- Celebrate because your SEFAUtil works
Set up a Trusted Application Pool and Trusted Application
First you want to identify the server you will use in a Trusted Application Pool. This can basically be any Windows Server, even a Lync Server, although you should not use a Front End Server. Within larger deployments I usually recommend using a small extra server, that can be used for all kinds of administrative tasks (e.g. syslog, Lync Administrative tools, etc.).
Next, set up a Trusted Application Pool. You can create it using the Lync Topology Builder or, of course, PowerShell.
Lync Topology Builder
Within your Lync Topology create a “New Trusted Application Pool”.
You’ll be asked to define a FQDN.
Next you can associate a next hop pool. That’s the last step.
Of course you can also create the Trusted Application Pool directly using Powershell.
New-CsTrustedApplicationPool -id <Pool FQDN> -Registrar <Pool Registrar FQDN> -site Site:<Pool Site> New-CsTrustedApplicationPool -id taps01.lab01.local -Registrar lspool01.lab01.local -site Site:Dresden
You can get the name of your configured Sites using the following command:
Next you have to set SEFAUtil as a Trusted Application and connect it to the Trusted Application Pool (TAP) you created. This step you have to perform in PowerShell.
New-CsTrustedApplication -ApplicationId <ID of Application> -TrustedApplicationPoolFqdn <TAP FQDN> -Port <Port> New-CsTrustedApplication -ApplicationId sefautil -TrustedApplicationPoolFqdn taps01.lab01.local -Port 7489
For the port you can use pretty much any free port you want.
To enable the changes run the following command:
Get your Trusted Application Server ready
Now that the topology configuration is complete, you can move on to the Trusted Application server itself. As said, you need to install UCMA 3.0. Usually I use the Lync installation for that step, because I will make use of the Lync Deployment Wizard later on for the certificate. This is not a must, I just think it’s a nice and easy way.
After the installation is done (and you have installed the local configuration store), request and assign a certificate with the Certificate Wizard. The default information is already sufficient, you don’t really have to make any changes.
Install the Lync Server Resource Kit. The current version for Lync 2013 can be found here:
Use your SEFAUtil
By default you can find the tool in C:\Program Files\Microsoft Lync Server 2013\ResKit.
You should start your PowerShell as an administrator. After navigating to the location above you can use SEFAUtil.
More about how to use SEFAUtil will follow in Part 2 – Perform configuration using the tool.
I support partners with their Skype for Business projects and offerings following the Skype Operations Framework.
Opinions displayed on this blog and my social media pages are my own and do not express the views and opinions of Microsoft.
Latest posts by Simone (see all)
- Office Online Server with Skype for Business – Deployment - 1. July 2016
- Quickie: Mainstream support for Lync 2010 ending soon - 23. February 2016
- Using SEFAUtil – Part 2 – Perform configuration using the tool - 21. July 2015