One Liner: See Who You’re Openly Federating With
Wanna see who you’re dynamically (openly) federating within Lync Server? It’s pretty straightforward with the Get-EventLog cmdlet. All we need to do is look for the most recent entry in the Lync Server event log with event ID 14601. One an Edge server, open PowerShell and run the following:
Get-EventLog "Lync Server" | Where-Object {$_.EventId -eq 14601} | Select-Object EventId, Message -First 1 | Format-List *
The description of the single returned event will list the domains you’re currently dynamically federating with. You’ll get something back like this:
EventID : 14601
Message : Report of discovered partners that the Access Edge Server is
currently monitoring.
There are 21 discovered partners, identified by the common name of
their certificate.
Name: sip-na.contoso.com; Domains: contoso.com
Name: sip.fabrikam.com; Domains: fabrikam.com
Name: sip.fourthcoffee.com; Domains: fourthcofee.com
Name: sip.windtiptoys.com; Domains: windtiptoys.com
Name: edge.adatum.com; Domains: adatum.com
Name: sip.humongousinsurance.com; Domains: humongousinsurance.com
Name: LYNC-TOR-Edge.litware.com; Domains: litware.com
Name: sip.northwindtraders.com; Domains: northwindtraders.com
Name: sip.proseware.com; Domains: proseware.com
Name: sip.adventure-works.com; Domains: adventure-works.com
Name: sipeu.alpineskihouse.com; Domains: alpineskihouse.com
Name: Lyncedge.blueyonderairlines.com; Domains: blueyonderairlines.com
Name: ussea-w15access.cohovineyard.com; Domains: cohovineyard.com
Name: sip.cohowinery.com; Domains: cohowinery.com
Name: sip.lucernepublishing.com; Domains: lucernepublishing.com
Name: ap.malvertising.info; Domains: malvertising.info
Name: federation.fineartschool.net; Domains: fineartschool.net
Name: sip.strikestrike.com; Domains: strikestrike.com
Name: lync.treyresearch.net; Domains: treyresearch.net
Name: sip.wideworldimporters.com; Domains: wideworldimporters.com
Name: sip.woodgrovebank.com; Domains: woodgrovebank.com*
A note that as the Message field of the event log entry mentions, these are DISCOVERED PARTNERS – those found through SRV records. If you want to see who you’re federating with using enhanced or direct federation (those specifically defined in your Lync environment), from a non-Edge Lync server, run Get-CsAllowedDomain. For a breakdown on the various types of federation, see Kevin Peter’s excellent post A Few Words on Federation.
Thanks Pat! (I’ve appropriated this PS command for my new script – it’s BLINDINGLY fast compared to the query I was previously running).
How about getting the info from user’s contacts 🙂
select distinct Right(UserAtHost,len(UserAtHost)-CHARINDEX(‘@’,UserAtHost)) from dbo.Resource where UserAtHost not like ‘%yoursipdomain.com.au%’
This list does not contain the domains of companies who are hosted in Office 365.
Is there a possibility to list these domains? Or is the suggestion from Hany the only way to go?
Hi There,
Our SfB uses open federation but we are federated with a number of partners who use direct and enhanced federation which (I assume) the above command will not return any records for.
How can I find that information also?
Cheers
C
@Craig
Bit of thread ressuection here, but you can pull it from the users contact lists. https://www.ucmadscientist.com/find-csexternalfederatedcontacts/
Pat’s solution is so much more elegant for its simplicity though
the command has some weird characters in it:
Get-EventLogÂ
Some weird WordPress issue. Should be all set now. Thanks for pointing it out.