This article contains general explanations about where UCMA should be installed and how "Trusted Application" works.
UCMA
UCMA is a software component by Microsoft that we install on certain servers (typically Access Portal web server).
This component allows for developers and 3rd party apps to get access and take control over certain aspects of Microsoft's Enhanced Presence information, instant messaging, telephone and video calls, and audio/video conferencing.
This component together with the "CsTrustedApplciation" configurations allow us to perform manipulations and use the SfB/Lync environment in order to do the following:
...
In order to view this what is already configured with this configuration the following commands can be used:
Get-CsTrustedApplicationPool
Get-CsTrustedApplication
Get-CsTrustedApplicationEndpoint
uration these comma
Each one of those commands present a different part of the Trusted Application configuration. Generally there are 4 types of Trusted Application configurations: Trusted Application Pool, Trusted Application , Trusted Application endpoint , Trusted Application computer.
SkypeShield is not using Trusted Application computer. However it does use the others. Each one of these configurations have a few settings in them.
When troubleshooting issues regarding UCMA these specific settings are important to know :
For Trusted Application Endpoint:
https://technet.microsoft.com/en-us/library/gg398594.aspx
For Trusted Application:
https://technet.microsoft.com/en-us/library/gg398259.aspx
For Trusted Application pool:
https://technet.microsoft.com/en-us/library/gg425804.aspx
Trusted Application pool
Each Trusted Application has a pool that can contain multiple Trusted Applications,
In the Each trusted application pool is set to a specific SfB server (this is the server that we "authorize" the 3rd party application to work on) and the server in which the 3rd party App that requires authorization is installed.
Trusted Application
Within the Trusted Application pool we set a Trusted Application.
The Trusted Application specifies a "identified" (in our case "SkypeShieldTrustedApp" or "SipFilterTrustedApp") and a port to send the remote SfB actions on (by default with our scripts it's set to 11111)
Trusted Application Endpoint
In the pool our scripts also create a Trusted application endpoint, A trusted application endpoint is an Active Directory contact object that enables routing of calls to a trusted application.
Within the trusted application Endpoint we define a SIP address (In our case it is used to contact customers for IMs).
SkypeShield's trusted application installation
When installing