Here you test the basic steps for a successful first unidirectional synchronization.
In this example you synchronize the mail-enabled objects of the on-premise Active Directory forest into contacts folder of user´s mailboxes, which are on the on-premise Exchange server in the same forest.
GALsync 7 Manual
40
Or you synchronize the mail-enabled objects of the Office 365 tenant into contacts folder of user´s mailboxes, which are on the Exchange Online in the same Office 365 tenant.
1 Prerequisites
Your environment must be based on Exchange 2007 SP1 and higher or Exchange Online (Microsoft Office 365).
The computer you want to install GALsync on
Must be a member of the domain if your side is On-Premise. It should have a good bandwidth to the next DC/GC and an Exchange Server with CAS role.
May be a standalone machine if your side is Exchange-Online.
Should have a dual-core processor and 2GB RAM.
Can be a client OS, i.e. Windows 7 Professional (64-Bit), for testing or a server OS, i.e. Windows 2008 R2 SP1 (64-Bit).
Must be configured with .NET Framework 4.5.1.
Must be configured with PowerShell 2.0 or higher.
GALsync 7 Manual
41
Create a service account with an Exchange mailbox.
On-Premise: Provide the user of the mailbox with administrative permissions on the machine you want to install GALsync on.
Exchange-Online: The user of the mailbox must be member of the EXCHANGE ADMINISTRATOR role or GLOBAL ADMINISTRATOR role.
GALsync must have direct access to the user mailbox via Exchange Web Services.
NOTE:DIRECT ACCESS TO KIOSK USER MAILBOXES VIA EXCHANGE WEB SERVICES IS NOT PERMITTED.SEE http://community.office365.com/en-us/forums/158/t/62635.aspx AND
http://social.msdn.microsoft.com/Forums/en-US/exchangesvrdevelopment/thread/1758d5f8-be86-4dc9-b53c-d6eb38d2d7d2
Ensure that the mailbox is accessible (i.e. by Outlook Web Access), that the mailbox can send to and receive mails from the other
organization and that incoming mails from the other organization do not get caught by your spam filter or firewall.
NOTE:NEW CREATED EXCHANGE ONLINE ACCOUNTS NEED TO LOG ON AT LEAST ONE TIME TO RESET THEIR TEMPORARY PASSWORD.OTHERWISE REMOTE POWERSHELL WILL NOT WORK.
If your target side is On-Premise then create an Organizational Unit where you want to import the source objects. The GALsync Service Account needs write permissions in the Active Directory for the import OU. To grant this see chapter PERMISSIONS in section ACTIVE DIRECTORY
PERMISSION FOR THE IMPORT OU.
If your side is On-Premise, make sure that you can logon with the configured service account. Also it is required that the setup of
GALsync can grant this account with local security permissions to LOG ON AS SERVICE. Also you may add the service account to the local group REMOTE DESKTOP USERS.
For testing purposes create some mailboxes and a group. Add the mailboxes as member to the group.
The service account need the FULL ACCESS PERMISSIONS for the mailboxes, where you want to import into the mailbox contacts.
Please have a look at the chapter How to grant full access to the user mailboxes?
NOTE:IN A HYBRID EXCHANGE ENVIRONMENT YOU NEED TWO IMPORT POLICIES.
ONE IMPORT POLICY, WHICH IMPORTS INTO THE MAILBOXES, WHICH ARE LOCATED ON AN ON-PREMISE EXCHANGE SERVER.
THE OTHER IMPORT POLICY, WHICH IMPORTS INTO THE MAILBOXES, WHICH ARE LOCATED ON EXCHANGE ONLINE OF THE OFFICE 365 TENANT.
GALsync 7 Manual
42
2 Install the software in the source forest
Login with the user you created before. Run setup.
GALsync 7 Manual
43
Run GALsync the first time and configure a Service Account (SA) by taking the same account as you are logged in (On-Premise).
If the setup detects that GALsync was installed on a standalone machine, the service account will be added automatically as
LOCALSYSTEM.
GALsync 7 Manual
44
Running GALsync you can check the service account configuration and your log-in account at bottom left corner.
On-Premise
Exchange Online
In menu HELP select ABOUT and add your license. See also chapter LICENSING.
GALsync 7 Manual
45
On-Premise only: In menu OPTIONS select EXCHANGE.
Configure the access to your Exchange Server. Click MANUAL SETTING and the SEARCH icon. Now GALsync tries to use autodiscover and displays the URI it discovers. If you get an error message please insert the correct URI for your environment.
Leave the other option unclicked.
Confirm the first configuration by pressing the SAVE button.
GALsync 7 Manual
46
3 Create and run an export policy
Create a first Export policy lead by the wizard
Choose to EXPORT DIRECTORY INFORMATION and
choose AN ON-PREMISE EXCHANGE ORGANIZATION OR A HYBRID EXCHANGE
ORGANIZATION. EXPORT DIRECTORY INFORMATION (GAL) FROM AN ON-PREMISE
EXCHANGE ORGANIZATION OR A HYBRID EXCHANGE ORGANIZATION. or choose to EXPORT DIRECTORY INFORMATION and
chooseAN EXCHANGE ONLINE /OFFICE 365 TENANT, WHICH IS AN EXCHANGE CLOUD-ONLY SCENERIO.EXPORT DIRECTORY INFORMATION (GAL) FROM AN EXCHANGE ONLINE /OFFICE 365 TENANT.
GALsync 7 Manual
47
If you are Exchange Online then click NEW CREDENTIALS.
Insert the username and password of an appropriate account in the Exchange Online (Microsoft Office 365).
NOTE:MICROSOFT ALLOWS ONLY 3POWERSHELL CONNECTION PER ACCOUNT TO EXCHANGE ONLINE (MICROSOFT OFFICE 365).
GALsync 7 Manual
48
GALsync will only use the mailbox of the primary account to send and receive e-mails.
NOTE:ALL ACCOUNTS MUST BE FROM THE SAME EXCHANGE ONLINE (MICROSOFT OFFICE 365) TENANT
Click NEXT
GALsync 7 Manual
49
Choose MANUAL as data transfer mode.
GALsync 7 Manual
50
Note the data file path for the import policy if you have change it.
Click NEXT.
Here you can select the mail-enabled objects, which you want to export.
GALsync 7 Manual
51
As directory information SEARCH for the group which you created for test purposes with some test-mailboxes and groups as member. APPLY
and click NEXT. Choose GROUP +MEMBERSHIP. Choose INCLUDE NESTED GROUPS. Choose SETTINGS FOR ALL GROUPS. Click OK. Click NEXT.
GALsync 7 Manual
52
Leave STATUS NOTIFICATION EMAILS unclicked and click NEXT.
Leave SCHEDULE SERVICE unclicked and click NEXT.
GALsync 7 Manual
53
In the GENERAL SECTION insert a name for the policy and click NEXT.
After in SUMMARY SECTION all your configuration is validated click FINISH.
GALsync 7 Manual
54
Execute the policy by clicking RUN while mouse focus is set to the policy name in the hierarchy tree on the left hand side. The OPERATION STATUS
displays the progress. After execution click CLOSE.
GALsync 7 Manual
55
4 Create and run an import policy
Create a first import policy lead by the wizard
Choose to IMPORT DIRECTORY INFORMATION (GAL) INTO CONTACTS FOLDER OF USER´S MAILBOXES
and choose THE MAILBOXES ON AN ON-PREMISE EXCHANGE SERVER.
Click NEXT.
GALsync 7 Manual
56
If the mailboxes are on Exchange Online then insert the user-ID and password of an appropriate account in the cloud. Click NEXT.
You can test the credentials.
GALsync 7 Manual
57
On-premise: The GALsync service account need the full access permission for each mailbox, where you want to import the mail-enabled objects as contacts.
If you don´t want give the GALsync service account the full access permission for each mailbox, you can insert a dedicated mailbox user, which has the full access permission for each mailbox.
GALsync 7 Manual
58
Exchange Online: The primary account for Exchange Online need the full access permission for each mailbox, where you want to import the mail-enabled objects as contacts.
If you don´t want give the primary account for Exchange Online the full access permission for each mailbox, you can insert a dedicated mailbox user, which has the full access permission for each mailbox.
GALsync 7 Manual
59
Choose the mailbox users, which should get the mail-enabled objects as contacts.
Choose MANUAL as data transfer mode. Click NEXT.
GALsync 7 Manual
60
Note, if you have changed the data file path at the export policy, you have change it here to the same value.
Click NEXT.
ADD a folder for the contacts and select it.
Click NEXT.
GALsync 7 Manual
61
Leave STATUS NOTIFICATION emails unclicked and click NEXT.
Leave SCHEDULE SERVICE unclicked and click NEXT.
GALsync 7 Manual
62
In the GENERAL SECTION insert a name for the policy and click NEXT.
After in SUMMARY section all your configuration is validated click FINISH.
GALsync 7 Manual
63
Execute the policy by clicking RUN while mouse focus is set to the policy name in the hierarchy tree lefthander.
The OPERATION STATUS displays the progress. After execution click CLOSE.
Now you should see the synchronized mail-enabled objects in the folder of the mailbox contacts.
GALsync 7 Manual