- GALSync Pro will only replicate address book relevant object types
- GALSync Pro will only replicate into address book relevant attributes
- The setup wizard will only save any configuration changes, including the reverting to a backup configuration, when you click finish – if you close the wizard otherwise changes are not saved. Performing Test runs or Runs are carried out using the current configuration as setup in the wizard, to allow the testing of configuration changes before actually saving them.
- GALSync Pro requires all objects that are handled to have a unique naming attribute. The standard naming attribute is the ‘cn’ attribute, meaning all objects must have a unique commonname. E.g.: if you have a user object and a group object both having the same CN=Test GALSync Pro will either overwrite attributes in the target container or will not be able to create the second object. If you require other attributes to be the unique naming attribute, e.g. the e-mail address, … please contact email@example.com for an alternative configuration template.
Import Notes for Testing:
- Whilst running a test license you will not be able to change the mappings for givenName, sn and displayName.
- When acquiring a professional license you will be able to use the configuration files created whilst testing.
If you require further support, we will be happy to enable your global address book synchronization.
Please send any questions, support issues, licensing requests to firstname.lastname@example.org.
Starting the GALSynchronization Setup Wizard
The setup wizard will help you to configure your global address book synchronization.
To view your license, click on the license label in the start screen.
GALSync Pro allows you to define as many synchronization tasks as required. Each Task is a setup of a global address book synchronization from one source, but to one or more destinations.
If you want to synchronize in both directions, you will have to define two synchronization tasks. This is, to allow you to specify individual settings for each direction.
For any source server (source global address book) you will have to define one synchronization taks, so if there are four global address books to by synchronized, you will have to specify four synchronizations.
NOTE: You cannot remove the last synchronization.
For each synchronization task, you can define the synchronization details, e.g.: you can define
- a description of the synchronization task
- The connection details for the source server and the destination servers
- whether a full synchronization should be carried out instead of delta synchronizations
==> Until the first successful synchronization has finished, all synchronizations will be full synchronizations automatically)
- which source objects to synchronize
- The target object type, meaning as what you want the objects to be replicated (user, group or contact object)
- Additional conditions when searching for objects in the source container
- The attribute value flow rules for each object type
==> GALSync Pro will only search for and replicate global address book related objects (users, groups, publicFolders and contacts). For many more options there we have other products better suited and with many more options (seehttp://www.uidsystems.com)
If you select to specify the source connection details or whenever you add a destination connection, GALSync Pro will open a connection wizard to enable you to enter all required connection details. Specifically the wizard let you allow to:
- Specify the server address (DNS name, WINS name, IP address, …)
- If you cannot use the default naming context, you can enter a special application partition DN
- Specify user, password and binding options
- Selecting the container (either the source container for searching source objects or the destination container where GALSync Pro will create, update or delete the target objects)
To see objects currently located in the selected source/destination container, you can click ‘Preview container items’.
GALSync Pro allows you to update more than one target addressbook at the same time. When selecting to configure target address book connections you will be presented with a list of defined target connections. You can add, change or delete as many target address book connections as you like.
For each object type (users, groups, publicFolders and contacts) you can define which values are to be written into attributes of object in the destination address book (destination Active Directory).
A predefined set of attributes are already setup, but can be changed according to your requirements.
The list of target attribute names is limited to communication related fields.
The source value can either be an attribute name or a valid VBScript Expression, that returns a value. Either select the Mapping Type ‘Direct’ for letting GALSync Pro replicate the value from the source object directly into the destination object, or select VBScript if you need to specify value transformations. Examples:
- MappingType=’Direct’ – Source Value=’company’ – Destination Attribute=’company’: The value in the field company from the source object will be written into the attribute company of the destination object.
- MappingType=’Direct’ – Source Value=’division’ – Destination Attribute=’department’: The value in the field division from the source object will be written into the attribute department of the destination object.
- MappingType=’VBScript’ – Source Value='” ” & srcObj.displayName’ – Destination Attribute=’displayName’: The displayName of the destination object will be a combination of a single space character + the value of the displayName attribute of the source object.
==> You cannot change or delete the naming attribute ‘cn’ as it is required for matching existing object. GALSync Pro requires the naming attribute to be unique for all objects in the destination. If you require different setup with different naming attribute (e.g.: making the e-mail address the naming attribute, please contact us to receive a different configuration template.
==> Whilst running a Test version of GALSync Pro, you cannot change or remove the mappings setup for givenName, sn and displayName.
==> For attributes containing list of Reference distinguishedNames, like member, you can select the checkbox ‘This is a DNReference Attribute’ GALSync Pro will then, when replicating the attribute value, search for existing objects in the destination container and map the source servers DN to the destination servers DN, thereby keeping memberships of a group object. (The objects references must be replicated beforehand – otherwise GALSync Pro will not be able to find them in the destination)
About VBScript Expressions
You can define any valid VBScript expression as a source value (See VBScript documentation in the installation directory). To access properties from the source object, use srcObj.[AttributeName] to access properties from the destination object, usedestObj.[AttributeName]. Examples:
- VBScriptExpression = ‘8’ – Resulting value will always be 8
- VBScriptExpression = ‘TRUE’ – Resulting Value will always be TRUE
- VBScriptExpression = ‘Now’ – Resulting Value be be the current Time / Date.
- VBScriptExpression = ‘srcObj.Name’ – Resulting Value will be the value of the naming attribute of the source object.
There are many functions available in VBScript, like LEN(), ABS(), FILTER(), …
To enable you to further customize the selection of source objects you can fine tune the LDAP condition used to query for objects in the source domain. This is especially useful, if you require to only synchronize some of the objects found in the destination container, e.g.: you can define, that only user objects with a value of ‘SYNCHRONIZE’ in ‘extensionAttribute15’ should be synchronized.
==> The query will always already contain the selection of source objects by class, e.g. ‘objectClass=user’, ‘objectClass=group’, … You will not need to add such a condition. The final condition used to synchronize the objects can be found below the textbox where you enter your condition.
HELP: Whenever you change the condition you can preview the result (the actual objects which will be considered by this synchronization) by clicking “Check Query and preview Results’. This also is useful to check the syntax of your LDAP condition. The preview will contain all objects found and will display all attribute that have been defined in the Attribute Flow Rules.
There are a number of additional options when setting up the GAL synchronization:
- Reporting options
With the reporting options you can define logging granularity and whether reports should be send using e-mail
- To store or print the current configuration setup you can select ‘Print Configuration Report’, which will generate a Report that will open in a new Browser Windows
- Create Configuration BackUp
To backup your current configuration you can click “Create Configuration BackUp’ which will allow you to specify a filename to store a copy of the current configuration
- View license requirements…
View open a new window stating the domains that will need to be licensed for your configuration to work. Use this feature to apply for the license required in your environment.
- Revert to Backup Configuration
You can restore to a previously saved configuration by clicking ‘Revert to Backup Configuration’ where you can chose a configuration file.
==> In case you want to revert to the original configuration, you will find a configuration file GALSynchronization Default.adse in the installation directory.
- Test Synchronization
To test the current configuration without actually performing changes in the destination directories (target address book holding Active Directory servers), you can click ‘Test Synchronization’. You current synchronization will be carried out but no changes will be written.
==> Before running global address book synchronizations, it is always suggested to a test run before to eliminate most problems. The results of the Test run are no guarantee for a successful run when not in Test mode, as the target directory server might raise errors when actually creating, changing or deleting objects according to the rules of the target directory server / target domain. (E.g.: The primary e-mail address must be unique, in some fields special characters are not allowed, …)
- Run Synchronization
Like with the test run, the current configuration will be carried out, but now changes are commited to the target servers.
==> Before scheduling global address book synchronization runs, it is always suggested to perform a Run with the GUI to eliminate any problems.
Whenever you select Test Run or Run, a new window will open, allowing to view any log entries and messages whilst the synchronization runs (see Logging).
GALSync Pro has a built-in detailed logging mechanism. You can either chose the detailed mode (attribute level changes) or non detailed (object level changes).
Also GALSync Pro presents you with the option to receive reporting e-mail either when changes have occured, or on every run.
- There will be a log file (and reporting mail) for every synchronization and for every object type
- The reporting e-mail will contain a copy of the log file.
- As the log file can become large if there are many (thousands) of objects synchronized with detailled logging enabled, you can specify the number of days, after which GALSync Pro will delete old log files.
- You might have to allow the workstation or the server where GALSync Pro is installed to send e-mails (MS Exchange Relay Options)
When running the wizard and either perfroming a Test run or a Run, you can watch the progress of the synchronizations and see all log entries written. All log files are created in [InstallationDirectory]GALSynchronizationlogs.
Automated / Schedules Runs of GALSync Pro
You can run GALSync Pro automated and as a service (without GUI) by using the following command:
“[InstallationDirectory]GALSync Pro.exe” -run
To schedule GAL synchronization use the Task Scheduler. When running GALSync Pro will write all synchronization information into the log files located at “[InstallationDirectory]GALSynchronizationLogs”. Also, start and end messages are written into the event log.
==> Running in delta mode, GALSync Pro is very quick in updating target directories, so you happily can schedule runs every 30 minutes or less.