none
GALSYNC: is there a way to deposit contacts into separate OUs RRS feed

  • Question

  • I'm using MIM 2016 GalSync with Exchange 2013 and Exchange 2010.

    In a default GALSync installation, the MAs will deposit all contacts into a single OU.

    I've seen the article How to Provision Contacts to Specific OU Units Based Upon an Originating Forest but the article is old an the method to update the GALSYNC solution is not working for me. Plus the attribute msExchOriginatingForest is not available in our schema.

    I would like contacts from different MAs to go into separate OUs. How can I achieve that?

    Friday, September 2, 2016 5:37 AM

Answers

  • Thanks. I found out why the solution is not working for me.

    I needed to update the Options with the new extension.

    • Marked as answer by kfandst Thursday, September 8, 2016 4:32 AM
    Thursday, September 8, 2016 4:24 AM

All replies

  • The code in the linked wiki article should work fine. Nothing has really changed in the GALSync solution since that was written. The msExchOriginatingForest attribute is internal to FIM/MIM in the GALSync solution rather than AD.

    Thanks,
    Brian

    Consulting | Blog | AD Book

    Friday, September 2, 2016 6:36 PM
    Moderator
  • ok. I got further this time.

    I managed to install visual web 2012 express on the MIM server and compile.

    On all the MAs, I updated the rules extension name to MSFT_GALSYNC.dll which is the compiled DLL.

    I edited the GALMV.vb as follows:

    I did a full import and full sync on all the MAs. And then an Export on the destination MA.

    I see the msExchOriginatingForest value getting populated in the metaverse. The same attribute is not present in the source MA Connector space but present in the destination MA CS.

    But when the contact is created on the destination forest, its not putting it in the subOU. Instead, it is created in the parent OU of the subOU.

    What could I be doing wrong?

    Monday, September 5, 2016 4:55 AM
  • Carefully debug and trace the values to see if the "IF" statement is picked up correctly.

    The code is case sensitive.


    Peter Geelen (Quest for security) (user page)

    [If a post helps to resolve your issue, please click the "Mark as Answer" of that post or click Answered"Vote as helpful" button of that post. By marking a post as Answered or Helpful, you help others find the answer faster. ]

    Tuesday, September 6, 2016 12:09 PM
    Moderator
  • BTW, just FYI.
    Maybe too late or not applicable:  http://social.technet.microsoft.com/wiki/contents/articles/1737.galsync-how-to-extend-galsync-to-provision-target-objects-in-sub-ous-using-a-configuration-file.aspx

    Peter Geelen (Quest for security) (user page)

    [If a post helps to resolve your issue, please click the "Mark as Answer" of that post or click Answered"Vote as helpful" button of that post. By marking a post as Answered or Helpful, you help others find the answer faster. ]

    Tuesday, September 6, 2016 12:10 PM
    Moderator
  • Thanks. I found out why the solution is not working for me.

    I needed to update the Options with the new extension.

    • Marked as answer by kfandst Thursday, September 8, 2016 4:32 AM
    Thursday, September 8, 2016 4:24 AM
  • Hello

    i have a question hope you can help

    if i wana do GALSync between two forests...but one of the forests doesnt have exchange on premises

    i wana do a sync for non mail-enabled users....

    if i sync a non mail-enabled users..i get a filter disconnector and the user is not synced to the metverse

    any advice?

    thank you

    Monday, September 26, 2016 7:48 PM
  • Hello

    i have a question hope you can help

    if i wana do GALSync between two forests...but one of the forests doesnt have exchange on premises

    i wana do a sync for non mail-enabled users....

    if i sync a non mail-enabled users..i get a filter disconnector and the user is not synced to the metverse

    any advice?

    thank you

    Monday, September 26, 2016 7:48 PM
  • Hi,

    The GAL MA is only for mail-enabled objects. That is why you get a filtered disconnector.

    I believe you will need the MA for Active Directory Domain Services to sync non-mail enabled objects.

    Cheers.

    Monday, September 26, 2016 10:08 PM