Global Address List Synchronization (GAL Sync) options

Published on Thursday, May 13, 2010 in , , ,

Some colleagues and I have been investigating our options for performing GAL Sync between Exchange 5.5, Exchange 2007 and Exchange 2010 organizations. In the past their have been released several precedents of FIM which support GAL Sync:

Identity Integration Feature Pack SP2:

Identity Lifecycle Manager 2007 Feature Pack 1 Service Pack 1:

Remark: Exchange 2010 was initially not included and support was added in Service Pack 1: KB977791 and ILM 2007 SP1 … Exchange 2010 support

Forefront Identity Manager 2010:

  • download (March 2010)
  • Supported connectivity:
    • AD 2000, 2003, 2003 R2, 2008, 2008 R2
    • ADAM 2000/2003/2003 R2 & AD LDS 2008/2008 R2
    • Exchange 2000, 2003, 2007, 2010 (GAL Sync)

Remark: I initially tried combining GAL Sync management agents and other management agents (SQL, FIM Service, …) and that seemed to be a bad idea. I tried finding some feedback on this topic, but all in vain. However finally I got an answer:

It seems like the GAL Sync MA’s are really not designed and built to be able to co-exist with the other MA’s. They simply can’t handle the actions which are triggered by the FIM Service Ma or say a SQL MA. The GAL Sync MA has no idea how to handle ERE, DRE or Synchronization Rule projections. It would take a lot of work to alter the GAL Sync code to also support the FIM MA.

Shortly: If you want to use the built-in GAL Sync capabilities, install a separate FIM server for it.

Conclusion: If you need Exchange 5.5 in the GAL Sync, ILM 2007 FP1 SP1 seems your best bet. If you just need GAL Sync with Exchange 2000 and upwards, FIM will do.

Related Posts

No Response to "Global Address List Synchronization (GAL Sync) options"

Add Your Comment