How to use GALsync in a migration – Part 1

27 Oct

In this first part we describe how to use GALsync during an inter-org migration. It should be guarenteed that all users can send mails to each other, wether they are moved to the new environment or not. 

Description of source domain

Several mailbox-enabled users, mail-enabled groups and mail-enabled contacts are present in source forest / Exchange organization.

GALSyncMigrationScen01.JPG

  • The main name space in this example is a.com.
  • Peter and Angela are members of group sales.
  • Angela and external are members of group it.

 

What would we like to have and to do?

All mailbox or mail-enabled objects from a.com should be present in the GAL of the target forest / Exchange organization b.com so that all users in b.com can send mails to objects in a.com. If a user is now moved from source to target, people in both forest should be able to send mails to him by using GAL.

With GALsync you can solve a part of these requirements: the software creates all selected objects from a.com and creates appropriate mail-enabled contacts in b.com. And if required vice versa. 

Description of target domain

In target domain b.com there are some objects present prior to migration. Jay and support are native users and groups.

With GALsync the objects from a.com have been imported (to a special OU) and created as contacts. These objects refer with attribute targetaddress to their original address in a.com.

Result: Jay will now see Peter in the GAL of b.com by using Outlook and he can send a mail to him. 

GALSyncMigrationScen02.JPG

Required: a Path

There is one condition for successful sending a mail to Peter: Exchange in target must know a path to a.com. So administrator has to configure a route (smtp-connector) which targets a smtp-server for the source environment.  

If a.com is a public name space emails can send using the existing Internet connector. If a special route is available (i.e. VPN company WAN) you may configure a dedicated route.

 
GALSyncMigrationScen03.JPG 

 

Migrate a user with mailbox by deleting source object

If you now migrate Peter from source to target, you can create a new user object in target and move his mailbox to target and associate the mailbox with the new user. The user object in source can be deleted.

If GALsync runs the next scheduled time, the contact Peter@a.com in target forest b.com will be deleted automatically (because the object does not exist any more in source).
Deleting Peter in source has also removed him from group sales. If Jay in target sends an email to sales@a.com only Angela will receive the mail.

 
 
GALSyncMigrationScen05a.JPG
 
  

How to Email now?

Note: in this example Peter can not get email which is send to his old address peter@a.com.

To provide this you can take i.e. this way: 

1. Use Auto-Responder
Alternativly you might want to auto-respond to people still sending to peter@a.com. The auto-responder message would inform senders by a reply like this: “This address is not valid any more. Please send message to new addresse @b.com” – Exclaimer offers with its product Mail Utilities a quite nice tool to realize these notifications/auto-responders.

The advantage is that incoming mail from internet as well as internal mail to Peter is not accepted anymore and the sender gets a notification about this. The disadvantage is it is quite hard for the first time to communicate with Peter. Internal people at a.com are not able to send to him using the GAL. This would be not acceptable for most companies.

NETsecHelpRequiredNew.JPG

2. Use Contacts

You might publish all mail-enabled contacts from b.com also in a.com. So Peter would be publsihed in GAL at a.com. For this task you might use GALsync. Now all internal users at a.com can send mails to Peter. Furtheron Peter could be member of the sales group in Source forest. Disadvantage: Incoming mail from Internet for Peter@a.com is not accepted while there is no mailbox.

GALSyncMigrationScen07.JPG 
  

 

Migrate a user with mailbox by keeping source object with additional contact

You can migrate the user object by creating the user in the target and duplicating the mailbox. In this example the user gets a new smtp-address in target forest.  

 
GALSyncMigrationScen08.JPG 

With GALsync the peter@a.com object is synchronized to forest B. The object peter@b.com is synchronized to forest A.

If someone mails to peter@a.com the message is accepted from internet and from internal, the user is visible in GAL of forest A and message is forwarded to the migrated user Peter in b.com.

Migrate a user with mailbox by keeping source object without additional contact

In this example you would not create an addtional contact in source but modify the targetaddress of the source mailbox object peter.

Use targetaddress 
Do not delete Peters user object and mailbox in source. Configure the objects property targetaddress with its new address peter@b.com. If now anyone in a.com sends an email to the GAL object of Peter, the message will be forwarded to peter@b.com. There will be no message stored in his source mailbox. The advantage is that incoming mail from internet as well as internal mail to Peter is accepted and forwarded to his new environment at b.com. The disadvantage is that you have to keep a physical object with mailbox in Active Directory which is not member of the forest anymore.

 

NETsecHelpRequiredNew.JPG 

 

Leave a Reply

Your email address will not be published. Required fields are marked *