Installing Galsync 4.2 on Forefront Identity Manager (FIM)
Installing Outlook Live Directory Sync (Galsync R4 v2)
Installing Galsync 4.2 can be a bit of a challenge due to the fact that Galsync is currently 32 bit, and we are attempting to install it on a 64 bit os. Difficult, but not impossible. Hopefully these instructions will help you out. This guide assumes that you have SQL installed and functioning in your environment. It also assumes that you have successfully installed the FIM synchronization service (that’s the only one we need) onto a 64 bit box.
Download the galsync msi file onto your box. Specific Galsync requirements (including those needed for setting up a Galsync account) can be found here… https://help.outlook.com/en-us/140/dd575560.aspx. The documentation currently states that Galsync will only work on ILM 2007 FP1, however, it will work with the FIM synchronization engine by following this guide. I have not tested this with FIM Update Package 1.
After you get the msi onto your FIM box, you will run the installer, and on this screen you will select the option to Extract the file for manual configuration.
Browse to your FIM Synchronization Service Directory:
Hit Extract to complete the extraction. Please note the directory that the files have been extracted to.
Note that it says C:\Program Files(x86)\Microsoft Forefront Identity Manager\2010\Synchronization Service\, even though we selected the 64 bit Program Files directory.
The next step is to copy the contents of the Extensions, Source Code, Data and UIShell folders from the x86 directory and paste them into the \Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service directory.
Next we will need to do an Import Server Configuration as pictured below…
Be sure to select the appropriate Exchange version (or ADOnly if no Exchange is present).
You will next see the following popup…
Populate the box with the appropriate credentials. Do not worry about the forest and domain names at the moment.
In the next screen, you will configure the screen as follows and then select Match.
Then select OK. On the Connection Information screen, even though the information is incorrect, enter any password into the box and we will manually correct the information later.
Your finishing screen should look like the one above. If the import fails for some reason, delete any management agents that were added and try the import again.
When you go into the Synchronization Service Manager now, you should have a very familiar looking screen:
Finalizing the Galsync R4 v2 (4.2) Install
Now that Galsync is installed, we need to go through and finalize our configuration the same as you would with ILM.
We can start by selecting which portion of AD we wish to synchronize. In my environment on the properties of the OnPremise MA I have selected a single OU to do some testing with FIM
On properties of the Hosted MA, correct the options under "Configure Connection Information".
See my error in the above screenshot? This caused my sync to fail and me to pull my hair out for about 30 minutes, so be very careful!
Under Configure Additional Parameters, correct the ProvisioningDomain entry:
May I sync yet? The startsync.ps1 file
Before you can successfully sync the first time, you will need to go into the Startsync.ps1 file, which is in the sourcecode\scripts directory, and edit the registry key in line 144 as follows:
HKLM:\SYSTEM\CurrentContorlSet\Services\FIMSYnchronizationService\Parameters
This ensures that the script will not stop because it thinks ILM isn't installed.
You should also review the parameters in the startsync.ps1 script to which options and parameters are available to the script.
The one we will use on our first sync is -firstrun, so we will run the following…
C:\program files\microsoft forefront identity manager\2010\synchronization service\sourcecode\scripts\startsync.ps1 -firstrun
If you have done everything properly your sync should work.