Product Review: NETsec GALsync Version 7

Product Name: NETsec GALsync Version 7

Product Homepage:  click here

Free Trial : click here

Solving the challenge of a single address book

For many reasons, organizations end up with multiple Active Directory forests each with independent Exchange server installations. It is increasingly common to see multiple Office 365 tenants as well, some functioning in Hybrid mode and others implemented as standalone tenants. The reasons for this are varied – often though it will be as a result of a business requirement, such as to keep some mailbox data at a higher security level or resident in a particular geography, or more commonly as a result of mergers and acquisitions.

Although in most cases the end goal might be to eventually move to a single email environment, the challenges of migration often mean this isn’t something that can be accomplished in a very short period of time. Therefore, it is quite common for organizations to want to implement a single Global Address List so that all employees can use a common directory to look up colleagues regardless of the system they are located on.

Use Cases

A single, consistent Global Address List is required by organizations for a number of reasons – these usually fall into variations of the reasons below.

  • Implementing a single global address list so that on day one after a merger all employees can function as “one organization”
  • As part of a Multi-Forest migration to Office 365, implementing a single global address list so that the data synchronized to a single Office 365 tenant is consistent and mail routes efficiently.
  • If you’ve got multiple Office 365 tenants for data residency reasons you may want to provide a single address list for users.
  • During a consolidation of Active Directory forests and Exchange organizations you may need synchronization of the global address list to ensure that as users move their mail routes correctly.
  • When working with a partner organization you might want to automatically provide a method to share contacts between directories.

There can of course be more – for example some education institutions have separate staff, student and even alumni Office 365 tenants; but the above fit the most common scenarios we’d expect to see.

What’s new in Version 7

In addition to support for directory to directory synchronization for Exchange 2007 through to the latest versions of Exchange and Office 365, NETsec GALsync brings new functionality.

In this version it’s possible to synchronize the Global Address List from an organization into an individual user’s contacts folder.

This is surprisingly useful in certain scenarios – one common one is executives who want to have full access to the companies’ GAL from their mobile phone at all times.

Although the GAL isn’t synchronized to an ActiveSync device or to the Outlook Mobile App, contacts folders are, making this a quick-win for some organizations who have this requirement from people on the go.

Setup and Installation

Set up and installation of NETsec GALsync is typically performed on a member server in your organization. It doesn’t need to be an Exchange Server or Active Directory domain controller, but it does need to run Windows Server 2008 or higher and have the .NET framework 4.5.1 and PowerShell version 2.0 installation installed before attempting setup. Specifications will vary depending on your requirements, but as a minimum, you’ll need 2GB RAM and two CPU cores.

The installation process itself if fairly straightforward and performed using an installation wizard.


Post installation, it is necessary to perform configuration of the GALsync service itself. This account will require a mail-enabled AD account that is a member of Domain Users. Using these details enter the login information into the GALsync Service setup wizard.


We’ll complete the service setup wizard, which will grant the correct rights for the service on the local server, then launch the GALsync scheduler service in the background.


Configuring Profiles for Sync

Before you begin to configure NETsec GALsync, it is important to first understand some core concepts about how it works. GALsync uses export and import policies to extract data and import it into different directories. These might be from an on-premises or Office 365 Exchange system and the import profile might be for Exchange, or potentially another system, like contact folders.

Data is stored temporarily after export on a variety of locations. These are configurable during the policy creation process and for a simple implementation might be on a local disk, a remote file share but in some cases might be an FTP server or over transported using SMTP.

Without an export policy from a system, an import policy doesn’t have anything to import, so you’ll need one export policy per source and at least one import policy per target.

When syncing two Exchange organizations, you will need two export policies and two import policies – one per direction – and for three or more you’ll need to carefully consider the topology so that the configured synchronization policies result in a consistent global address list after each run.

We’ll consider a three organization scenario below, where we’re looking to configure two Exchange on-premises organizations and an Office 365 tenant.


Our example above uses a simple hub-spoke layout. The Exchange Labs 01 environment is the central hub, running Exchange Server 2016. Exchange Lab 02 is an Office 365 tenant running in standalone mode, and Exchange Lab 03 is another Exchange Server 2013 on-premises implementation.

The profiles configured run in the order shown below:

  1. GALsync runs an export profile to extract the directory data from Exchange Lab 02.
  2. GALsync runs an export profile to export directory data from Exchange Lab 03.
  3. GALsync runs two import profiles to import directory data into Exchange Lab 01.
  4. GALsync runs one export profile to export directory data from Exchange Lab 01, and send it to Exchange Lab 02 and Exchange Lab 03.
  5. GALsync runs an import profile to import the directory data into Exchange Lab 02.
  6. GALsync runs an import profile to import the directory data into Exchange Lab 03.

The end result is that Exchange Labs 01 has the true source of information – it has the original combined directory, and the subsequent exports are used to build the complete GAL in Exchange Labs 02 and 03.

Creating GALsync Profiles

We’ve seen the installation and walked through the core concepts of how to configure profiles for directory synchronization in NETsec GALsync. We’ll now walk through an example of how to create profiles in the user interface.

First, we’ll launch the NETsec GALsync user interface. This interface is used to configure the software, and provide monitoring and log views. Navigate to the GALsync node, then choose Create Policy.


Both Export and Import policies use the same underlying interface and method, making configuration of both online and on-premises synchronization reasonably intuitive.

In the example below we’ll create an Export policy, focused on exporting data from our Goodman UK Office 365 tenant. Choose Export Exchange Online information to another exchange organization, then press Next:


For Exchange on-premises policies the software will connect to the local Exchange org. For Exchange Online though, we’ll need to specify connection credentials. Using the wizard we can both enter credentials to use and then choose Test to attempt to connect Remote PowerShell immediately:


We’ll then be prompted to choose a Data Transfer Mode. Manual allows us to export to a file. Email allows us to transfer information to a remote GALsync instance using an Exchange Mailbox. Via Network Share allows us to save the file to a remote location, using a different set of credentials if needed. Via FTP allows us to use the older File Transfer Protocol to upload the data. If required, the data can be encrypted.


For Exchange Online policies we can select the type of objects to synchronize, attributes to sync and various options – such as excluding objects mastered on-premises if needed.


For an on-premises Exchange organization we have similar options, with the addition of the ability to select domains and organizations units to sync:


If we are configuring automatic jobs then the scheduler service can be used to regularly run the profile. Options are available to select when the profile will be executed. In the example below we’ve used every 3 hours every day with an offset of 10 minutes past the hour. The offset is useful if we wish to ensure profile runs do not overlap.


As you can see it’s fairly straightforward. Additional options are available in the wizard – such as email notifications and of course ability to customize the name of the profile as desired. For our example we’ll simply create multiple export and import profiles to meet the requirements defined, scheduling them in the appropriate order.

Pricing and Support

The price for the product is based on two factors; the number of objects you want to synchronize and the number of mail organizations (i.e. Exchange forests or Office 365 tenants) you want to sync with. The pricing is reasonable compared to other solutions on the market, which is good news considering the ease of use and innovate methods it uses to achieve synchronization across potentially challenging organization boundaries.

NETsec were responsive when asked questions during the review, however during the actual setup and implementation the product documentation was comprehensive and easily accessible, so no support was needed. The intuitive user interface is unlikely to need much support. Similar products have required a full demo to help understand the logic behind the product.

Final Thoughts

We’ve previously been very happy with GALsync and this time round it has only improved. In particular, the updated Office 365 engine is great and would be a perfect companion for tenant to tenant migrations I’ve been involved with. As a tool to help with complex migrations with many organizations this ticks all the boxes. We have no hesitation in recommending GALsync. Rating 5/5

Learn more about NETsec GALsync Version 7 or Download a Free Trial.

About The Author

1 thought on “Product Review: NETsec GALsync Version 7”

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top