manualshive.com logo in svg

Blackberry PRD-10459-016 - Enterprise Server For MS Exchange, Administration Manual

The Blackberry PRD-10459-016 Enterprise Server for MS Exchange is a powerful tool for managing your company's communication needs. Ensure seamless integration with this Administration Manual, available for free download from manualshive.com. Access essential information and guidance to optimize your business operations. Get your manual today!

Share
Download
background image

Configuring the Microsoft Active Directory account to

delegate access

Prerequisites: Configuring the Microsoft Active Directory account to

delegate access to an intranet site

• Verify that you configured Integrated Windows authentication for the application server that hosts the intranet site.
• Verify that the application server that hosts the intranet site and the web application that runs on the application server

support Kerberos authentication.

• Verify that you have permission to update the Microsoft Active Directory account in Microsoft Active Directory.
• Verify that you have access to the Windows Server setspn tool that is included with the Windows Server Support Tools.

For more information about the setspn tool, visit 

http://technet.microsoft.com

 to read 

Setspn Overview

.

• If you did not configure a Microsoft Active Directory account to delegate access to an intranet site or shared folder, in

Microsoft Active Directory, you must create a Microsoft Active Directory account that should have the following
conditions:

• a password that meets the security requirements of your organization
• the user is not required to change their password the next time that the user logs in
• the user's password never expires

• If you configured a pool of application servers to host the intranet site, and the pool is running on Microsoft IIS and is

located behind a load balancer, specify a user account (also known as the identity) for the pool that hosts the intranet
site. For more information, see 

http://technet.microsoft.com/en-us/library/cc771170(WS.10).aspx

.

Configure the Microsoft Active Directory account to delegate access to an

intranet site

You are required to have only one Microsoft Active Directory account in each Microsoft Active Directory domain that
includes the resources that you want to turn on Integrated Windows authentication for.
For more information about configuring the Microsoft Active Directory account using setspn and Microsoft Active Directory,
visit 

www.blackberry.com/btsc

 to read article KB22726.

1.

If a pool of application servers host a intranet site and the pool is running on Microsoft IIS and is located behind a

load-balancer, use setspn or ADSI to add the SPNs of the intranet site to the user account (also known as the identity)

of the pool. You must configure the SPNs using the FQDN and the name of the intranet site that users type into their

browsers (for example, if users type http://intranet_site in their browsers, the name of the intranet site is

intranet_site).

Administration Guide

Managing how users access enterprise applications and web content

315

Summary of Contents for PRD-10459-016 - Enterprise Server For MS Exchange

Page 1: ...BlackBerry Enterprise Server for Microsoft Exchange Version 5 0 Service Pack 3 Administration Guide...

Page 2: ...Published 2012 09 24 SWD 20120924140022907...

Page 3: ...server account 37 Assign a BlackBerry device to an administrator account 38 4 Using an IT policy to manage BlackBerry Enterprise Solution security 39 Using IT policy rules to manage BlackBerry Enterpr...

Page 4: ...62 Enforcing secure messaging using classifications 65 Create a message classification 65 Create a message classification based on an existing message classification 66 Order message classifications...

Page 5: ...BlackBerry Enterprise Server downloads a user s existing email messages onto the BlackBerry device 91 Prevent the BlackBerry Enterprise Server from synchronizing existing email messages onto a BlackBe...

Page 6: ...ice pool 120 Fail over the BlackBerry MDS Connection Service or BlackBerry Collaboration Service manually 120 Monitoring the high availability status or job deployment status using the BlackBerry Admi...

Page 7: ...icies for a BlackBerry Java Application 141 IT policy rules take precedence on smartphones 143 Application control policies for unlisted applications 143 Change the standard application control policy...

Page 8: ...cation loader tool to install the BlackBerry Java Application in automated mode 177 Install the BlackBerry Java Application using the standalone application loader tool 177 Installing BlackBerry Java...

Page 9: ...ections with a BlackBerry MDS Connection Service 202 Specify the thread pool size of a BlackBerry MDS Connection Service 202 Specify the maximum number of scalable socket connections 203 Prevent the B...

Page 10: ...ublish the client files for the BlackBerry Web Desktop Manager in a Windows GPO for Windows Vista 226 Configure the Microsoft ActiveX Installer on Windows Vista 227 Configure users computers to instal...

Page 11: ...sites Distributing a certificate using the BlackBerry Desktop Manager 252 Distribute a certificate using the BlackBerry Desktop Manager 252 Configure PEAP configuration settings in the Wi Fi profile o...

Page 12: ...ion 272 Regenerate the system credentials for the BlackBerry Administration Service 273 23 Protecting and redistributing devices 274 Preparing a device for redistribution to a new user 274 Use the Bla...

Page 13: ...w a job sends standard application settings to BlackBerry devices 303 Managing BlackBerry Java Applications on BlackBerry devices 304 Make a BlackBerry Java Application unavailable for installation 30...

Page 14: ...a synchronization 328 Managing the wireless backup and recovery of organizer data 328 Turn off the wireless backup of organizer data for a user account 328 Delete organizer data for members of a user...

Page 15: ...ckBerry device 346 Control which published public contact folders a user can synchronize to a BlackBerry device 346 Control which personal contact subfolders a user can synchronize to a BlackBerry dev...

Page 16: ...change Web Services 370 Configure the BlackBerry Enterprise Server to use MAPI and CDO libraries 371 Configure the BlackBerry Messaging Agent instances to use a web address for a specific Microsoft Au...

Page 17: ...stance 394 Using the BlackBerry Enterprise Trait Tool 394 Use the BlackBerry Enterprise Trait Tool 394 BlackBerry Enterprise Trait Tool traits 395 Permit the BlackBerry Messaging Agent to write statis...

Page 18: ...ere BlackBerry Enterprise Server components save log files 433 Changing how BlackBerry Enterprise Server components create log files 434 Component identifiers for log files 439 BlackBerry MDS Connecti...

Page 19: ...Service 473 Troubleshooting Messaging 473 Messages are not delivered to BlackBerry devices 473 Text does not appear correctly in Unicode email messages 474 Troubleshooting Instant messaging 474 Users...

Page 20: ...38 Legal notice 498...

Page 21: ...ation s environment to provide a simplified administrative console for your organization s helpdesk administrators and an integrated view of the BlackBerry Enterprise Server and other MDM domains For...

Page 22: ...the following topic Import IT policy rules from an IT policy pack 14 June 2011 Updated the following topics Configuring a new mirror BlackBerry Configuration Database Configure the certificate inform...

Page 23: ...how IT policies are sent to BlackBerry devices Assign IT policies to groups or user accounts Setting up security options Section Assign an IT policy to a group Section Assign an IT policy to a user a...

Page 24: ...tion Assign a software configuration to a group Section Assign a software configuration to multiple user accounts Section Assign a software configuration to a user account Configure BlackBerry Enterpr...

Page 25: ...nfiguration Database high availability Use the BlackBerry Monitoring Service to troubleshoot issues and monitor the health of a BlackBerry Enterprise Server Visit www blackberry com go serverdocs to s...

Page 26: ...he User name field type admin 3 In the Password field type the password that you created during the installation process 4 In the Log in using drop down list click BlackBerry Administration Service or...

Page 27: ...the Certificate Import Wizard If you are trying to log in to the BlackBerry Administration Service using a computer that runs Windows Vista perform the following actions in the Certificate Import Wiz...

Page 28: ...ck I Understand the Risks 3 Click Add Exception 4 Click Confirm Security Exception 5 Close and reopen the browser Administration Guide Log in to the BlackBerry Administration Service for the first tim...

Page 29: ...tiple roles to administrator accounts If you assign multiple roles to an administrator account the administrator is assigned all the permissions that are turned on for each of the roles You can also a...

Page 30: ...r across Group X X X X X View a device across Group X X X X X Edit a device across Group X X X X X View device activation settings X X X Edit device activation settings X X X Create an IT policy X X X...

Page 31: ...X View BlackBerry Administration Service software management X X X Edit BlackBerry Administration Service software management X X Create an application X X X View an application X X X X X Edit an app...

Page 32: ...tion X X X X Refresh available user list from company directory X X X Add User from Company Directory X X X X Synchronize GroupWise System Address Book X X X Clear and synchronize GroupWise System Add...

Page 33: ...dit job distribution settings X X X Delete an instance X X X Edit license keys X X X View license keys X X X Manually fail a job X X X Clear instance statistics X X X View push rules for the BlackBerr...

Page 34: ...nformation in the BlackBerry Administration Service BlackBerry Monitoring Service and BlackBerry Web Desktop Manager For example you can create a role that has all permissions turned off by default an...

Page 35: ...expand Role 2 Click Manage roles 3 In the list of existing roles click the role that you want to copy 4 Click Copy role 5 Type a name and description for the role 6 Click Copy role 7 In the Role infor...

Page 36: ...es to the administrator account Related information Assigning BlackBerry devices to user accounts 92 Managing administrator accounts 282 Add an administrator account to a group When you add an adminis...

Page 37: ...ddress field type the email address that you want the BlackBerry Administration Service to send system messages or activation passwords from 5 Click Save all Permit an administrator to log in to the B...

Page 38: ...ce on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for an administrator account 4 Click the display name for the administrator account 5 In the BlackBerry Enterpri...

Page 39: ...gured IT policies that you can use to manage the security of the BlackBerry Enterprise Solution The Default IT policy includes IT policy rules that are configured to indicate the default behavior of t...

Page 40: ...erry Enterprise Server Individual Liable Devices Similar to the Default IT policy this policy prevents BlackBerry device users from accessing organizer data from within the social networking applicati...

Page 41: ...t that locks devices and a maximum password history This policy restricts Bluetooth technology on devices turns on strong content protection turns off USB mass storage requires devices to encrypt exte...

Page 42: ...ter Password Required No Yes Yes Yes Yes Yes User Can Change Timeout Yes Yes Yes Yes Yes Yes User Can Disable Password Yes No No No No No Password policy group Maximum Password History 6 6 6 6 RIM Val...

Page 43: ...nload No Yes Yes External File System Encryption level Not required Encrypt to user password excluding multimedia directories Encrypt to user password excluding multimedia directories Force Lock When...

Page 44: ...Yes Wi Fi policy group Wi Fi Allow Handheld Changes Yes No No No No No Wireless Software Upgrades policy group Allow Non Enterprise Upgrade No Yes Creating and importing IT policies Create an IT polic...

Page 45: ...an IT policy group change the appropriate values for the IT policy rules d Click Save all After you finish For more information see the BlackBerry Enterprise Server Policy Reference Guide Related inf...

Page 46: ...Service on the BlackBerry solution management menu expand Policy 3 Click Manage IT policy rules 4 Click Import IT policy definitions 5 Navigate to and select the XML file that contains the IT policy r...

Page 47: ...T policies and resolving IT policy conflicts 49 Assign an IT policy to a user account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage u...

Page 48: ...y to a specific device manually You can configure the BlackBerry Enterprise Server to resend the IT policy to the device at scheduled intervals regardless of whether you changed the IT policy Related...

Page 49: ...llowing reconciliation options Method Description Apply one IT policy to the user account The BlackBerry Enterprise Server applies one of the group IT policies to the user account You specify rankings...

Page 50: ...predefined rules to determine which IT policy it can apply to a user account The BlackBerry Administration Service might have to reconcile conflicting IT policies if you perform any of the following a...

Page 51: ...r account 51 Rank IT policies You must rank the IT policies that you create so that the BlackBerry Enterprise Server can resolve IT policy conflicts when a user account is a member of multiple groups...

Page 52: ...sign an IT policy to a user account and different IT policies to the groups that the user account belongs to The IT policy that you assign to a user account takes precedence over the IT policies that...

Page 53: ...during low usage periods 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry solution topology BlackBerry Domain Component view 2 Click BlackBerry Administ...

Page 54: ...is not conflicting in the multiple IT policies that were applied to the user account the preview does not display the IT policy rule 1 In the BlackBerry Administration Service on the BlackBerry solut...

Page 55: ...Berry Enterprise Server on the BlackBerry devices in the Security Options list instruct users to click Wipe Handheld or Security Wipe to delete all of the data on the BlackBerry devices Creating new I...

Page 56: ...policy rule 5 Click Save Export all IT policy data to a data file If you export all IT policy data to a data file you must create an encryption password for the data file that you can use to protect...

Page 57: ...expand Policy 2 Click Manage IT policies 3 In the list of IT policies click an IT policy 4 Click Delete IT policy 5 Click Yes Delete the IT policy Related information Assigning IT policies and resolv...

Page 58: ...ives a message from the BlackBerry device the BlackBerry Dispatcher decrypts the message using the device transport key and then decompresses the message Algorithms that the BlackBerry Enterprise Solu...

Page 59: ...BlackBerry Enterprise Server You can use the Enterprise Service Policy to control which BlackBerry devices can connect to a BlackBerry Enterprise Server By default after you turn on the Enterprise Se...

Page 60: ...access the BlackBerry Enterprise Server You must configure the Enterprise Service Policy to specify the BlackBerry devices that you want to access the BlackBerry Enterprise Server To add a new BlackB...

Page 61: ...saging technology on the computers that host the email applications and on their BlackBerry devices and you must configure the BlackBerry devices to use the highly secure messaging technology Extendin...

Page 62: ...ser to the BlackBerry device The S MIME Support Package for BlackBerry smartphones is designed to work with email applications such as Microsoft Outlook Microsoft Outlook Express and IBM Lotus Notes a...

Page 63: ...r information for the BlackBerry MDS Connection Service 193 Enforcing secure messaging using classifications 65 Configuring BlackBerry devices to enroll certificates over the wireless network 217 Conf...

Page 64: ...r b Click the BlackBerry Enterprise Server instance that includes the BlackBerry Messaging Agent c Click Restart instance Related information Restarting BlackBerry Enterprise Server components 392 Tur...

Page 65: ...e of message protection that the message classification permits or accept the default type of message protection If a user selects a message classification that requires signing encryption or signing...

Page 66: ...n that you copied 7 If necessary change the subject suffix that you want to append in parentheses to the email message subject 8 If necessary click the minimum action for encoding the email message in...

Page 67: ...hat is specific to your organization can perform the following actions can only encrypt PIN messages sent to other devices on your organization s network that use the same PIN encryption key can only...

Page 68: ...In the BlackBerry Administration Service expand BlackBerry Solution topology BlackBerry Domain Component view BlackBerry Enterprise Server 2 Click the instance that you want to change 3 Click Edit In...

Page 69: ...ry device user synchronizes the BlackBerry device with a computer The BlackBerry device user locks the BlackBerry device The BlackBerry device locks after it is inactive for a specified period of time...

Page 70: ...vice Change the Force Memory Clean When Holstered IT policy rule to Yes Remove decrypted content from BlackBerry device memory when the BlackBerry device is idle Change the Force Memory Clean When Idl...

Page 71: ...ot change the account information for BlackBerry Enterprise Server services When you install or upgrade the BlackBerry Enterprise Server the setup application configures the account information for th...

Page 72: ...to use the same BlackBerry Enterprise Server component 79 Configure a BlackBerry Enterprise Server component to use a pac file You can configure the BlackBerry MDS Connection Service and the BlackBerr...

Page 73: ...roxy server supports basic authentication only 1 In the BlackBerry Administration Service in the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Expa...

Page 74: ...Proxy mappings tab click the Edit button for a web address 6 In the Credentials section in the User name field type the user name that the BlackBerry Enterprise Server component can use to connect to...

Page 75: ...Proxy Configuration Tool and the Network Shell Utility store the proxy server settings in the HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows CurrentVersion Internet Settings Connections WinHttpSettings...

Page 76: ...TTP basic authentication the Web Proxy Autodiscovery Protocol file must be on a computer that is separate from the proxy server and uses Windows authentication or anonymous authentication 1 On the com...

Page 77: ...that runs the BlackBerry Administration Service If your proxy server uses HTTP basic authentication you can configure the user name and password for HTTP basic authentication using the BlackBerry Ent...

Page 78: ...host name of the computer that hosts the BlackBerry Administration Service instance and password is the password for the computer Delete credentials for HTTP basic authentication 1 On the computer th...

Page 79: ...and from BlackBerry devices and to manage HTTP requests from the BlackBerry Browser Before you begin Specify a BlackBerry MDS Connection Service as a central push server 1 In the BlackBerry Administra...

Page 80: ...Dispatcher instances list click the BlackBerry Enterprise Server instance that you want to use the BlackBerry Collaboration Service 5 Click Add 6 Repeat steps 4 and 5 for each BlackBerry Enterprise Se...

Page 81: ...n your organization s environment CN for Simplified Chinese JP for Japanese KR for Korean 8 In the Windows Services restart the BlackBerry Dispatcher Related information Restarting BlackBerry Enterpri...

Page 82: ...identify which character encoding to use the BlackBerry Enterprise Server encodes email messages that use RTF or HTML in UTF 8 To configure the BlackBerry Enterprise Server to select the most appropri...

Page 83: ...vigate to HKEY_LOCAL_MACHINE Software Research In Motion BlackBerry Enterprise Server Agents If you are running a 64 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software WOW6432Node Research...

Page 84: ...erties such as software configurations or IT policies to the group Properties that you assign to a group are assigned to all user accounts in the group 1 In the BlackBerry Administration Service on th...

Page 85: ...ers 91 Add a user account You can add a user account to the BlackBerry Enterprise Server assign a BlackBerry device to a user account and activate the BlackBerry device The user account must exist on...

Page 86: ...activation password Related information Assigning BlackBerry devices to users 91 Managing user accounts 288 Create a user account that is not in the contact list in the BlackBerry Configuration Databa...

Page 87: ...he BlackBerry solution management menu expand User 2 Click Manage users 3 Search for one or more user accounts 4 Select the checkboxes beside the display names of the appropriate user accounts 5 In th...

Page 88: ...password value specified in this field can either be specify none or generate in lower case only The activation password operation must be the same on each line in the csv file If the field is set to...

Page 89: ...ckBerry Enterprise Server so that you can manage the user accounts Before you begin Create a csv file 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User...

Page 90: ...ers from a list section click Browse 5 Navigate to the csv file that contains the user accounts that you want to import 6 Click Continue 7 Perform the appropriate actions for the user accounts Adminis...

Page 91: ...default the BlackBerry Enterprise Server synchronizes the headers of 200 email messages from the previous 5 days to a BlackBerry device when you activate it If you change the BlackBerry Enterprise Se...

Page 92: ...2 Click the instance that you want to change 3 Click Edit instance 4 On the Messaging tab in the Message prepopulation settings section perform the following actions In the Prepopulation by message a...

Page 93: ...r your organization s Wi Fi network If you add a user account that was previously located on another BlackBerry Enterprise Server in a different BlackBerry Domain or the user previously used the Black...

Page 94: ...rocess activates BlackBerry devices on the BlackBerry Enterprise Server over the wireless network Neither you nor the users are required to connect the BlackBerry devices to a computer to complete the...

Page 95: ...erry device on the BlackBerry Enterprise Server a potentially malicious user who can access the activation password can connect another BlackBerry device to the BlackBerry Enterprise Server and assume...

Page 96: ...nerated password lifespan hours field type the number of hours 5 Click Save all Customize the activation message To provide information to help troubleshoot activation issues that a user might encount...

Page 97: ...the Activation password and Confirm password fields type an activation password The password must not contain special characters Some BlackBerry devices do not support special characters and do not u...

Page 98: ...Desktop Manager You want to deploy and activate a large number of BlackBerry devices To activate BlackBerry devices over the enterprise Wi Fi network you must configure the BlackBerry Router as an SM...

Page 99: ...vations over the enterprise Wi Fi network 1 On the computer that hosts the BlackBerry Router on the taskbar click Start Programs BlackBerry Enterprise Server BlackBerry Server Configuration 2 On the O...

Page 100: ...anced Options 2 Click Enterprise Activation 3 Type the activation email address 4 Type the activation password 5 In the Activation Server Address field type the IP address for the BlackBerry Router th...

Page 101: ...a BlackBerry Enterprise Server instance in the BlackBerry Administration Service you can also check the availability state and failover status of the BlackBerry Enterprise Server instance The availabi...

Page 102: ...s are healthy If you configure a health parameter for the primary BlackBerry Enterprise Server so that it is above the failover threshold the health parameter value must indicate that the BlackBerry E...

Page 103: ...the Internet the primary BlackBerry Enterprise Server must demote itself because one of its health parameters indicates that it is not sufficiently healthy The standby BlackBerry Enterprise Server eve...

Page 104: ...re the promotion threshold so that the standby BlackBerry Enterprise Server must be able to connect to the BlackBerry Infrastructure and messaging server browse the Internet and process attachments If...

Page 105: ...ndicates whether a preconfigured percentage of user accounts are started in the BlackBerry Messaging Agent Connection to the messaging server s This health parameter indicates whether the BlackBerry M...

Page 106: ...ork You cannot configure the failover threshold or promotion threshold so that they are below this health parameter Changing when automatic failover occurs by customizing the health parameters for use...

Page 107: ...hPercentage set value where instance_name is the name of the primary BlackBerry Enterprise Server instance and value is the percentage that you want to change the health parameter to 5 To change the p...

Page 108: ...d the standby BlackBerry Enterprise Server The health parameters must be greater than the failover threshold and indicate that the primary BlackBerry Enterprise Server is unhealthy The health paramete...

Page 109: ...Tool You can configure the SNMP tool that your organization uses to send automatic notifications when an automatic failover event occurs The BlackBerry Administration Service displays the time and rea...

Page 110: ...er event occured Fail over the BlackBerry Enterprise Server manually using the BlackBerry Configuration Panel You can use the BlackBerry Configuration Panel to force the primary BlackBerry Enterprise...

Page 111: ...east two BlackBerry MDS Connection Service instances that you also configure as central push servers For more information see the BlackBerry Enterprise Server Planning Guide Create a BlackBerry MDS Co...

Page 112: ...n Service to fail over automatically to minimize interruptions to services for users Before you begin Create the BlackBerry MDS Connection Service pool or BlackBerry Collaboration Service pool 1 In th...

Page 113: ...se Server pairs expand the appropriate pair name 3 Click the name of the BlackBerry Enterprise Server instance that you want to assign the BlackBerry Collaboration Service pool to 4 Click Edit instanc...

Page 114: ...list click the instance that you want to add 5 In the Results Query Period s field type the number of seconds that you want the BlackBerry Enterprise Server to wait for a response before it sends the...

Page 115: ...chment Connector instances By default you cannot determine easily which instance connects to the BlackBerry Enterprise Server or the BlackBerry MDS Connection Service so you can change the display nam...

Page 116: ...Planning Guide 1 In the BlackBerry Administration Service on the Servers and components menu click BlackBerry Solution topology BlackBerry Domain Component view BlackBerry Enterprise Server 2 Click th...

Page 117: ...lackBerry Enterprise Server to BlackBerry devices 1 On the computer that hosts the BlackBerry Router click Start Run 2 Type regedit 3 Click OK 4 Perform one of the following actions If you are running...

Page 118: ...not install both components on each computer in the pool and you try to access one of the URLs using the pool name the web browser might display an HTTP 404 error message The HTTP 404 error message o...

Page 119: ...Click Save all 6 Restart the BlackBerry Administration Service instances Related information Restarting BlackBerry Enterprise Server components 392 Changing the name of the BlackBerry Administration...

Page 120: ...BlackBerry Administration Service services 6 If the BlackBerry Administration Service instance uses a self signed certificate on the computers that host the other BlackBerry Administration Service ins...

Page 121: ...aboration Service and your organization s environment includes Microsoft Office Communications Server 2007 click the Supported Microsoft Office Communications Server 2007 instances tab If you want to...

Page 122: ...ability status for all BlackBerry Enterprise Server pairs navigate to Servers and components High availability High availability summary To monitor job deployment status navigate to Devices Deployment...

Page 123: ...ending on the instant messaging server that you installed in your organization s environment Supported IBM Lotus Sametime instances Supported Novell GroupWise Messenger instances Supported Microsoft O...

Page 124: ...Click Save all Remove a BlackBerry Router instance from a pool You can remove a BlackBerry Router instance from a pool if it is no longer required or to troubleshoot an issue 1 In the BlackBerry Admi...

Page 125: ...replicated BlackBerry Configuration Database manually Prerequisites Configuring database mirroring or database replication of the BlackBerry Configuration Database Install the same version and build o...

Page 126: ...Database only supports high safety with automatic failover synchronous operating mode for database mirroring For more information visit http msdn2 microsoft com en us library ms175059 SQL 90 aspx Stop...

Page 127: ...ocess 7 To verify that failover works correctly fail over to the mirror database and back to the principal database manually After you finish To permit the mirror BlackBerry Configuration Database to...

Page 128: ...nents that the BlackBerry Administration Service specifies as Updated you should restart the BlackBerry Enterprise Server services or restart the computers for all of the BlackBerry Enterprise Server...

Page 129: ...Enterprise Server components that the BlackBerry Administration Service specifies as Updated you should restart the BlackBerry Enterprise Server services or restart the computers for all of the Black...

Page 130: ...e following order BlackBerry Administration Service services BlackBerry Mail Store Service BlackBerry Instant Messaging Connector BlackBerry MDS Connection Service BlackBerry Dispatcher BlackBerry Att...

Page 131: ...ore select the backup file 9 Click Options 10 Select Overwrite the existing database 11 Click OK Permit access to the BlackBerry Configuration Database instances 1 In the Microsoft SQL Server Manageme...

Page 132: ...ule the Snapshot Agent to run at the following times 13 Accept or change the default schedule Click Next 14 On the Snapshot Agent Security page click Security Settings 15 Select Run under the followin...

Page 133: ...the list of databases and publications select the publication for the BlackBerry Configuration Database Click Next 7 Select Run each agent at its Subscriber pull subscriptions Click Next 8 In the Sub...

Page 134: ...all of the remaining BlackBerry Enterprise Server services 2 Repeat step 1 for each BlackBerry Enterprise Server component that connects to the BlackBerry Configuration Database Related information Re...

Page 135: ...g to the replicated BlackBerry Configuration Database 3 On the database server that hosts the BlackBerry Configuration Database replace the BlackBerry Configuration Database with a restored version of...

Page 136: ...ontrol policy to the application to specify what resources the application can access You can use default application control policies or you can create and use custom application control policies If...

Page 137: ...device that runs Java applications Most MIDlets are distributed as jar files The BlackBerry JDE and the BlackBerry Java Plug in for Eclipse include tools that you can use to convert existing MIDlets...

Page 138: ...ry Administration Service must have write permissions for the shared network folder The administration accounts that run the BlackBerry Administration Service Application Server service must have writ...

Page 139: ...ry devices you must first add the collaboration client bundle to the application repository To send an updated version of a collaboration client to BlackBerry devices you must first add the updated bu...

Page 140: ...you want to apply to the BlackBerry Java Application Application control policies control the data and APIs that BlackBerry Java Applications can access on BlackBerry devices and the external data sou...

Page 141: ...of your organization s environment you can change the default settings for the standard application control policies 1 In the BlackBerry Administration Service on the BlackBerry solution management m...

Page 142: ...option 8 Perform any of the following tasks Task Steps Create an application control policy for required BlackBerry Java Applications 1 In the Required application name field type a name for the appli...

Page 143: ...and optional or not permitted on BlackBerry devices you must assign an application control policy for unlisted applications to the software configuration An application control policy for unlisted ap...

Page 144: ...reate an application control policy for unlisted applications 3 In the Application control policy information section in the Name field type a name for the application control policy for unlisted appl...

Page 145: ...lication settings You can assign a software configuration to a group multiple user accounts or a single user account After you assign a software configuration you can change the settings in the softwa...

Page 146: ...o a software configuration You must add a BlackBerry Java Application to a software configuration and assign the software configuration to user accounts to install the BlackBerry Java Application on B...

Page 147: ...ackBerry Web Desktop Manager click Wired 11 Repeat steps 6 to 10 for each BlackBerry Java Application that you want to add to the software configuration 12 Click Add to software configuration 13 Click...

Page 148: ...View the status of a job 150 Managing the default distribution settings for jobs 292 Managing the distribution settings for a specific job 298 Managing software configurations 306 Assign a software co...

Page 149: ...that can access the BlackBerry Administration Service Before you begin Assign a software configuration with the necessary BlackBerry Java Applications to the appropriate user account To permit the Bla...

Page 150: ...iple tasks Each task delivers a specific object or setting to a BlackBerry device that carries out an action for example updating BlackBerry Device Software installing or removing a BlackBerry Java Ap...

Page 151: ...APP command The BlackBerry Policy Service sends application data to a BlackBerry device as a group of application modules If the BlackBerry Policy Service does not deliver one of the application modul...

Page 152: ...device from installing the BlackBerry Java Application In the log files that you collected locate the user account that experienced the issue Trace the installation activity Device reported a s error...

Page 153: ...device you can try to determine the cause by collecting the following information BlackBerry Policy Service log files from the day the issue was reported log level 4 recommended BlackBerry Dispatcher...

Page 154: ...pport the BlackBerry Device Software update 0x03 disallowed by IT policy An IT policy rule in an IT policy that you assigned to the user account does not permit BlackBerry Device Software updates over...

Page 155: ...n downloaded and applied the current BlackBerry Device Software patch files to the BlackBerry device an error occurred when the update application tried to restart the BlackBerry device As a result th...

Page 156: ...ration Database For information about changing the log level for a BlackBerry Enterprise Server component visit www blackberry com support to read article KB04342 For information about obtaining the e...

Page 157: ...r messages IT policy tasks To troubleshoot errors that display for a task when you send an IT policy to a BlackBerry device or update an IT policy on a BlackBerry device you can try to determine the c...

Page 158: ...y data to a BlackBerry device in a group of commands If the IT policy command is not delivered to the BlackBerry device the remaining commands in the group are not delivered to the BlackBerry device Y...

Page 159: ...top You can only stop jobs with a Running status 5 Click Stop Current Execution 6 Click Yes Stop Current Execution Related information View the status of a job 150 Managing the default distribution se...

Page 160: ...ge users 3 Search for a user account 4 Click the name of a user account 5 On the Software configuration tab perform one of the following actions To view how the BlackBerry Administration Service resol...

Page 161: ...ves conflicting settings as an asynchronous background activity You can view the outcome of the reconciliation activities reconciliation errors and the applications software and settings that the Blac...

Page 162: ...gned to a user account takes precedence over the version of a BlackBerry Java Application that is in a software configuration that is assigned to a group For example if version 1 0 of an application i...

Page 163: ...nding on the amount of available memory applications are installed in the following order 1 Required applications that are configured for wireless deployment 2 Required applications that are configure...

Page 164: ...le applications have a circular dependency they can only be installed if they exist in separate application bundles and are installed using wired deployment Reconciliation rules BlackBerry Device Soft...

Page 165: ...elongs to the Yes setting is applied to the BlackBerry device A user account belongs to multiple groups The email hide sent messages setting is set to Yes in one or more of the software configurations...

Page 166: ...t is assigned to a group The required setting takes precedence over the optional setting The optional setting takes precedence over the disallowed setting If multiple software configurations contain t...

Page 167: ...guration that is assigned to a user account unlisted applications are not permitted on the BlackBerry device Multiple software configurations with different application control policies for unlisted a...

Page 168: ...ava Applications on BlackBerry devices BlackBerry Desktop Software BlackBerry Web Desktop Manager BlackBerry Application Web Loader on a web server standalone application loader tool web browser on Bl...

Page 169: ...y of the following methods Method Description Install BlackBerry Java Applications using the BlackBerry Desktop Software You can install a BlackBerry Java Application on a BlackBerry device by instruc...

Page 170: ...n s cod files on users computers You can then instruct users to use the application loader tool in the BlackBerry Desktop Software to install the BlackBerry Java Application on their BlackBerry device...

Page 171: ...are on the BlackBerry device For more information about application dependencies visit www blackberry com developers to read the BlackBerry Java Development Environment Development Guide Make the Blac...

Page 172: ...formats into the cod file format visit www blackberry com developers to read the BlackBerry Java Development Environment Development Guide For more information about the BlackBerry Application Web Lo...

Page 173: ...on and the location of cod files A cod file contains compiled and packaged application code The BlackBerry Application Web Loader requires these files to install the BlackBerry Java Application The ma...

Page 174: ...www blackberry com go docs to read the BlackBerry Application Web Loader Developer Guide Install the BlackBerry Java Application using the BlackBerry Application Web Loader Send these instructions to...

Page 175: ...t connect the BlackBerry device to their computers You must install the BlackBerry Desktop Software on users computers Prerequisites Installing BlackBerry Java Applications using the standalone applic...

Page 176: ...provider 1 In drive Program Files Common Files Research In Motion Shared Applications create a folder with a unique name to contain the application files Maintain the application s file structure 2 C...

Page 177: ...defaultUSB forceload Install the BlackBerry Java Application using the standalone application loader tool Send these instructions to users Before you begin Verify that the BlackBerry Desktop Software...

Page 178: ...nstall the BlackBerry Desktop Software on users computers Users do not have to connect their BlackBerry devices to their computers Users are responsible for completing the installation This method has...

Page 179: ...to install the BlackBerry Java Application on BlackBerry devices 2 Copy the application jad and cod files or jar files to the web server that hosts the web page After you finish Select a distribution...

Page 180: ...entral push server If two BlackBerry MDS Connection Service instances that are version 5 0 or later exist in a BlackBerry Domain by default both instances are central push servers If more than two Bla...

Page 181: ...ral push server Configuring how BlackBerry devices authenticate to content servers If you configured the content servers in your organization s environment to use an authentication protocol to authent...

Page 182: ...content server By default the authentication timeout limit is 1 hour 6 Click Save all After you finish If you set Authentication support enabled to Yes configure the BlackBerry MDS Connection Service...

Page 183: ...3 8 or later manage how HTTP cookies are stored and used to authenticate to content servers that use LTPA authentication technology For BlackBerry devices that use previous versions of the BlackBerry...

Page 184: ...ured proxy authentication the devices prompt users to authenticate to the proxy server Prerequisites Configuring the BlackBerry MDS Connection Service to support RSA authentication when the BlackBerry...

Page 185: ...ses that require RSA authentication configure URL patterns and access control rules that restrict user access to specific web addresses or intranet addresses 1 In the BlackBerry Administration Service...

Page 186: ...ervice manages these requests Configure the BlackBerry MDS Connection Service to manage HTTP cookie storage By default the BlackBerry MDS Connection Service does not manage HTTP cookie storage for Bla...

Page 187: ...on timeout field type a number in milliseconds 5 Click Save all Configure the timeout limit for HTTP connections with web servers You can specify how long a BlackBerry MDS Connection Service waits for...

Page 188: ...MDS Connection Service This key store permits the BlackBerry MDS Connection Service to accept HTTPS connections from push applications Push applications can use a BlackBerry MDS Connection Service cer...

Page 189: ...erver side push applications to open trusted HTTPS connections to a BlackBerry MDS Connection Service and push application data and application updates to BlackBerry devices you must add a certificate...

Page 190: ...server cer keystore drive Program Files Research In Motion BlackBerry Enterprise Server MDS webserver webserver keystore storepass password 3 Type the key store password After you finish Import the ce...

Page 191: ...DS Servers instance config 2 In a text editor open the rimpublic properties file 3 In the rimpublic properties file on a new line type Delegate push initiator true 4 Save and close the rimpublic prope...

Page 192: ...utorial essential regex literals html 6 In the Settings section in the Allow untrusted servers drop down list perform one of the following actions To permit only trusted HTTPS connections from the web...

Page 193: ...nnections To search for and retrieve certificates from an LDAP server you can configure the BlackBerry MDS Connection Service to use LDAP or DSML The BlackBerry MDS Connection Service searches each LD...

Page 194: ...the LDAP server name 2 In the Service URL field type the web address for the server 3 In the Settings section configure the LDAP server settings 4 Click the Add icon Change an existing LDAP server co...

Page 195: ...ion Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click MDS Connection Service 3 On the DSML tab click Edit component 4 In the Proto...

Page 196: ...ver information Add the communication information that you configured for the DSML server to the BlackBerry MDS Connection Service configuration set Related information Assign a BlackBerry MDS Connect...

Page 197: ...on Service configuration set to a BlackBerry MDS Connection Service instance 199 Restarting BlackBerry Enterprise Server components 392 Configure the CRL servers that the BlackBerry MDS Connection Ser...

Page 198: ...DAP server a DSML server a CRL server an OCSP server or a certification authority You must add the communication information that the BlackBerry MDS Connection Service requires to communicate with ser...

Page 199: ...device users can access documents on remote file systems from devices the BlackBerry MDS Connection Service can search for certificates and check for the status of the certificates from LDAP servers D...

Page 200: ...ore at the command prompt type Yes After you finish For more information about using the Java keytool visit java sun com javase 6 docs technotes tools windows keytool html Permitting users to access i...

Page 201: ...ttings section type a user name and password 7 Click Save all Configuring how the BlackBerry MDS Connection Service connects to BlackBerry devices Specify the maximum amount of data that a BlackBerry...

Page 202: ...ll Permit Java applications to use scalable socket connections with a BlackBerry MDS Connection Service Before you begin Verify that your system memory supports scalable socket connections 1 In the Bl...

Page 203: ...menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click the instance that you want to specify the maximum number of scalable socket connections for 3...

Page 204: ...port parameters only if a port conflict exists with another service on the same computer 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topol...

Page 205: ...Service The default interval is 5 minutes 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connec...

Page 206: ...an create the following types of email message filters global filters apply to all users on the BlackBerry Enterprise Server user filters apply to specific users on the BlackBerry Enterprise Server Us...

Page 207: ...t click the Up or Down icons The BlackBerry Enterprise Server applies email message filters in the order that they are listed in Organize the email message filters from the least restrictive to the mo...

Page 208: ...ackBerry devices select Do not forward email messages to the device To create an email message filter that forwards email messages that match the filter criteria to BlackBerry devices select Forward e...

Page 209: ...nother instance of the BlackBerry Enterprise Server Export email message filters for a BlackBerry Enterprise Server 1 In the BlackBerry Administration Service on the Servers and components menu expand...

Page 210: ...file so that you can use it with other user accounts Export email message filters for a user account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User...

Page 211: ...ension plug in application on the computer the hosts the BlackBerry Enterprise Server By default each BlackBerry Messaging Agent in your organization s BlackBerry Domain includes the extension plug in...

Page 212: ...n Restarting BlackBerry Enterprise Server components 392 Add an extension plug in to a BlackBerry Messaging Agent Before you begin Install an extension plug in application on the computer that hosts t...

Page 213: ...ice on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Email 2 Click the instance that you want to change 3 Click Edit instance 4 On the Extension...

Page 214: ...ct information field in an email application to contact list fields on BlackBerry devices 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topol...

Page 215: ...topology BlackBerry Domain Component view 2 Click Synchronization 3 Click Edit component 4 On the Mappings for organizer data synchronization tab in the Other mappings section select each User define...

Page 216: ...s for organizer data synchronization section select the Turned on option 8 In the Other mappings section in each User defined string drop down list select the contact field that you want to map to the...

Page 217: ...prise certification authority During the enrollment process the BlackBerry MDS Connection Service can verify the certificate if the certificate includes an email address in the subject DN The BlackBer...

Page 218: ...ty If your organization s environment includes a Microsoft enterprise certification authority the certification authority requires Windows authentication and a certification authority administrator mu...

Page 219: ...rations that the BlackBerry MDS Connection Service instances in your organization can use to communicate with a remote file system an LDAP server a DSML server a CRL server an OCSP server or a certifi...

Page 220: ...lackBerry MDS Connection Service configuration set to a BlackBerry MDS Connection Service instance so that BlackBerry device users can access documents on remote file systems from devices the BlackBer...

Page 221: ...Fi profile settings tab in the Associated Certificate Authority Configuration field type the name of the certification authority profile 6 Click Save All After you finish Assign the Wi Fi profile to a...

Page 222: ...t card For more information about deleting or revoking certificates see the user guide for the device Change the polling interval logging and pool size for the BlackBerry MDS Connection Service connec...

Page 223: ...ler pkcs10 poolsize If the certificate authority requires a certificate administrator to approve certificate requests this property specifies the maximum number of simultaneous worker threads that can...

Page 224: ...Web Desktop Manager To install the RIMWebComponents cab file users must log in to their computers as a local administrator If you use Microsoft Active Directory in your organization s environment cons...

Page 225: ...ick New 5 In the Name field type a name for the new GPO 6 In the list of GPOs click the GPO name 7 Click Edit 8 In the Group Policy Editor menu click User Configuration Software Settings 9 Right click...

Page 226: ...owser Download and install the Microsoft Group Policy Management Console with Service Pack 1 For more information about installing the service pack see www microsoft com 1 Open the Microsoft Exchange...

Page 227: ...k Turn Windows Features On or Off 3 Select ActiveX Installer Service 4 Click OK Configure users computers to install the client file for the BlackBerry Web Desktop Manager automatically You can create...

Page 228: ...ou want to assign the Windows GPO to Click Properties 4 On the Group Policy tab click New 5 In the Name field type a name for the new GPO 6 In the list of GPOs click the GPO name Click Edit 7 In the G...

Page 229: ...If you customized the BlackBerry Web Desktop Manager text colors or image and you want to display the changes on the login screen you must direct users to https full_computer_name webdesktop app page...

Page 230: ...BlackBerry Web Desktop Manager to update the BlackBerry Device Software see the BlackBerry Device Software Update Guide Permit users to perform administrative tasks using the BlackBerry Web Desktop M...

Page 231: ...To permit users to activate new devices only change Allow user wireline activation to Activate Unused PIN only To prevent users from activiating devices change Allow user wireline activation to No 5...

Page 232: ...rry Web Desktop Manager information tab in the Device backup domains field type a domain that permits the user to back up data 5 Click the Add icon 6 Repeat steps 4 and 5 for each domain that you want...

Page 233: ...nt color 5 This text color specifies the hexadecimal color value of unavailable links in the BlackBerry Web Desktop Manager For example text for options that you make unavailable using IT policy rules...

Page 234: ...name on the login page of the BlackBerry Web Desktop Manager You can specify the domain name that appears automatically in the Domain field when users browse to the BlackBerry Web Desktop Manager log...

Page 235: ...fy that the access points comply with the IEEE 802 11a standard IEEE 802 11b standard or IEEE 802 11g standard Verify the number of connections for each access point to make sure that the access point...

Page 236: ...tatic IT addresses use the DNS lookup tool on a Wi Fi enabled BlackBerry device to verify that the BlackBerry device can access the DHCP server Use the DNS lookup tool on a Wi Fi enabled BlackBerry de...

Page 237: ...cy Wi Fi configuration 2 Click Create Wi Fi profile 3 In the Name field type a name for the Wi Fi profile 4 Click Save After you finish Configure the Wi Fi profile Create a Wi Fi profile based on an e...

Page 238: ...You can assign one or more Wi Fi profiles to a group Before you begin Create and configure a Wi Fi profile 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand...

Page 239: ...BlackBerry solution management menu expand Policy Wi Fi configuration 2 Click Manage Wi Fi profiles 3 Click the name of a Wi Fi profile 4 Click Edit profile 5 On the Wi Fi profile settings tab change...

Page 240: ...Create a VPN profile 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Policy Wi Fi configuration 2 Click Create VPN profile 3 In the Name field type a name...

Page 241: ...lick Edit group 5 In the Available VPN profiles list click the profile that you want to assign to the group and click Add Repeat for any additional profiles that you want to assign to the group 6 Clic...

Page 242: ...configuration 2 Click Manage Wi Fi profiles 3 Click the name of the Wi Fi profile 4 Click Edit profile 5 On the Wi Fi profile settings tab in the Wi Fi associations section in the Associated VPN Profi...

Page 243: ...ple user accounts at the same time The csv file must contain the following information user accounts that you want to update names of profiles that you want to change whether you want to add remove or...

Page 244: ...vice export user information for the user accounts that you want to update profile information for to a csv file 2 In any application that permits you to update csv files add the following fields to t...

Page 245: ...lds that you can configure in a csv file The BlackBerry Administration Service uses the fields in the csv file to update profile information that you assigned to user accounts Field Description User I...

Page 246: ...closer to the end of the file is the action that the BlackBerry Administration Service processes If the BlackBerry Administration Service notices an error that is specific to an action during the impo...

Page 247: ...default key ID The WEP key numbering on BlackBerry devices does not match the WEP key numbering in the configuration settings of the Wi Fi profile for the enterprise Wi Fi network For example WEP key...

Page 248: ...nfiguring Wi Fi profiles 235 Configuring PSK encryption The IEEE 802 1X standard specifies PSK encryption as an access control method for enterprise Wi Fi networks You can use PSK encryption in small...

Page 249: ...send the IT policy that you assign to the user accounts to Wi Fi enabled BlackBerry devices Related information Creating and configuring Wi Fi profiles 235 Configuring LEAP authentication LEAP authent...

Page 250: ...d Policy Wi Fi configuration 2 Click Manage Wi Fi profiles 3 Click the name of the Wi Fi profile that you want to change 4 Click Edit profile 5 On the Wi Fi profile settings tab perform the following...

Page 251: ...BlackBerry Enterprise Server Security Technical Overview Configure PEAP authentication data for BlackBerry devices using a Wi Fi profile If BlackBerry device users in your organization s environment u...

Page 252: ...cess points Use the certificate management features of Microsoft Active Directory to download the root certificate from the certificate authority server to the computer Distribute a certificate using...

Page 253: ...truct the user to re install the BlackBerry Desktop Manager using the custom installation option During the custom installation process the user can install the certificate synchronization tool Config...

Page 254: ...t to the enterprise Wi Fi network EAP TLS authentication requires that BlackBerry devices trust the authentication server certificate and use a client side certificate as the supplicant credentials To...

Page 255: ...for EAP TLS authentication In the Wi Fi User Password field type the password for EAP TLS authentication 6 If required configure the following configuration settings Wi Fi Link Security Wi Fi Hard Tok...

Page 256: ...com or server1 domain net If you leave the field blank the BlackBerry device skips over it during server authentication 10 If necessary in the Server SAN field type the alternative name for the serve...

Page 257: ...see the BlackBerry Enterprise Server Security Technical Overview Configure EAP TTLS authentication data for BlackBerry devices using a Wi Fi profile If BlackBerry device users in your organization s e...

Page 258: ...thentication server certificate 7 In the Inner link security type list select EAP MS CHAPv2 8 If necessary in the Server subject field type the server name in the server certificate in URL format for...

Page 259: ...designed to be secure using automatic PAC provisioning 2 Configure each wireless access point to connect to the access control server and a DHCP server 3 Verify that the DHCP server can provide the fo...

Page 260: ...In the Wi Fi User Name field type the user name for PEAP authentication In the Wi Fi User Password field type the password for PEAP authentication 6 If required configure the following configuration...

Page 261: ...FAST 5 Type the user name and password for the messaging server 6 In the Inner link security list click the security type 7 If necessary in the Token list select the token type 8 If your organization...

Page 262: ...ry devices prompt the users to type the software token PIN and submit the current tokencode for the connection type to create the passcode for two factor authentication For more information about how...

Page 263: ...Manager To permit BlackBerry devices to authenticate to the RSA Authentication Manager you must synchronize the time and date on BlackBerry devices with the time and date on the computer that hosts t...

Page 264: ...ve All After you finish Assign the Wi Fi profile to the user accounts Resend the IT policy that you assign to the user accounts to BlackBerry devices Configure RSA authentication over a VPN network us...

Page 265: ...nu expand User 2 Click Manage users 3 Search for a user account 4 Click the display name for the user account 5 Click Edit user 6 On the Software tokens tab type the serial number of the software toke...

Page 266: ...rtificate copy the root certificate of the certification authority to the computer that hosts the BlackBerry Administration Service 1 On a computer that hosts a BlackBerry Administration Service insta...

Page 267: ...ows Services restart the BlackBerry Administration Service services 10 Complete the following actions on each computer that hosts a BlackBerry Administration Service instance a Copy the web keystore f...

Page 268: ...he names of the global catalog servers that the BlackBerry Administration Service can use You can change the Windows domain user name and password for the Microsoft Active Directory account and global...

Page 269: ...e BlackBerry Administration Service to access 10 Click Save All The BlackBerry Administration Service validates the information for Microsoft Active Directory authentication If the information is vali...

Page 270: ...e pool add the HTTP BAS_pool_FQDN SPN for each pool to the Microsoft Active Directory account 3 Configure the Microsoft Active Directory account for constrained delegation using the following settings...

Page 271: ...nager using the following web addresses https BAS_pool_FQDN webconsole login https BAS_pool_FQDN webdesktop login Single sign authentication takes precedence over other authentication methods that per...

Page 272: ...shorter period administrators who are logged in with passwords that are older than the new expiry remain logged in and are required to change the password at the next log in The password for the Blac...

Page 273: ...BlackBerry Administration Service instances in the Windows Services stop the BlackBerry Administration Service services 2 On the database server on the BlackBerry Configuration Database run the follo...

Page 274: ...ation about using the security options on the device to permanently delete all user data see the user guide for the device After the new user receives the device you must activate it Related informati...

Page 275: ...receive a prompt type the device password 3 In the BlackBerry Administration Service on the Devices menu click Attached devices Manage current device 4 Click Delete all device data and disable device...

Page 276: ...e data for personal use the call history entries are deleted when you delete work data call logs although the device classifies phone data as personal data the call log files are deleted when you dele...

Page 277: ...nt from the BlackBerry Enterprise Server and remove the BlackBerry Enterprise Server information from the user s mailbox click Delete the user and remove BlackBerry information from the user s messagi...

Page 278: ...data and remove device This command permanently deletes all work data that the device stores and removes the device from the BlackBerry Enterprise Server All personal data remains on the device You ca...

Page 279: ...ry Enterprise Server and remove the BlackBerry Enterprise Server information from the user s mailbox click Delete the user and remove BlackBerry information from the user s messaging system To disable...

Page 280: ...expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the PIN for the user account 5 In the Device activation section click Delete all device data and remove devi...

Page 281: ...the BlackBerry Enterprise Server information from the user s mailbox click Disable the user and remove BlackBerry information from the user s messaging system 8 Click Yes Delete all device data and r...

Page 282: ...nage roles 3 In the list of existing roles click the name of the role that you want to change the permissions for 4 Click Edit role 5 Switch the appropriate tabs to change the appropriate permissions...

Page 283: ...he BlackBerry solution management menu expand Role 2 Click Manage roles 3 In the list of existing roles click the name of the role that you want to delete 4 Click Delete role 5 Click Yes Delete the ro...

Page 284: ...5 In the Status list click Delete user 6 Click Yes Delete the user Administration Guide Managing administrator accounts 284...

Page 285: ...can override the properties that you configured for the account at the group level or domain level by changing the properties at the user account level If you remove a user account or administrator ac...

Page 286: ...perform basic administrative tasks such as adding users to groups and assigning BlackBerry devices to BlackBerry device users The Junior Helpdesk role can only add users to the Web Desktop Users group...

Page 287: ...e group name 4 Click Edit group 5 Switch between the appropriate tabs and make the appropriate changes 6 Click Save all Rename a group 1 In the BlackBerry Administration Service on the BlackBerry solu...

Page 288: ...dden mailbox that does not appear in the contact list you must update the user account that is associated with the BlackBerry Enterprise Server manually When you delete a user account you can retain t...

Page 289: ...any pending deployment tasks and move all of the user accounts click Yes Switch the users and fail the deployment tasks If you do not want to move the user accounts that have pending deployment tasks...

Page 290: ...e Status list click Reload user Add an administrator role to a user account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Sea...

Page 291: ...from company directory Resend service books to a BlackBerry device 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a...

Page 292: ...s to BlackBerry devices Change default settings for a job schedule When you create a software configuration and assign it to user accounts when you change a software configuration that you assigned to...

Page 293: ...pdates to BlackBerry devices If you change the default settings for IT policy distribution your organization s environment might experience a performance impact 1 In the BlackBerry Administration Serv...

Page 294: ...ry Enterprise Server to process at the same time The default value is 25 8 If necessary in the Total number of tasks per time window per BlackBerry Administration Service instance field type the total...

Page 295: ...n 5 On the System throttling tab in the Maximum number of simultaneous tasks per BlackBerry Administration Service instance field type the maximum number of tasks that you want the BlackBerry Enterpri...

Page 296: ...me is All day Add a recurrence day for installing updating or removing the BlackBerry Device Software To add more than one recurrence day the schedules for the separate recurrence days cannot overlap...

Page 297: ...Devices menu expand Deployment jobs 2 Click Specify BlackBerry Device Software application distribution settings 3 Click Edit distribution settings 4 Perform any of the following tasks Task Steps Chan...

Page 298: ...total number of tasks for standard application settings that you want the BlackBerry Enterprise Server to process during each processing interval The default value is 150 9 Click Save all Managing the...

Page 299: ...iority for the job 7 In the Job Schedule section in the Effective Date field select the start date for the job 8 Click Save all Change how a job sends IT policies to BlackBerry devices You can change...

Page 300: ...n each job in a time window section in the Maximum number of simultaneous tasks per BlackBerry Administration Service instance field type the maximum number of IT policy tasks in the job that you want...

Page 301: ...propriate recurrence option If necessary select the recurrence days 2 In the Start time drop down list click the appropriate option If necessary change the start time and end time 3 Click the Add icon...

Page 302: ...yment day s drop down list click the appropriate recurrence option If necessary click the number of recurrence days 3 In the Start time drop down list click the appropriate option If necessary change...

Page 303: ...ings and updates in jobs to BlackBerry devices If you change the default distribution settings for the standard application settings in BlackBerry Device Software configurations your organization s en...

Page 304: ...ultaneous tasks per BlackBerry Administration Service instance field type the maximum number of tasks for standard application settings in the job that you want the BlackBerry Enterprise Server to pro...

Page 305: ...Edit software configuration 5 On the Applications tab click the Delete icon for the application 6 Perform one of the following actions If you configured the software configuration to permit unlisted a...

Page 306: ...software configuration from multiple user accounts If you remove a software configuration from multiple user accounts the applications in the software configuration are removed from the BlackBerry de...

Page 307: ...tion tab in the Current software configurations list click a software configuration 7 Click Remove 8 Repeat steps 6 and 7 for each software configuration that you want to remove 9 Click Save all Delet...

Page 308: ...uthentication integrated Windows authentication or both before the users can access the web servers Restrict requests for content on web servers from BlackBerry devices Turn on pull authorization for...

Page 309: ...Service but might use multiple IP addresses to provide access to the web site As a result the BlackBerry MDS Connection Service might not be able to restrict BlackBerry devices from accessing the web...

Page 310: ...ce on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click MDS Connection Service 3 Click Edit component 4 On the Access control rules tab click...

Page 311: ...BlackBerry Administration Service in the BlackBerry solution management menu expand User 2 Click Manage users 3 Click View more criteria 4 Search for a group 5 Click Select all results in the entire s...

Page 312: ...nu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click MDS Connection Service 3 Click Edit component 4 In the Media content type field type the media type and subtype using st...

Page 313: ...llow content drop down list click No 7 Click the Add icon 8 Click Save all Related information Default download limits for media content types 313 Default download limits for media content types Black...

Page 314: ...ve Directory domain You must also configure two way trust between the Microsoft Active Directory domain that the BlackBerry MDS Connection Service is running on and other Microsoft Active Directory do...

Page 315: ...password never expires If you configured a pool of application servers to host the intranet site and the pool is running on Microsoft IIS and is located behind a load balancer specify a user account a...

Page 316: ...a Microsoft Active Directory account when the messaging server is in a remote Microsoft Active Directory domain Turn on Integrated Windows authentication when users access resources on your organizat...

Page 317: ...or After you finish If required configure BlackBerry MDS Connection Service to use a Microsoft Active Directory account when the messaging server is in a remote Microsoft Active Directory domain Turn...

Page 318: ...change domain domain_name where domain_name is the Microsoft Active Directory domain that contains the messaging server For example type application handler exchange domain domain123 example com 4 Sav...

Page 319: ...eb address pattern for OCSP LDAP and TCP to permit users to communicate with OCSP servers LDAP servers or TCP servers 11 On the Access control rules tab create a pull rule for each of the web address...

Page 320: ...om sending data to BlackBerry devices You can turn on push authentication to permit only authenticated push applications to send push requests to applications on BlackBerry devices 1 In the BlackBerry...

Page 321: ...end push requests to BlackBerry devices To specify which users can receive push requests from authenticated push applications turn on push authorization and create push rules Turn on push authorizatio...

Page 322: ...push initiators to authenticate specific push applications 1 In the BlackBerry Administration Service in the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component...

Page 323: ...ules list click a push rule 8 Click Add 9 Click Save Assign a push rule to user accounts Before you begin Create a push rule Assign push initiators to the push rule 1 In the BlackBerry Administration...

Page 324: ...es and sends push application requests For more information about types of push requests visit www blackberry com developers to see the BlackBerry Java Development Environment Development Guide Specif...

Page 325: ...n also configure storage settings for the BlackBerry Configuration Database For more information about types of push requests visit www blackberry com developers to see the BlackBerry Java Development...

Page 326: ...the BlackBerry Enterprise Server deletes it from the BlackBerry Configuration Database 6 Click Save all Configure the maximum number of active connections that a BlackBerry MDS Connection Service can...

Page 327: ...pending push connections in the queue exceeds the limit 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component v...

Page 328: ...Berry device By default wireless backup is turned on when you activate BlackBerry devices Turn off the wireless backup of organizer data for a user account 1 In the BlackBerry Administration Service o...

Page 329: ...propriate group 5 Click Search 6 Select all users 7 In the Organizer data synchronization list click Clear backed up data for organizer data synchronization Delete a user s organizer data from a Black...

Page 330: ...nt menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the display name for the user account 5 Click Edit user 6 In the Messaging configuration section clic...

Page 331: ...e Server to the BlackBerry device only click Server to Device To synchronize data from the BlackBerry device to the BlackBerry Enterprise Server only click Device to Server To synchronize data from th...

Page 332: ...nterprise Server 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Synchronization 2 Click the instance...

Page 333: ...ice synchronizes pictures that a user adds to contact entries in their contact list between the BlackBerry device and the email applications on their computer A user can add delete and change pictures...

Page 334: ...ation 7 On the Mappings for organizer data synchronization tab in the Additional mappings section in the Picture drop down list click None 8 Click Continue to user information edit 9 Click Save all Ad...

Page 335: ...g settings on their BlackBerry devices or by using the BlackBerry Desktop Manager or the BlackBerry Web Desktop Manager The settings that you define override the settings that users define Forward ema...

Page 336: ...ges to the device 8 Click Continue to user information edit 9 Click Save all Forward email messages from inbox subfolders to a BlackBerry device You can specify which subfolders in a user s email appl...

Page 337: ...anually 1 In the BlackBerry Administration Service on the BlackBerry Solution management menu expand User 2 Click Manage users 3 Click View more criteria 4 In the Group criteria section in the Specifi...

Page 338: ...t 4 In the search results click the name of the user account 5 Click Edit user 6 In the Messaging configuration section click Default configuration 7 On the Services tab in the Email services settings...

Page 339: ...messages from the incoming message queue the BlackBerry Enterprise Server does not send the email messages to the user s BlackBerry device The email messages remain in the email application on the us...

Page 340: ...anager 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Email 2 Click the instance that you want to ch...

Page 341: ...he resource impact of the BlackBerry Enterprise Server on your organization s messaging server Before you begin If your organization s environment includes Microsoft Exchange 2007 configure the system...

Page 342: ...ail 2 Click the name of the BlackBerry Messaging Agent instance that you want to prevent a device user from searching for remote email messages 3 Click Edit instance 4 On the Messaging tab in the Mess...

Page 343: ...ine View whether a user turned on support for email messages that contain HTML and rich content for a BlackBerry device You can view whether a user turned on support for email messages with HTML and r...

Page 344: ...rprise Server pair that you want turn off rich text formatting or inline images for 3 Click Edit instance 4 On the Messaging tab perform one or both of the following options To turn off rich text form...

Page 345: ...ervice and BlackBerry MDS Connection Service 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Policy 2 Click Manage IT policies 3 Click the name of the IT p...

Page 346: ...n section click the device configuration name 7 On the Email tab in the Published public contact folders section select the check box beside each public address book that you want to permit the user t...

Page 347: ...erry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for the user account 4 In the search results click the display name for a user account...

Page 348: ...e or more BlackBerry MDS Connection Service instances Configure the BlackBerry MDS Connection Service to communicate with a remote file system To permit the BlackBerry MDS Connection Service to commun...

Page 349: ...c computer you can type 10 10 10 10 To access all of the content on the computers in a specific domain you can type test company net After you finish Add communication information to a BlackBerry MDS...

Page 350: ...ation set click the Add icon To update an existing configuration set click the Update icon 10 Click Save all After you finish To confirm your changes click the View icon Assign the configuration set t...

Page 351: ...messages Add a signature to email messages that a user sends from a BlackBerry device To enforce a signature format policy in your organization you can add a standard signature to the email messages t...

Page 352: ...er for 6 Click Save all Add a disclaimer to email messages that a user sends from a BlackBerry device You can add a disclaimer to all email messages that are sent by a user that is different from the...

Page 353: ...ion in the Prepended disclaimer conflict rule drop down list click a conflict rule To specify the conflict rules for disclaimers that appear after the user signature in the Messaging options section i...

Page 354: ...Edit instance 4 On the Messaging tab in the Auto BCC email address section perform one of the following tasks Task Steps Add email addresses manually In the Auto BCC email address field type the email...

Page 355: ...Send message to users 4 Type the message that you want to send 5 Click Send message Send a notification message to all users on a BlackBerry Enterprise Server 1 In the BlackBerry Administration Servic...

Page 356: ...ecause the BlackBerry Messaging Agent can use the local message state database to search for messages instead of communicating with the Microsoft Exchange Server Increasing the size of the message sta...

Page 357: ...audio file formats one instance processes email message attachments that are in image file formats and one instance processes email message attachments that are in all other file formats For more inf...

Page 358: ...ve all Change how a BlackBerry Attachment Connector restores a lost connection to a BlackBerry Attachment Service Based on the number of users in your organization s environment if you change the Blac...

Page 359: ...Office Format version 1 1 odp ods odt ott RTF rtf ZIP archives zip Limitations for supported attachment file formats Format and extension Limitations audio You must install the software update for KB2...

Page 360: ...onality animation transitions tables svm images crop and clip image effects specific types of text object spacing table of contents portrait page orientation color gradient hatching and bitmap fill ef...

Page 361: ...more memory is allocated to each running conversion process The maximum file size of attachments impacts the amount of cached memory that the BlackBerry Attachment Service uses By default the BlackBer...

Page 362: ...r of converted documents that can be located in the document cache as DOM for a single conversion process The default value is 32 1 through 128 Maximum number of processes This setting specifies the n...

Page 363: ...to 9 Change the maximum file size for attachments that users can receive The BlackBerry Attachment Service uses memory during the attachment conversion process If users try to open large or complex a...

Page 364: ...00 KB Turn off support for an attachment file format for a BlackBerry Attachment Service The BlackBerry Attachment Service uses distillers to convert attachments that are in supported file formats so...

Page 365: ...rry Attachment Connector For example if users send rtf files as wav files you must verify that the BlackBerry Attachment Connector supports wav files and that the appropriate distiller is turned on fo...

Page 366: ...sends an attachment that is larger than a single packet the BlackBerry device divides the attachment into multiple packets The BlackBerry Messaging Agent caches all of the packets and sends the attach...

Page 367: ...nly send specific attachments such as certificates and contact list entries that are less than a single packet 1 In the BlackBerry Administration Service on the Servers and components menu expand Blac...

Page 368: ...3 Click Edit instance 4 On the Messaging tab in the Messaging options section in the Maximum single attachment download size KB field type a number in KB that is between 0 and 10240 10 MB If you type...

Page 369: ...manage calendars on devices You can configure a specific BlackBerry Messaging Agent instance a specific BlackBerry Enterprise Server or all BlackBerry Enterprise Server instances that share one BlackB...

Page 370: ...l 2 Type New ThrottlingPolicy BESPolicy 3 Type the following command Set ThrottlingPolicy BESPolicy RCAMaxConcurrency null RCAPercentTimeInAD null RCAPercentTimeInCAS null RCAPercentTimeInMailboxRPC n...

Page 371: ...ackBerry Enterprise Server components 392 Configure the BlackBerry Enterprise Server to use MAPI and CDO libraries You can configure the BlackBerry Enterprise Server to use only MAPI and CDO libraries...

Page 372: ...ter 3 At the command prompt navigate to extracted_folder tools 4 Perform one of the following actions To configure all BlackBerry Messaging Agent instances on a specific BlackBerry Enterprise Server t...

Page 373: ...sts the primary BlackBerry Enterprise Server 2 Extract the contents to a folder on the computer 3 At the command prompt navigate to extracted_folder tools 4 Perform one of the following actions To con...

Page 374: ...ng Agent instances writing error messages to their log files Configure the BlackBerry Messaging Agent instances to look up a user s status using only Microsoft Exchange Web Services 1 Copy the BlackBe...

Page 375: ...nization errors that it finds It is a best practice to schedule corrective calendar synchronization to occur during low use periods For example you can schedule the process to begin in the early eveni...

Page 376: ...rrective calendar synchronization for all user accounts that are associated with a BlackBerry Enterprise Server type traittool server server_name trait ExchangeSmartSyncEnable set false To turn off co...

Page 377: ...settings for all user accounts type traittool global list 5 Press ENTER Example Viewing the global calendar synchronization settings traittool global list Turn off automatic error correction in corre...

Page 378: ...that are associated with the specific BlackBerry Enterprise Server or global for all user accounts Configure the range of days to check for calendar synchronization errors You can configure corrective...

Page 379: ...to the folder that the TraitTool exe file is located in 4 Perform one of the following actions To configure calendar synchronization to occur at a specific hour for a specific user account type traitt...

Page 380: ...onization to run at 10 00 PM for all users on the BlackBerry Enterprise Server that is named SERVER01 traittool server SERVER01 trait ExchangeSmartSyncTriggerHour set 22 Example Corrective calendar sy...

Page 381: ...default value is used 1 Copy the BlackBerry Enterprise Server installation files to a computer that hosts a BlackBerry Enterprise Server instance 2 Extract the contents to a folder on the computer 3 A...

Page 382: ...e Server so that the BlackBerry Messaging Agent can synchronize calendars on BlackBerry devices with Microsoft Outlook calendars In BlackBerry Enterprise Server 4 1 SP6 and earlier and in BlackBerry E...

Page 383: ...ackBerry Enterprise Server Agents If you are running a 64 bit version of Windows go to HKEY_LOCAL_MACHINE SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Agents 5 Create a DWORD v...

Page 384: ...rry Collaboration Service supports for instant messaging sessions on the Novell GroupWise instant messaging server is limited to the number of Windows sockets that are available Installing a collabora...

Page 385: ...f instant messaging servers For all other types of instant messaging server in the Host Server for instant messaging field type the host name of the instant messaging server 6 In the Port field type t...

Page 386: ...Access server The computer that hosts the BlackBerry Collaboration Service must trust the TLS certificate on the Microsoft Office Communicator Web Access server click HTTP if you do not want the Black...

Page 387: ...hange 4 Click Edit instance 5 In the General section in the Maximum simultaneous sessions field type the maximum number of instant messaging sessions that can be open at the same time 6 Click Save all...

Page 388: ...ecific file types type the file extensions and separate them using commas For example type bat exe mp3 to prevent users from sending batch executable and mp3 files To prevent users from sending all fi...

Page 389: ...on of a collaboration client users can save their instant messaging conversations as txt files in the internal memory of their BlackBerry devices or on an external memory device You can turn off this...

Page 390: ...73 FieldName OfficePhoneNumber Type text plain Detail id _doneHomePhone13238950376382 FieldName PhoneNumber Type text plain Detail id _doneCellPhone13238950372283 FieldName CellPhoneNumber Type text p...

Page 391: ...owing actions 1 Create a test user account in the IBM Lotus Domino Directory 2 Using the IBM Lotus Sametime administration web page change the test user account by typing values for the contact inform...

Page 392: ...rprise Server BlackBerry Controller and BlackBerry Dispatcher BlackBerry Collaboration Service Collaboration BlackBerry Collaboration Service BlackBerry Synchronization Service Synchronization BlackBe...

Page 393: ...ervice on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Expand the component that you want to restart 3 Click an instance 4 Click Restart insta...

Page 394: ...alone command line tool that you can use to configure specific BlackBerry Enterprise Server traits You can configure most BlackBerry Enterprise Server settings using the BlackBerry Administration Ser...

Page 395: ...g Agent group groups_name to specify a group of BlackBerry device users host host_name to specify a pair of high availability BlackBerry Enterprise Server instances user smtp_address to specify one us...

Page 396: ...Autodiscovery protocol change the value to 1 If you want to disable the Web Proxy Autodiscovery protocol change the value to 0 If you do not change the value to 1 the Web Proxy Autodiscovery protocol...

Page 397: ...that the BlackBerry Enterprise Server requires for BlackBerry Enterprise Server version 4 1 SP6 and earlier set the trait to true 1 The default value is false 0 the BlackBerry Messaging Agent modifie...

Page 398: ...nterprise Server to use Microsoft Exchange Web Services and Configure the BlackBerry Enterprise Server to use MAPI and CDO libraries EWSMaxWorkerThreads This trait specifies how many worker threads Mi...

Page 399: ...ait specifies whether a user can append the word confirm to the subject of email messages to receive an automatic confirmation that the email message is delivered to the intended recipient If you want...

Page 400: ...r or all user accounts The default value is 7 For more information see Configure the period of days to check for calendar synchronization errors ExchangeSmartSyncEnable This trait specifies whether th...

Page 401: ...s on devices You can configure the BlackBerry Enterprise Server to check for calendar synchronization errors on devices at a specific hour for a specific user account all user accounts that you associ...

Page 402: ...st of available public folders in the Email component page in the BlackBerry Administration Service The default value is true 1 the BlackBerry Administration Service looks up public folders MaxDomainS...

Page 403: ...erprise Server monitors the Junk folder for activation messages NumberOfUserTargetTypeForSlowSyncInParallel This trait specifies how many different types of organizer data such as tasks memos and cont...

Page 404: ...rottling for application polling PolicyThrottlingInProcessJobs This trait specifies the maximum number of processes for IT policies or processes for service books that a BlackBerry Policy Service can...

Page 405: ...s the list of BlackBerry Router instances automatically SlowSyncPollCycleInterval This trait specifies the interval in minutes between the times that the BlackBerry Synchronization Service reviews the...

Page 406: ...Messaging Agent to write statistics to Microsoft Exchange mailboxes By default to reduce the workload on the Microsoft Exchange Server the BlackBerry Messaging Agent 5 0 SP2 or later does not write s...

Page 407: ...informs you that you require more BlackBerry CAL keys If you use a temporary evaluation version of a BlackBerry CAL key and the BlackBerry CAL key expires the BlackBerry Dispatcher stops all synchroni...

Page 408: ...If you prevent the BlackBerry Mail Store Service that you installed with the first BlackBerry Enterprise Server instance from updating the contact list the next available BlackBerry Mail Store Service...

Page 409: ...ng actions To permit a BlackBerry Mail Store Service instance to update the contact list type Traittool host instance_name trait MailstoreAddressRefreshEnabled set true where instance_name is the name...

Page 410: ...to is listed accurately and consistently in the entry for each user in Microsoft Active Directory For example if the organization s name appears as an acronym in some entries but in expanded form in o...

Page 411: ...unning a 64 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software WOW6432Node Research In Motion BlackBerry Enterprise Server Agents 4 Create a String value named LDAPCompanyField 5 Specify t...

Page 412: ...y Enterprise Server to use LDAP to retrieve email addresses and organizer data By default when BlackBerry device users search for recipients email addresses or organizer data the BlackBerry Enterprise...

Page 413: ...rise Server Agents If you are running a 64 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software WOW6432Node Research In Motion BlackBerry Enterprise Server Agents 4 If your organization s en...

Page 414: ...er components 392 Configure the BlackBerry Enterprise Server to retrieve email addresses and organizer data using LDAP 1 On the computer that hosts the BlackBerry Enterprise Server click Start Run 2 T...

Page 415: ...ute to HideFromBlackBerry for all users that you do not want BlackBerry device users to find 1 On the computer that hosts the BlackBerry Enterprise Server click Start Run 2 Type regedit Click OK 3 Per...

Page 416: ...te to HKEY_LOCAL_MACHINE Software Research In Motion BlackBerry Enterprise Server Agents If you are running a 64 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software WOW6432Node Research In...

Page 417: ...e been changed from their default values Configuring BlackBerry Policy Service throttling for IT policies and service books If the BlackBerry Policy Service detects that you updated an IT policy or se...

Page 418: ...ervice books 1 Copy the BlackBerry Enterprise Server installation files to a computer that hosts the primary BlackBerry Enterprise Server instance 2 Extract the contents to a folder on the computer 3...

Page 419: ...r on the computer 3 At the command prompt navigate to extracted_folder tools 4 To configure the maximum number of processes for PIN encryption keys that a BlackBerry Policy Service can process at one...

Page 420: ...obal trait PolicyThrottlingAppPush set true To configure the BlackBerry Policy Service to not send applications using throttling and to process the requests as quickly as possible type traittool globa...

Page 421: ...gh ports 1024 to 65535 1 On the computer that hosts the BlackBerry Enterprise Server component open the BlackBerry Configuration Panel 2 In the Database Connectivity tab in the Use dynamic ports or sp...

Page 422: ...NE Software Research In Motion BlackBerry Enterprise Server If you are running a 64 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software WOW6432Node Research In Motion BlackBerry Enterprise...

Page 423: ...kBerry Controller restarts the services if the BlackBerry Controller detects that the services are inactive By default the BlackBerry Controller also restarts services if the BlackBerry Controller det...

Page 424: ...ts daily 1 Create a DWORD value that is named MaxAgentRestartPerDay 2 Double click the new DWORD value 3 In the Value data field type a value The default maximum number of restarts that can occur dail...

Page 425: ...value to 17 the BlackBerry Controller does not restart the BlackBerry Messaging Agent between 8 00 AM and 5 00 PM if it detects a nonresponsive thread To turn off the time range in the RestartAgentOnH...

Page 426: ...g a 64 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software WOW6432Node Research In Motion 3 Perform any of the following tasks Task Steps Change how the BlackBerry Controller restarts the B...

Page 427: ...eld perform one of the following actions To prevent the BlackBerry Controller from restarting the BlackBerry Router if the service stops responding type 0 To permit the BlackBerry Controller to restar...

Page 428: ...ervice stops responding type 1 4 Click OK BlackBerry Enterprise Server Alert Tool Configuring notifications using the BlackBerry Enterprise Server Alert Tool You can use the BlackBerry Enterprise Serv...

Page 429: ...email or popup messages that appear on the screen You can send popup messages to the contact if the Messenger service for Windows is running on the computer that you installed the BlackBerry Enterpri...

Page 430: ...s as popup messages on the contact s computer in the Console field type the name of the contact s computer 8 Click OK Related information Restarting BlackBerry Enterprise Server components 392 Adminis...

Page 431: ...the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Synchronization 2 Click the instance that you want to chan...

Page 432: ...he list of IT policies click an IT policy 4 Click Edit IT policy 5 On the PIM Synchronization tab in the Disable SMS Messages Wireless Synchronization drop down list click No 6 Click Save all Turn off...

Page 433: ...1 txt An event that the BlackBerry Enterprise Server writes to a log file begins with a five digit number where the first digit represents the logging level For example the following log file entry lo...

Page 434: ...erver service in the Windows Services restart the BlackBerry Enterprise Server services Changing how BlackBerry Enterprise Server components create log files Add a prefix to the file names of the log...

Page 435: ...ate and restart the components that contain the logging settings that you changed Related information Create an additional log file for a BlackBerry Enterprise Server component when the current log fi...

Page 436: ...topology BlackBerry Domain Component view Logging 2 Click the instance that contains the logging settings that you want to change 3 On the Logging details tab click Edit instance 4 In each section in...

Page 437: ...omponents that contain the logging settings that you changed Related information Restarting BlackBerry Enterprise Server components 392 Configure when the BlackBerry Enterprise Server deletes a log fi...

Page 438: ...and restart the components that contain the logging settings that you changed Related information Restarting BlackBerry Enterprise Server components 392 Restore logging settings to default values for...

Page 439: ...y Attachment Service component BBAS AS BlackBerry Administration Service Application Server BBAS NCC BlackBerry Administration Service Native Code Container BBIM BlackBerry Instant Messaging BBMS Blac...

Page 440: ...tion Service log files Changing how the BlackBerry MDS Connection Service creates a log file Change the logging level for BlackBerry MDS Connection Service log files You can change the logging level f...

Page 441: ...d TCP log files 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click an ins...

Page 442: ...ber 5 Click Save all Related information Restarting BlackBerry Enterprise Server components 392 Configure BlackBerry MDS Connection Service to log DSML information 1 On the computer that hosts the Bla...

Page 443: ...sages that the web server sends or receives when users retrieve content from the Internet and intranet on BlackBerry devices In the HTTP logging turned on drop down list click Yes Monitor HTTP headers...

Page 444: ...IN u29 DOMAINNAME test rim net CONNECTION_TYPE DEVICE_CONN CONNECTIONID 852164874 DURATION ms 3500 MFH_KBytes 0 908 MTH_KBytes 38 218 MFH_PACKET_COUNT 1 MTH_PACKET_COUNT 2 Log file example BlackBerry...

Page 445: ...on Service log files Change which activities the BlackBerry Collaboration Service writes to a log file 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry S...

Page 446: ...he BlackBerry Collaboration Service to the BlackBerry Dispatcher In the GME logging turned on drop down list click True 5 Click Save all Related information Restarting BlackBerry Enterprise Server com...

Page 447: ...port number UI where you can configure the connection for a Microsoft SQL Server incoming data connections from and outgoing data connections to the BlackBerry Configuration Database TCP 1433 Windows...

Page 448: ...ry Administration Service instance for local JNDI TCP 11099 BlackBerry Configuration Panel internal data connection TCP 18083 BlackBerry Configuration Panel incoming data connections from and outgoing...

Page 449: ...ervice connection types and port numbers Item Connection type Default port number UI where you can configure the connection incoming document submissions from the BlackBerry Attachment Service TCP 190...

Page 450: ...ws HKEY_LOCAL_MACHIN E SOFTWARE Research In Motion BlackBerry Enterprise Server Database Port On a 64 bit version of Windows HKEY_LOCAL_MACHIN E SOFTWARE WOW6432Node Research In Motion BlackBerry Ente...

Page 451: ...data connections to the BlackBerry Dispatcher TCP 3200 incoming data connections from and outgoing data connections to the BlackBerry Configuration Database that a Microsoft SQL Server hosts TCP 1433...

Page 452: ...following BlackBerry Enterprise Server components BlackBerry Administration Service BlackBerry Attachment Service BlackBerry Collaboration Service BlackBerry Dispatcher BlackBerry MDS Connection Servi...

Page 453: ...nfigure the connection incoming syslog connections from the BlackBerry Messaging Agent UDP 4070 Microsoft Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHIN E SOFTWARE Research In Motio...

Page 454: ...from the BlackBerry Messaging Agent TCP 5096 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHIN E SOFTWARE Research In Motion BlackBerry Enterprise Server Agents TcpPortDispatcher On a...

Page 455: ...hosts TCP 1433 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHIN E SOFTWARE Research In Motion BlackBerry Enterprise Server Database Port On a 64 bit version of Windows HKEY_LOCAL_MACH...

Page 456: ...umbers Item Connection type Default port number UI where you can configure the connection outgoing data connections to the BlackBerry Dispatcher TCP 5096 Windows registry On a 32 bit version of Window...

Page 457: ...bit version of Windows HKEY_LOCAL_MACHIN E SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Database Port incoming syslog connections from the BlackBerry Controller and CalHelper...

Page 458: ...n of Windows HKEY_LOCAL_MACHIN E SOFTWARE Research In Motion BlackBerry Enterprise Server Agents UDPPort On a 64 bit version of Windows HKEY_LOCAL_MACHIN E SOFTWARE WOW6432Node Research In Motion Blac...

Page 459: ...data connections to the BlackBerry Dispatcher TCP 3200 incoming data connections from and outgoing data connections to the BlackBerry Configuration Database that a Microsoft SQL Server hosts TCP 1433...

Page 460: ...r UI where you can configure the connection for a Microsoft SQL Server incoming data connections from and outgoing data connections to the BlackBerry Configuration Database and BlackBerry Monitoring S...

Page 461: ...to the BlackBerry Monitoring Service console TCP 55503 BlackBerry Configuration Panel BlackBerry Policy Service connection types and port numbers Item Connection type Default port number UI where you...

Page 462: ...nection types and port numbers Item Connection type Default port number UI where you can configure the connection incoming data connections from the BlackBerry Dispatcher that use SRP TCP 3101 BlackBe...

Page 463: ...ndows HKEY_LOCAL_MACHIN E SOFTWARE WOW6432Node Research In Motion BlackBerryRouter TcpPort incoming data connections from and outgoing data connections to BlackBerry devices that use the BlackBerry De...

Page 464: ...rySNMPAgent Parameters UDPPort On a 64 bit version of Windows HKEY_LOCAL_MACHIN E SOFTWARE WOW6432Node Research In Motion BlackBerrySNMPAgent Parameters UDPPort BlackBerry Synchronization Service conn...

Page 465: ...ersion of Windows HKEY_LOCAL_MACHIN E SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Database Port incoming data connections from the BlackBerry database notification system UDP...

Page 466: ...t number UI where you can configure the connection RPC endpoint mapper TCP 135 For more information visit support microsoft com to read article 270836 Microsoft Exchange System Attendant service TCP F...

Page 467: ...unications Server TCP 5060 Microsoft Office Live Communications Server BlackBerry Client for use with Microsoft Office Live Communications Server 2005 connection types and port numbers Item Connection...

Page 468: ...ers Item Connection type Default port number UI where you can configure the connection incoming syslog connections from the following BlackBerry Enterprise Server components BlackBerry Messaging Agent...

Page 469: ...tion type Default port number UI where you can configure the connection listener port for the BlackBerry Enterprise Server events UDP 514 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MAC...

Page 470: ...ackBerry Administration Service instance the BlackBerry Administration Service instance accepts the request because the connection is still available However while the BlackBerry Administration Servic...

Page 471: ...ise Server that is geographically remote from the BlackBerry Configuration Database the BlackBerry Mailstore Service can take an unexpected amount of time to complete the refresh process The refresh p...

Page 472: ...shooting Setting up user accounts You cannot create a user account in the BlackBerry Administration Service Possible cause Possible solution The BlackBerry Administration Service is configured to use...

Page 473: ...ny directory The background process to refresh the user list starts The amount of time that the BlackBerry Administration Service requires to refresh the user list depends on the size of the directory...

Page 474: ...Enterprise Server uses to process Unicode messages Related information Change the character encoding that the BlackBerry Enterprise Server uses to send Unicode messages 81 Troubleshooting Instant mes...

Page 475: ...ion Service instance 3 Click Edit instance 4 On the Proxy mappings tab configure the settings for an authenticated or unauthenticated proxy server Use the default web address 5 Click the Add icon 6 Cl...

Page 476: ...ge on the computer the notification about the instant message disappears from the BlackBerry device and the instant messaging conversation occurs on the computer If the user accepts the notification a...

Page 477: ...with Microsoft Office Live Communications Server 2005 the Microsoft Office Communicator Web Access server is not configured to use forms based authentication and the BlackBerry Collaboration Service i...

Page 478: ...a wireless access point that has an SSID that is stored in one of the profiles on the BlackBerry device Move the BlackBerry device into a wireless coverage area The SSID of the access point is not con...

Page 479: ...es to configure the wireless connection Use a wireless device such as a computer to ping the BlackBerry Router The ping tests whether the BlackBerry Router is on the ACL of the access point If access...

Page 480: ...a laptop computer can connect to the network using DHCP and obtain an IP address Verify in the DHCP logs if they are available that a DHCP was granted to the BlackBerry device Low signal strength is...

Page 481: ...i Fi network for a BlackBerry device yellow or white This indicator displays when a BlackBerry device tries to connect to a Wi Fi network but has not connected yet green This indicator displays when a...

Page 482: ...hentication This field shows the status of the authentication process on the BlackBerry device Local IP Address This field specifies the IP address of the BlackBerry device When a BlackBerry device di...

Page 483: ...nds outside the local network In an enterprise Wi Fi network this field specifies the IP address of the organization s LAN gateway In a personal Wi Fi network this field specifies the internal IP addr...

Page 484: ...ttempt was not successful the field specifies an error state Secure Device IP This field specifies the IP address of the BlackBerry device on the private network that the VPN protects Status This fiel...

Page 485: ...cate that the BlackBerry device uses for VPN authentication if applicable Software Token If you configured a software token for the BlackBerry device this field specifies the serial number of the soft...

Page 486: ...is field specifies the cellular information as received from or sent to the UNC MNC MCC mobile network ID also known as Cell ID of the BlackBerry device and ARFCN Cellular handover to UMA failures Thi...

Page 487: ...the BlackBerry device uses to connect to the BlackBerry Infrastructure IP Used This field specifies the host name or IP address and port number that the BlackBerry device uses to connect to the Black...

Page 488: ...UMA connectivity The UMA profile is not configured correctly 1 On the BlackBerry device in the device options click UMA 2 Verify whether a UMA profile exists 3 If a UMA profile does not exist create...

Page 489: ...age connections 2 Click Wi Fi Options 3 Press the Menu key and click Wi Fi Tools Ping 4 In the Ping Type field perform one of the following actions To ping another wireless device click IP or Name To...

Page 490: ...rts on the BlackBerry Administration Service Possible solution Perform the following actions 1 Make sure that you configured the BlackBerry Administration Service instances to communicate across netwo...

Page 491: ...to use a specific port number and open the port on the firewall by performing the following actions 1 On the computer that hosts a BlackBerry Administration Service instance navigate to drive Program...

Page 492: ...on Import the IT policy rule from an IT policy pack that is available from www blackberry com support For more information about IT policy packs search the BlackBerry Technical Solution Center at www...

Page 493: ...rbon copy BlackBerry CAL A BlackBerry Client Access License BlackBerry CAL limits how many users you can add to a BlackBerry Enterprise Server BlackBerry Domain A BlackBerry Domain consists of the Bla...

Page 494: ...r and download certificates EAP FAST Extensible Authentication Protocol Flexible Authentication via Secure Tunneling EAP GTC Extensible Authentication Protocol Generic Token Card EAP TLS Extensible Au...

Page 495: ...policy An IT policy consists of various IT policy rules that control the security features and behavior of BlackBerry smartphones BlackBerry PlayBook tablets the BlackBerry Desktop Software and the B...

Page 496: ...otocol OEM original equipment manufacturer PAC proxy auto configuration PAP Push Access Protocol PEAP Protected Extensible Authentication Protocol PIM personal information management PIN personal iden...

Page 497: ...ayer Security Triple DES Triple Data Encryption Standard UCS Universal Content Stream UDP IP User Datagram Protocol Internet Protocol UDP User Datagram Protocol UID unique identifier UMA Unlicensed Mo...

Page 498: ...such as documentation provided or made available at www blackberry com go docs is provided or made accessible AS IS and AS AVAILABLE and without condition endorsement guarantee representation or warr...

Page 499: ...ICTION RIM SHALL HAVE NO OTHER OBLIGATION DUTY OR LIABILITY WHATSOEVER IN CONTRACT TORT OR OTHERWISE TO YOU INCLUDING ANY LIABILITY FOR NEGLIGENCE OR STRICT LIABILITY THE LIMITATIONS EXCLUSIONS AND DI...

Page 500: ...pplicable thereto NOTHING IN THIS DOCUMENTATION IS INTENDED TO SUPERSEDE ANY EXPRESS WRITTEN AGREEMENTS OR WARRANTIES PROVIDED BY RIM FOR PORTIONS OF ANY RIM PRODUCT OR SERVICE OTHER THAN THIS DOCUMEN...

Reviews:

No comments

Related manuals for PRD-10459-016 - Enterprise Server For MS Exchange

Samsung HXDU010EB - Story Station 1 TB External Hard... User Manual preview
HXDU010EB - Story Station 1 TB External Hard...
Brand: Samsung Pages: 7
ASCOM TEMS VISUALIZATION 7.1 PROFESSIONAL Datasheet preview
TEMS VISUALIZATION 7.1 PROFESSIONAL
Brand: ASCOM Pages: 8
Xerox DocuColor 45054549 User Addendum preview
DocuColor 45054549
Brand: Xerox Pages: 30
ShoreTel ShoreWare User Manual preview
ShoreWare
Brand: ShoreTel Pages: 25
Crestron e-control Database Manager User Manual preview
e-control Database Manager
Brand: Crestron Pages: 94
Red Hat NETWORK BASIC - USER REFERENCE GUIDE 3.2 User Reference Manual preview
NETWORK BASIC - USER REFERENCE GUIDE 3.2
Brand: Red Hat Pages: 76
PNY S-Cure User Manual preview
S-Cure
Brand: PNY Pages: 15
MMSOFT Design Pulseway User Manual preview
Pulseway
Brand: MMSOFT Design Pages: 85
Red Hat CLUSTER FOR ENTERPRISE LINUX 5.0 Configuration Manual preview
CLUSTER FOR ENTERPRISE LINUX 5.0
Brand: Red Hat Pages: 114
Elecard Converter Studio User Manual preview
Converter Studio
Brand: Elecard Pages: 76
eCopy 3323B001 - imageFORMULA ScanFront 220e Installation And Setup Manual preview
3323B001 - imageFORMULA ScanFront 220e
Brand: eCopy Pages: 192
MINOLTA-QMS Crown Document Option Commands Reference Manual preview
Crown Document Option Commands
Brand: MINOLTA-QMS Pages: 134
Oce XMPie User Manual preview
XMPie
Brand: Oce Pages: 22
AAS Tassman User Manual preview
Tassman
Brand: AAS Pages: 177
Calyx Point 7 User Manual preview
Point 7
Brand: Calyx Pages: 537
Xerox FREEFLOW 701P25032 System Manual preview
FREEFLOW 701P25032
Brand: Xerox Pages: 112
Xerox FREEFLOW 701P46740 Security Manual preview
FREEFLOW 701P46740
Brand: Xerox Pages: 38
TC Electronic ASSIMILATOR KONNEKT User Manual preview
ASSIMILATOR KONNEKT
Brand: TC Electronic Pages: 18

Brands by name

Popular brands

Load more brands