manualshive.com logo in svg

Blackberry PRD-10459-003 - Enterprise Server For IBM Lotus Domino, Руководство администратора, Страница: 272 / 420

Поделиться
Скачать
Blackberry PRD-10459-003 - Enterprise Server For IBM Lotus Domino Скачать руководство пользователя страница 272

After you finish: Turn on Integrated Windows authentication when BlackBerry device users access resources on your

organization's network.

Related topics

Restarting BlackBerry Enterprise Server components, 327

Turn on Integrated Windows authentication so that users can access

resources on your organization's network

Before you begin:

Configure the Microsoft® Active Directory® account to access resources on your organization's network.

If required, configure BlackBerry® MDS Connection Service to use a Microsoft Active Directory account when

the messaging server is in a remote Microsoft Active Directory domain.

1. In the BlackBerry Administration Service, on the Servers and components menu, expand BlackBerry solution

topology > BlackBerry Domain > Component view.

2. Click MDS Connection Service.
3. Click Edit component.
4. In the Integrated authentication turned on drop-down list, click Yes.
5. For each Microsoft Active Directory account, provide the following information:

• In the Delegation user domain field, type the FQDN (for example, ldap.example.com).
• In the Delegation user name field, type the user name.
• In the Password and Confirm fields, type the password.

6. Click Save all.
7. On the HTTP tab, click Edit component.
8. In the Authentication support enabled drop-down list, click Yes.
9. Click Save all.
10. On the Pull URL Patterns tab, specify web address patterns for the intranet sites or shared folders that you want

to permit BlackBerry device users to access (for example, intranet_site(:80)?(\/.*)?). The web address patterns

are based on Java® regular expressions. Consider specifying the following web address patterns:
• Specify .*\:.*\/.* as the web address pattern so that you can prevent users from using any other web address

patterns to access intranet sites or shared network folders.

• Specify .* as the web address pattern for OCSP, LDAP, and TCP to permit users to communicate with OCSP

servers, LDAP servers, or TCP servers.

11. On the Access control rules tab, create a pull rule for each of the web address patterns that you specified. When

you create the pull rule, in the Authentication drop-down list, click Integrated or Integrated and RSA.

12. Click Save all.
13. Assign the pull rules to the users or groups that you want to access intranet sites or shared network folders.
14. On the Servers and components menu, expand BlackBerry solution topology > BlackBerry Domain >

Component view > MDS Connection Service.

15. Click a BlackBerry MDS Connection Service instance.

Administration Guide

Configuring Integrated Windows authentication so that users can access resources on your

organization's network

270

Содержание PRD-10459-003 - Enterprise Server For IBM Lotus Domino

Страница 1: ...BlackBerry Enterprise Server for IBM Lotus Domino Version 5 0 Service Pack 3 Administration Guide ...

Страница 2: ...Published 2011 09 16 SWDT487521 1597421 0916011550 001 ...

Страница 3: ...ation Service using a messaging server account 34 Assign a BlackBerry device to an administrator account 34 4 Using an IT policy to manage BlackBerry Enterprise Solution security 35 Using IT policy rules to manage BlackBerry Enterprise Solution security 35 Preconfigured IT policies 36 Default values for preconfigured IT policies 37 Creating and importing IT policies 40 Create an IT policy 40 Creat...

Страница 4: ...e Policy 53 Extending messaging security to a BlackBerry device 53 Extending messaging security using PGP encryption 54 Extending messaging security using S MIME encryption 54 Extending messaging security using IBM Lotus Notes encryption 57 Enforcing secure messaging using classifications 58 Create a message classification 58 Create a message classification based on an existing message classificat...

Страница 5: ...rver 73 Add a user account 73 Create a user account that is not in the contact list in the BlackBerry Configuration Database 74 Export a list of user accounts 75 Importing a list of user accounts to a BlackBerry Enterprise Server 75 8 Assigning BlackBerry devices to users 78 Preparing to distribute a BlackBerry device 78 Change how the BlackBerry Enterprise Server downloads a user s existing email...

Страница 6: ...n Service and BlackBerry Collaboration Service to fail over automatically 97 Create a BlackBerry Collaboration Service pool for high availability 97 Create a BlackBerry Attachment Service pool for high availability 98 You cannot determine the BlackBerry Attachment Connector that the BlackBerry Enterprise Server or the BlackBerry MDS Connection Service uses 99 Create a BlackBerry Router pool for hi...

Страница 7: ...ransactional replication 113 Prepare the database server that hosts the replicated BlackBerry Configuration Database and configure the subscription 113 Start the BlackBerry Enterprise Server instances 114 Reacting if the BlackBerry Configuration Database that you configured for transactional replication stops responding 114 Return to the BlackBerry Configuration Database when you configured transa...

Страница 8: ...ion rules BlackBerry Device Software 142 Reconciliation rules Standard application settings 142 Reconciliation rules Application control policies 143 Reconciliation rules Application control policies for unlisted applications 144 13 Alternative methods for installing BlackBerry Java Applications on BlackBerry devices 145 Installing BlackBerry Java Applications on BlackBerry devices without using t...

Страница 9: ...56 Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that use Kerberos 157 Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that use LTPA 157 Configuring the BlackBerry MDS Connection Service to authenticate devices to the RSA Authentication Manager 158 Configuring how the BlackBerry MDS Connec...

Страница 10: ...ssage filters 176 Create an email message filter that applies to all user accounts on a BlackBerry Enterprise Server 176 Turn on an email message filter that applies to all user accounts on a BlackBerry Enterprise Server 177 Create an email message filter that applies to a specific user account 177 Turn on an email message filter that applies to a specific user account 178 Copying existing email m...

Страница 11: ...ient files for the BlackBerry Web Desktop Manager in a Windows GPO for Windows Vista 192 Configure the Microsoft ActiveX Installer on Windows Vista 193 Configure users computers to install the client file for the BlackBerry Web Desktop Manager automatically 193 Make the BlackBerry Web Desktop Manager available to users 195 18 Configuring the BlackBerry Web Desktop Manager 196 Permit users to activ...

Страница 12: ...Configure LEAP authentication data for BlackBerry devices using a Wi Fi profile 212 Configuring PEAP authentication 213 Configure PEAP authentication data for BlackBerry devices using a Wi Fi profile 213 Prerequisites Distributing a certificate using the BlackBerry Desktop Manager 214 Distribute a certificate using the BlackBerry Desktop Manager 214 Configure PEAP configuration settings in the Wi ...

Страница 13: ... authentication 229 Turn on single sign on authentication for the BlackBerry Administration Service 230 BlackBerry Administration Service web addresses and BlackBerry Web Desktop Manager web addresses that support BlackBerry Administration Service single sign on 230 Changing password settings for BlackBerry Administration Service authentication 231 Change password settings for BlackBerry Administr...

Страница 14: ...Change how IT policies are sent to BlackBerry devices 248 Change how to install update or remove BlackBerry Java Applications 249 Change how to install or update the BlackBerry Device Software 250 Change how the BlackBerry Enterprise Server sends standard application settings to BlackBerry devices 251 Managing the distribution settings for a specific job 252 Specify the start time and priority for...

Страница 15: ...y MDS Connection Service when the messaging server is located in a remote Microsoft Active Directory domain 269 Turn on Integrated Windows authentication so that users can access resources on your organization s network 270 Restricting the push application content that users can receive 271 Restrict push applications from sending data to BlackBerry devices 271 Create push initiators for push appli...

Страница 16: ...cific user account 281 Specify the location of organizer data 282 Specify the location that the BlackBerry Messaging Agent uses to find organizer data 282 29 Managing your organization s messaging environment and attachment support 283 Managing message forwarding 283 Forward email messages to a BlackBerry device when no filter rules apply 283 Do not deliver email messages to a BlackBerry device wh...

Страница 17: ...tact databases a user can access from the BlackBerry device 295 Configuring access to documents on remote file systems 295 Configure the BlackBerry MDS Connection Service to communicate with a remote file system 296 Add communication information to a BlackBerry MDS Connection Service configuration set 297 Assign a BlackBerry MDS Connection Service configuration set to a BlackBerry MDS Connection S...

Страница 18: ...rors on devices 314 Configuration levels using the BlackBerry Enterprise Trait Tool 314 Turn on corrective calendar synchronization 314 View the current settings for corrective calendar synchronization 315 Permit corrective calendar synchronization to correct errors automatically 316 Configure the range of days to check for calendar synchronization errors 316 Configure when corrective calendar syn...

Страница 19: ...L key to a text file 339 Configuring the BlackBerry Mail Store Service instance that updates the contact list 340 How the BlackBerry Mail Store Service instances update multiple contact lists 340 Configure the BlackBerry Mail Store Service instance that updates the contact list 340 Configure how users search for email addresses in a Hosted BlackBerry services environment 341 Configuring BlackBerry...

Страница 20: ...tion Service connection types and port numbers 367 BlackBerry Attachment Service connection types and port numbers 369 BlackBerry Collaboration Service connection types and port numbers 370 BlackBerry Configuration Database connection types and port numbers 371 BlackBerry Controller connection types and port numbers 372 BlackBerry Dispatcher connection types and port numbers 373 BlackBerry Messagi...

Страница 21: ...Instant messaging 391 Users cannot view phone numbers for contacts in the BlackBerry Client for IBM Lotus Sametime 391 A user did not accept a notification about an instant message on a computer and the notification disappeared 392 A user receives a 301 error when the user logs in to an instant messaging application on a BlackBerry device 393 Troubleshooting BlackBerry Web Desktop Manager 394 Trou...

Страница 22: ...38 Provide feedback 415 39 Legal notice 416 ...

Страница 23: ...ing the BlackBerry instant messaging client You can use the BlackBerry Monitoring Service to monitor and troubleshoot issues with BlackBerry Enterprise Server instances and monitor the activity of device users You can configure the BlackBerryEnterpriseServerandtheBlackBerryEnterpriseServercomponentstosupporthighavailabilitytoenhance the consistency and reliability of your organization s environmen...

Страница 24: ...cessary change existing IT policies or create new IT policies Configuring security options Section Using an IT policy to manage BlackBerry Enterprise Solution security Add user accounts to the BlackBerry Enterprise Server Configuring user accounts Section Adding a user account to the BlackBerry Enterprise Server Create groups Configuring user accounts Section Creating groups Add user accounts to g...

Страница 25: ...olicies Section Application control policies for unlisted applications Create software configurations for BlackBerry Java Applications Sending software and BlackBerry Java Applications to BlackBerry devices Section Creating software configurations Assign software configurations for BlackBerry Java Applications to groups multiple user accounts or individual user accounts Sending software and BlackB...

Страница 26: ...ponents and for the BlackBerry Configuration Database Configuring BlackBerry Enterprise Server high availability Configuring BlackBerry Configuration Database high availability Use the BlackBerry Monitoring Service to troubleshoot issues and monitor the health of a BlackBerry Enterprise Server Visit www blackberry com go serverdocs to see the BlackBerry Enterprise Server Monitoring Guide Change ho...

Страница 27: ...04 error message when it tries to connect to a BlackBerry Administration Service instance 387 There is a problem with this website s security certificate Description The browser displays this error message when you try to navigate to the BlackBerry Administration Service or BlackBerry Monitoring Service using Windows Internet Explorer version 7 or later Possible solution Add the web address for th...

Страница 28: ...ick Trusted Root Certification Authorities d Click OK 13 Close and reopen the browser This connection is untrusted Description The browser displays this error message when you try to navigate to the BlackBerry Administration Service or BlackBerry Monitoring Service using Mozilla Firefox 3 6 Possible solution Install the certificate for the BlackBerry Administration Service or BlackBerry Monitoring...

Страница 29: ...is assigned all the permissions that are turned on for each of the roles Youcanalsoassignrolestogroupsandaddadministratoraccountstogroups Thisallowsyoutospecifyadministrative role permissions at a group level instead of at an individual level If the group contains BlackBerry device users the roles are also assigned to the users and the users become administrators Preconfigured administrative roles...

Страница 30: ...IT policy X X X View an IT policy X X X X X Edit an IT policy X X X Import an IT policy X X X Export an IT policy X X X Create a user defined IT policy template X X X Delete a user defined IT policy template X X X Edit a user defined IT policy template X X X Import an IT policy template X X X Resend data to devices X X X Create a software configuration X X X View a software configuration X X X X X...

Страница 31: ...o a user X X X X X Turn off and on external services X X X X Clear activation password X X X X X Clear synchronization backup data X X X X Clear user statistics X X X X X Export statistics X X X Reset user field mapping X X X X Turn on redirection X X X X Turn off redirection X X X X Refresh available user list from company directory X X X Add User from Company Directory X X X X Synchronize GroupW...

Страница 32: ...y X X X View job distribution settings X X X Edit job distribution settings X X X Delete an instance X X X Edit license keys X X X View license keys X X X Manually fail a job X X X Clear instance statistics X X X View push rules for the BlackBerry MDS Connection Service X X X X X X View pull rules for the BlackBerry MDS Connection Service X X X X X Send message across Group X X X X X Create a role...

Страница 33: ...formation in the BlackBerry Administration Service BlackBerry Monitoring Service and BlackBerry Web Desktop Manager For example you can create a role that has all permissions turned off by default and you can customize the role by turning on specific permissions You can also create a role that is based on a preconfigured role and customize the role that you create Create a role You can create a ro...

Страница 34: ...ll After you finish Assign the role to an administrator account or group Create an administrator account You create an account for administrators to enable them to log in to the BlackBerry Administration Service and manage the BlackBerry Enterprise Server You create an administrator account and assign the account to one or more administrator roles The roles control the actions that an administrato...

Страница 35: ...rs 3 Search for an administrator account 4 In the search results click the display name for the administrator account 5 Click Edit user 6 On the Groups tab in the Available groups list click the group that you want to add the administrator account to 7 Click Add 8 Click Save all Related topics Create a group to manage similar user accounts 72 SpecifyanemailaddressfortheBlackBerryAdministration Ser...

Страница 36: ... Click the Update icon 10 Click Save all Assign a BlackBerry device to an administrator account You can assign a BlackBerry device to an administrator without creating a separate user account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for an administrator account 4 Click the display name for the administrator acco...

Страница 37: ...account or group the BlackBerry Enterprise Server sends the Default IT policy If you delete an IT policy that you assigned to the user account or group the BlackBerry Enterprise Server automatically re assigns the Default IT policy to the user account and resends the Default IT policy to the device For more information see the BlackBerry Enterprise Server Policy Reference Guide Using IT policy rul...

Страница 38: ...erscanusetounlocktheirdevices Usersmustchangethepasswords regularly The IT policy includes a password timeout that locks devices Medium Password Security Similar to the Default IT policy this policy also requires a complex password thatuserscanusetounlocktheirdevices Usersmustchangethepasswords regularly This policy includes a maximum password history and turns off Bluetooth technology on devices ...

Страница 39: ...policy Advanced Security IT policy Advanced Security with No 3rd Party Application s IT policy Device Only Items Enable Long Term Timeout Yes Yes Yes Yes Maximum Security Timeout 30 minutes 10 minutes 10 minutes 10 minutes 10 minutes Maximum Password Age 60 days 30 days 30 days 30 days 30 days Password Pattern Checks no restriction no restriction at least 1 alpha and 1 numeric character at least 1...

Страница 40: ...Applications Yes Yes Security policy group Allow Outgoing Call When Locked No Yes Content Protection Strength Strong Strong Disable Cut Copy Paste No No Disable Forwarding Between Services No Yes Disable USB Mass Storage No Yes Yes Disallow Third Party Application Download No Yes Yes External File System Encryption level Not required Encrypt to user password excluding multimedia directories Encryp...

Страница 41: ... Yes Service Exclusivity policy group Allow Other Calendar Services Yes Yes Allow Other Message Services Yes Yes Bluetooth policy group Disable Address Book Transfer No Yes Yes Disable Discoverable Mode No Yes Yes Yes Yes Disable File Transfer No Yes Yes Disable Serial Port Profile No Yes Yes Require LED Connection Indicator No Yes Yes Wi Fi policy group Wi Fi Allow Handheld Changes Yes No No No N...

Страница 42: ...T policies 3 In the list of IT policies click the IT policy that you want to copy 4 Click Copy IT policy 5 Type a name and description for the new IT policy 6 Click Save 7 To change the IT policy settings perform the following actions a In the IT policy information section click the IT policy b Click Edit IT policy c On a tab for an IT policy group change the appropriate values for the IT policy r...

Страница 43: ...u expand Policy 3 Click Manage IT policy rules 4 Click Import IT policy definitions 5 Navigate to and select the XML file that contains the IT policy rules for example ITPolicyTemplate082409 xml 6 Click Save Change the value for an IT policy rule 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Policy 2 Click Manage IT policies 3 In the IT policy informa...

Страница 44: ...y When the device receives an updated IT policy or a new IT policy the device BlackBerry Desktop Software and BlackBerry Web Desktop Manager apply the configuration changes immediately By default the BlackBerry Enterprise Server is designed to resend an IT policy to the device within a short period of time after you update the IT policy using the BlackBerry Administration Service You can also rese...

Страница 45: ...Enterprise Server must determine which IT policy to apply to the user account You must use one of the following reconciliation options Method Description Apply one IT policy to the user account The BlackBerry Enterprise Server applies one of the group IT policies to the user account You specify rankings for the available IT policies using the BlackBerry Administration Service and the BlackBerry En...

Страница 46: ...e uses predefined rules to determine which IT policy it can apply to a user account The BlackBerry Administration Service might have to reconcile conflicting IT policies if you perform any of the following actions add an IT policy to or remove an IT policy from a user account or group change an IT policy change the ranking of IT policies delete an IT policy Scenario Rule You add a new user account...

Страница 47: ...IT policies 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Policy 2 Click Manage IT policies 3 Click Set priority of IT policies 4 To move the IT policies higher or lower in the list click the up arrow icon or down arrow icon 5 Click Save Option 2 Applying multiple IT policies to each user account You can configure the BlackBerry Enterprise Server to a...

Страница 48: ...ssign to a group takes precedence over the Default IT policy applied at the BlackBerry Domain level A user account belongs to multiple groups You assign multiple IT policies to the groups but you do not assign an IT policy to the user account If you assign multiple IT policies to the groups that the user account belongs to the BlackBerry Enterprise Server resolves the IT policy rule settings in th...

Страница 49: ...k Switch method to resolve multiple IT policies 4 Click Yes Switch the method Related topics Option 1 Applying one IT policy to each user account 44 Option 2 Applying multiple IT policies to each user account 45 Rank IT policies You must rank the IT policies that you create so that the BlackBerry Enterprise Server can resolve IT policy conflicts when a user account is a member of multiple groups t...

Страница 50: ...ied To prevent BlackBerry devices that do not have IT policies applied to them from remaining active on a BlackBerry Enterprise Server you can change the Disable users with unapplied IT policy option to True The Disable user time limit hours option specifies the amount of time that BlackBerry devices can be active on a BlackBerry Enterprise Server without having an IT policy applied to the BlackBe...

Страница 51: ...rules to control device applications and features Create an IT policy rule for a third party application 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Policy 2 Click Create an IT policy rule 3 Type a name and description for the IT policy rule 4 In the Type drop down list click the type of value that the IT policy rule uses 5 In the Destination drop d...

Страница 52: ... encryption password field type a password so that the BlackBerry Enterprise Server can encrypt the IT policy data file 5 Click Export 6 Click Download file 7 Click Save 8 Browse to a location on a local or network drive where you want to save the data file 9 Click Save 10 Click Close Delete an IT policy 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand P...

Страница 53: ...se Server uses the strongest algorithm that both the BlackBerry Enterprise Server and the BlackBerry device support for BlackBerry transport layer encryption If you configure the BlackBerry Enterprise Serverto support AES and Triple DES by default the BlackBerry Enterprise Solution generates device transport keys using AES encryption If a BlackBerry device uses BlackBerry Device Software version 3...

Страница 54: ...a specific device PINs range of device PINs specific manufacturers specific device models The BlackBerry Administration Service includes lists of permitted manufacturers and models of devices that you associated with the BlackBerry Enterprise Server previously You can permit a user to override the Enterprise Service Policy so that a device can connect to the BlackBerry Enterprise Server even if yo...

Страница 55: ...ew allowed PINs field type the PIN for the BlackBerry device Click the Add icon 6 To remove a BlackBerry device from the list on the Remove existing allowed PINs tab search for the PIN for the BlackBerry device In the search results select the PIN for the BlackBerry device 7 Click Save All Permit a user to override the Enterprise Service Policy Before you begin Turn on the Enterprise Service Polic...

Страница 56: ...ones is designed to support encoding and decoding Unicode messagesandpermitsPGPencryptionusingkeysorpasswords ThePGPSupportPackageforBlackBerrysmartphones permits the BlackBerry device to encrypt PGP protected email messages or PGP protected PIN messages using a password that the sender and recipient both know For more information about the OpenPGP format see RFC 2440 For more information about th...

Страница 57: ...ich the sender and recipient each know to encrypt S MIME protected email messages or PIN messages ability to read S MIME certificates that are stored on a smart card Configure the BlackBerry Enterprise Solution to support S MIME encryption 1 Configure encryption options for S MIME protected messages on the BlackBerry Enterprise Server 2 If required configure message classifications for email messa...

Страница 58: ...n the Use PKCS 7 MIME type drop down list click True 5 Click Save all 6 To make sure that the changes take effect immediately perform the following actions to restart the BlackBerry Messaging Agent a On the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view BlackBerry Enterprise Server b Click the BlackBerry Enterprise Server instance that includes the...

Страница 59: ...ult To require the BlackBerry device user to use Lotus Notes encryption when forwarding or replying to messages you can configure the Require Notes Native Encryption For Outgoing Messages IT policy rule To prevent a BlackBerry device user from forwarding or replying to Lotus Notes protected messages you can configure the Disable Notes Native Encryption Forward And Reply IT policy rule Configure Bl...

Страница 60: ...e email messages determines the type of S MIME message protection or PGP message protection that applies to the email messages If a user does not select a message classification by default the BlackBerry device applies the first classification in the message classification list on the BlackBerry device You can change the order that the BlackBerry device lists the classifications in The message pro...

Страница 61: ... Edit IT policy 5 On the Security tab at the bottom of the screen click the Copy icon beside the message classification that you want to copy 6 In the Message classification display name field type a name for the message classification that you copied 7 If necessary change the subject suffix that you want to append in parentheses to the email message subject 8 If necessary click the minimum action...

Страница 62: ...llowing actions can only encrypt PIN messages sent to other devices on your organization s network that use the same PIN encryption key can only decrypt PIN messages that are sent from devices that use the global PIN encryption key or PIN messages from other devices on your organization s network that use the same PIN encryption key cannot decrypt PIN messages sent from devices that use a PIN encr...

Страница 63: ...rite data in the BlackBerry device memory that the BlackBerry device no longer uses The BlackBerry device runs the garbage collection process when any of the following conditions exist You or a BlackBerry device user turns on content protection for the BlackBerry device An application uses the RIM Cryptographic API to create a private key or symmetric key A third party application turns on the gar...

Страница 64: ...the S MIME Support Packagefor BlackBerry smartphones on the BlackBerry device and a private key exists on the BlackBerry device The BlackBerry device user installs the PGP Support Package for BlackBerry smartphones on the BlackBerry device and a private key exists on the BlackBerry device If you or the BlackBerry device user turns on the memory cleaner application Java based garbage collection pro...

Страница 65: ...rver documentation specifies that you can Run the BlackBerry Configuration Panel as an administrator Consider the following guidelines if you are running the BlackBerry Configuration Panel on Windows Server 2008 Log in to the computer with a user account that is in the Administrator group on the Windows Server Right click the BlackBerry Configuration Panel icon and click Run as administrator Use W...

Страница 66: ...onnection Service and the BlackBerry Collaboration Service to use a pac file The BlackBerry Enterprise Server components support only one pac file 1 In the BlackBerry Administration Service in the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Expand the appropriate BlackBerry Enterprise Server component 3 Click the instance that you want to chan...

Страница 67: ...owing actions To configure a proxy server click PROXY In the Proxy string field type the proxy server name and port number using the following format proxy_server port To exclude the web address from routing through the proxy server click DIRECT 7 Click the Add icon for the proxy item If you add more than one proxy item use the Up and Down icons to set the priority for the proxy items 8 Click the ...

Страница 68: ...k Shell Utility netsh exe with Windows Server 2008 Windows Internet Explorer To automatically select a proxy server you can use one of the following methods enable the Web Proxy Autodiscovery Protocol using the BlackBerry Enterprise Trait Tool specify a URL for a PAC file using Windows Internet Explorer Configuring manual proxy selection for a BlackBerry Administration Service instance Depending o...

Страница 69: ...roxy server in the HKEY_CURRENT_USER Software Microsoft Windows CurrentVersion Internet Settings registry key Configure the BlackBerry Administration Service to use the Web Proxy Autodiscovery Protocol to select a proxy server automatically If you want to configure the BlackBerry Administration Service to use the Web Proxy Autodiscovery Protocol to selectaproxyserverautomatically youmustusetheBlac...

Страница 70: ...ernet Explorer 3 Click Tools Internet Options 4 On the Connections tab click LAN settings 5 Select Use automatic configuration script 6 In the Address field type the URL for the PAC file 7 Click OK 8 Click OK Configuring the BlackBerry Administration Service to authenticate with a proxy server If your organization s proxy server requires authentication you must configure the BlackBerry Administrat...

Страница 71: ...istration Service instance uses a Type traittool BASServer name trait BASProxyBasicAuthUID set user_name where name is the host name of the computer that hosts the BlackBerry Administration Service instance and user_name is the user name for example user01 blackberry com or blackberry com user01 for that computer b Type traittool BASServer name trait BASProxyBasicAuthPassword set password where na...

Страница 72: ...You can configure multiple BlackBerry Enterprise Server instances to use the same central push server to transfer application data to and from BlackBerry devices and to manage HTTP requests from the BlackBerry Browser Before you begin Specify a BlackBerry MDS Connection Service as a central push server 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry ...

Страница 73: ... expand BlackBerry Solution topology BlackBerry Domain Component view Collaboration 2 Click the instance that you want to change 3 Click Edit instance 4 On the Supported Dispatcher instances tab in the Available Dispatcher instances list click the BlackBerry Enterprise Server instance that you want to use the BlackBerry Collaboration Service 5 Click Add 6 Repeat steps 4 and 5 for each BlackBerry E...

Страница 74: ...rry Administration Service on the BlackBerry solution management menu expand Group 2 Click Create a group 3 In the Group information section type a name and description for the group 4 Click Save After you finish Add properties to the group Add user accounts to the group Related topics Change the properties of a group 243 Add user accounts to a group 72 Add user accounts to a group You can add use...

Страница 75: ...nvironment the server that you add the user account from require a replica of the primary IBM Lotus Domino Directory Related topics Assigning BlackBerry devices to users 78 Add a user account You can add a user account to the BlackBerry Enterprise Server assign a BlackBerry device to a user account and activate the BlackBerry device The user account must exist on your organization s messaging serv...

Страница 76: ...ice did not yet synchronize the contact information for the user account to the BlackBerry Configuration Database If the BlackBerry Mail Store Service did not synchronize the contact information and you create a user account the BlackBerry Administration Service does not display the user account in the search results 1 In the BlackBerry Administration Service on the BlackBerry solution management ...

Страница 77: ...r accounts on a BlackBerry Enterprise Server The csv file can include the following information user accounts that you want to create names of the groups you want to add the user accounts to activation passwords and expiry times that you want to assign to the user accounts The BlackBerry Administration Serviceprocesses actions in the order that they appear in the csv file If the BlackBerry Adminis...

Страница 78: ...the values must be provided on every line of the csv file If the field is set to generate the password is automatically generated by the BlackBerry Administration Service and the final two fields of each csv line must be empty The activation password will expire if the user does not activate the BlackBerry device on the BlackBerry Enterprise Server before the password timeout elapses The default v...

Страница 79: ... 5 Navigate to the csv file that contains the user accounts that you want to import 6 Click Next 7 Perform the appropriate actions for the user accounts Create multiple user accounts by importing the user accounts from a csv file You can import a list of user accounts from a csv file and add them to a BlackBerry Enterprise Server The user accounts must exist on your organizations messaging server ...

Страница 80: ...rver can synchronize up to 3000 messages from the previous 30 days 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Email 2 Click the instance that you want to change 3 Click Edit instance 4 On the Messaging tab in the Message prepopulation settings section perform the following actions To specify the...

Страница 81: ...iving replacement BlackBerry devices can activate the BlackBerry devices by connecting the BlackBerry devices to a computer that hosts the BlackBerry Web Desktop Manager over your organization s Wi Fi network You can activate Wi Fi enabled BlackBerry devices over your organization s Wi Fi network If you add a user account that was previously located on another BlackBerry Enterprise Server in a dif...

Страница 82: ...ck Save all Wireless activation The wireless activation process activates BlackBerry devices on the BlackBerry Enterprise Server over the wireless network Neither you nor the users are required to connect the BlackBerry devices to a computer to complete the activation process You can use wireless activation process to activate a large number of BlackBerry devices over the wireless network When use...

Страница 83: ...he BlackBerry device on the BlackBerry Enterprise Server a potentially malicioususerwhocanaccesstheactivationpasswordcanconnectanother BlackBerry device to the BlackBerry Enterprise Server and assume the identity of the intended user When a user activates a BlackBerry device on the BlackBerry Enterprise Server the activation password becomes inactive and a potentially malicious user cannot reuse i...

Страница 84: ... make sure that the activation message that users receive on their computers conforms to your organization s messaging policies you can customize the default activation message 1 In the BlackBerry Administration Service on the Devices menu expand Wireless activations 2 Click Device activation settings 3 Click Edit activation settings 4 In the Email initialization message section perform the follow...

Страница 85: ... BlackBerry Desktop Manager is associated with During the activation process the BlackBerry Desktop Manager prompts users to associate the BlackBerry devices with their work email accounts and generate encryption keys When users complete the activation process the BlackBerry Enterprise Serversends email messages and organizer data to the BlackBerry devices through the BlackBerry Router If a connec...

Страница 86: ... one or more BlackBerry Router instances in the chain can act as a gateway for other network traffic For more information about Wi Fi enabled BlackBerry devices see the BlackBerry Enterprise Server Feature and Technical Overview Prerequisites Configuring a BlackBerry Router for BlackBerry device activations over the enterprise Wi Fi network On the computer that you installed the BlackBerry Router ...

Страница 87: ...and port Type the server name and the server port number for the SMTP server 5 If the SMTP server requires authentication specify the SMTP login name and SMTP password 6 In the From address for ETP messages field type the email address that you want to use as the From address The ETP message is the email message that the BlackBerry Router sends to the users mailboxes during the activation process ...

Страница 88: ...ss View activations page search for the user account Confirm that the activation is successful Related topics Restarting BlackBerry Enterprise Server components 327 Troubleshooting Connections to the Wi Fi network 394 Administration Guide Assigning BlackBerry devices to user accounts 86 ...

Страница 89: ...Berry Administration Service might not display up to date information about the availability state The failover status specifies whether the BlackBerry Enterprise Server instance is a primary instance or standby instanceandwhethertheBlackBerryEnterpriseServerinstanceisrunningasexpected The BlackBerryAdministration Servicereceivesthisinformation inrealtime from the BlackBerry EnterpriseServerinstan...

Страница 90: ...rise Server is in an acceptable state you can move the promotion threshold so that it is higher than the failover threshold An acceptable state provides only the BlackBerry services that your organization considers essential For failover to occur only when the standby BlackBerry Enterprise Server is in a healthier state than the primary BlackBerry Enterprise Server you can move the promotion thres...

Страница 91: ...ary BlackBerry Enterprise Server cannot connect to the messaging server and the standby BlackBerry Enterprise Server cannot browse the Internet the standby BlackBerry Enterprise Server cannot promote itself because it is not sufficiently healthy Configuring failover to occur when the standby BlackBerry Enterprise Server is in a healther state than the active BlackBerry Enterprise Server If you mov...

Страница 92: ... health parameters and thresholds click the Up and Down icons 5 Click Save Health parameters for the failover threshold and promotion threshold Health parameter Description Wireless network access This health parameter indicates whether the BlackBerry Router can access the wireless network You cannot configure the failover threshold or promotion threshold so that they are above this health paramet...

Страница 93: ... BlackBerry Enterprise Server components can connect to the BlackBerry Configuration Database Push application access This health parameter indicates whether the BlackBerry MDS Connection Service can push application data to BlackBerry devices BlackBerry Collaboration Service This health parameter indicates whether the BlackBerry Collaboration Service can provide services for the collaboration cli...

Страница 94: ... parameters at a BlackBerry Domain level and for a BlackBerry Enterprise Serverpair the percentage of the health parameters for the BlackBerry Enterprise Server pair overrides the percentage of the health parameters at the BlackBerry Domain level Change when automatic failover occurs by customizing the health parameters for user accounts and messaging servers Beforeyoubegin If youwantto changethep...

Страница 95: ...ou can type traittool exe global trait ServerHealthPercentage set 60 Prerequisites Configuring the BlackBerry Enterprise Server pair to fail over automatically Install a primary BlackBerry Enterprise Server Replicate the state databases and the profile database from the primary BlackBerry Enterprise Server to the standby BlackBerry Enterprise Server For more information about replicating databases...

Страница 96: ...utomatic failover event and notify you when an automatic failover event occurs Whenanautomaticfailovereventoccurs theprimaryBlackBerryEnterpriseServerandstandbyBlackBerryEnterprise Server write the time and reason at logging level 5 Verbose in the log files for the BlackBerry Dispatcher BlackBerry Controller and BlackBerry Messaging Agent The BlackBerry Controller and BlackBerry Dispatcher instanc...

Страница 97: ...ist choose the standby BlackBerry Enterprise Server instance 5 Click Yes Failover to standby instance 6 Verify that the failover event occured Fail over the BlackBerry Enterprise Server manually using the BlackBerry Configuration Panel You can use the BlackBerry Configuration Panel to force the primary BlackBerry Enterprise Server to perform a failover process if it is not running as expected or i...

Страница 98: ...Berry Enterprise Server Planning Guide Create a BlackBerry MDS Connection Service pool for high availability 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view BlackBerry Enterprise Server 2 If you configured BlackBerry Enterprise Server pairs expand the pair name 3 Click the name of the BlackBerry Ente...

Страница 99: ... off automatic connections failover Related topics Fail over the BlackBerry MDS Connection Service or BlackBerry Collaboration Service manually 103 Create a BlackBerry Collaboration Service pool for high availability To configure BlackBerry Collaboration Service high availability you can create a BlackBerry Collaboration Service pool for each BlackBerry Enterprise Server by associating multiple Bl...

Страница 100: ...nt Service instances with each BlackBerry Enterprise Server Within each pool you can create primary and secondary groups For more information see the BlackBerry Enterprise Server Planning Guide 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Attachment Connector 2 Click the BlackBerry Attachment Conn...

Страница 101: ...ackBerry Attachment Service The other instance connects the BlackBerry MDS Connection Service to the BlackBerry Attachment Service During the installation process the setup application gives both BlackBerry Attachment Connector instances a name that includes the computer name for example computer_name _AC The BlackBerry Administration Service displays the names of both the BlackBerry Attachment Co...

Страница 102: ...ackBerry Enterprise Server Planning Guide 1 In the BlackBerry Administration Service on the Servers and components menu click BlackBerry Solution topology BlackBerry Domain Component view BlackBerry Enterprise Server 2 Click the name of the BlackBerry Enterprise Serveror the name of the BlackBerry Enterprise Serverpair that you want to assign the BlackBerry Router pool to 3 Click Edit instance 4 I...

Страница 103: ...mber 80 By default the port number is 3101 7 In the Windows Services restart the BlackBerry Router service Creating a BlackBerry Administration Service pool using DNS round robin that includes the BlackBerry Web Desktop Manager When you install the BlackBerry Administration Service BlackBerry Web Desktop Manager or both the setup application installs the BlackBerry Administration Service services ...

Страница 104: ...th each other If the BlackBerry Administration Service instances are located in different network subnets and your organization s network configuration does not permit multicast UDP across the network subnets you must configure the BlackBerry Administration Service instances to use TCP to communicate with each other For example if your organization uses a UDP peer to peer firewall filter you must ...

Страница 105: ...nize button 4 Click OK 5 On the computer that hosts a BlackBerry Administration Service instance in the Windows Services restart the BlackBerry Administration Service services 6 If the BlackBerry Administration Service instance uses a self signed certificate on the computers that host the other BlackBerry Administration Service instances in the Windows Services restart the BlackBerry Administratio...

Страница 106: ...y Monitoring the high availability status or job deployment status using the BlackBerry Administration Service When you navigate to a BlackBerry Administration Service page that displays the high availability status or job deployment status the BlackBerry Administration Service displays the high availability status of the BlackBerry Enterprise Server BlackBerry Collaboration Service or BlackBerry ...

Страница 107: ...instance 5 On the Supported MDS Connection Service instances tab remove the BlackBerry MDS Connection Service instance from the list of current instances 6 Click Save all Remove a BlackBerry Collaboration Service instance from a pool You can remove a BlackBerry Collaboration Service instance from a pool if your organization no longer requires it or to troubleshoot an issue 1 In the BlackBerry Admi...

Страница 108: ..._AC_EMAIL_13 3 Click Edit instance 4 Click the Supported Attachment Server Instances tab 5 Click the Delete icon for the BlackBerry Attachment Service instance that you want to remove 6 Click Save all Remove a BlackBerry Router instance from a pool You can remove a BlackBerry Router instance from a pool if it is no longer required or to troubleshoot an issue 1 In the BlackBerry Administration Serv...

Страница 109: ...database server Configure the database servers to permit access from remote computers Verify that the Microsoft SQL Server Agent uses a domain user account with the local administrative permissions set to the same permissions as the Windows account that runs the BlackBerry Enterprise Server services Verify that the domain user account has permissons on both database servers so that each Microsoft ...

Страница 110: ...on Service BlackBerry Dispatcher BlackBerry Attachment Service BlackBerry Controller all of the remaining BlackBerry Enterprise Server services that connect to the BlackBerry Configuration Database 2 Repeat step 1 for each BlackBerry Enterprise Server component that connects to the BlackBerry Configuration Database Configure database mirroring for the BlackBerry Configuration Database For more inf...

Страница 111: ...BlackBerry Enterprise Server services 2 Repeat step 1 for each BlackBerry Enterprise Server component that connects to the BlackBerry Configuration Database Related topics Restarting BlackBerry Enterprise Server components 327 Configure the BlackBerry Enterprise Solution to support database mirroring When you configure the BlackBerry Enterprise Solution to support database mirroring the BlackBerry...

Страница 112: ...e mirroring parameters to the components When you resend the database mirroring parameters the BlackBerry Administration Service adds a registry key to the computers that host the components The registry key includes the name of the Microsoft SQL Server that hosts the mirror database CAUTION If you resend the database mirroring parameters more than once but you do not restart the BlackBerry Enterp...

Страница 113: ...onent that connects to the BlackBerry Configuration Database Create the replicated BlackBerry Configuration Database from a backup Before you begin Back up the BlackBerry Configuration Database with the Backup type option set to Full 1 CopythebackupfilefromthedatabaseserverthathoststheBlackBerry ConfigurationDatabasetothedatabase server that will host the replicated BlackBerry Configuration Databa...

Страница 114: ... field type the network location of the snapshot folder Click Next 6 In the list of databases select the BlackBerry Configuration Database name Click Next 7 Click Transactional publication Click Next 8 In the Objects to publish list select Tables Stored Procedures Views and User Defined Functions 9 If you installed the BlackBerry database notification system on the computer expand Tables and clear...

Страница 115: ...ver that hosts the replicated BlackBerry Configuration Database 3 Click Replication 4 Right click Local Subscriptions Click New Subscription 5 Inthelistofpublishers selectthenameofthedatabaseserverthathoststheBlackBerryConfigurationDatabase 6 In the list of databases and publications select the publication for the BlackBerry Configuration Database Click Next 7 Select Run each agent at its Subscrib...

Страница 116: ...s 327 ReactingiftheBlackBerryConfigurationDatabasethatyou configured for transactional replication stops responding If a BlackBerry Configuration Database that you configured for one way transactional replication stops responding you must configure all BlackBerry Enterprise Server instances and BlackBerry Enterprise Server components that connect to the BlackBerry Configuration Database to connect...

Страница 117: ...nfiguration Database 4 Run the setup application to permit each BlackBerry Enterprise Serverinstance and BlackBerry Enterprise Server component to connect to the BlackBerry Configuration Database Configuring a new mirror BlackBerry Configuration Database If the principal BlackBerry Configuration Databasestops responding and the BlackBerry Enterprise Serverfails over automatically to the mirror Bla...

Страница 118: ...ntrol policies If you permit users to install unlisted applications you must create an application control policy for unlisted applications that specifies what resources the applications can access When you assign a software configuration to a group or individual user accounts the BlackBerry Administration ServicecreatesadeploymentjobtoinstalltheBlackBerryDeviceSoftwareand BlackBerryJavaApplicatio...

Страница 119: ...x file that contains information about the application If a directory structure is described in the alx file that directory structure must be represented in the zip file For more information about creating BlackBerry Java Applications and alx files visit www blackberry com developers to see the BlackBerry Java Development Environment Development Guide Before you distribute BlackBerry Java Applicat...

Страница 120: ...rprise Server instances must have access to the shared network folder 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click BlackBerry Administration Service 3 Click Edit component 4 In the Software management section in the BlackBerry Administration Service application shared network drive field t...

Страница 121: ...ublish application Specify keywords for a BlackBerry Java Application You can specify keywords for a BlackBerry Java Application You can use the keywords to search for the application in the application repository 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Software Applications 2 Click Manage applications 3 Search for an application 4 In the search...

Страница 122: ...ttings make the BlackBerry Java Application optional on the BlackBerry device Users can install and run the BlackBerry Java Application on their BlackBerry devices Standard Disallowed When you apply the application control policy to a BlackBerry Java Application rule settings prevent users from installing the BlackBerry Java Application on BlackBerry devices Users cannot install and run the BlackB...

Страница 123: ...s to a user account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Software Applications 2 Click Manage applications 3 Search for a BlackBerry Java Application 4 In the search results click a BlackBerry Java Application 5 In the Application versions section click the version of the application that you want to create a custom application control policy...

Страница 124: ... and assign it to user accounts so that you can send BlackBerry Device Software BlackBerry Java Applications and standard application settings to BlackBerry devices you must configure whether the software configuration permits users to install and use applications that are not included in the software configuration also known as unlisted applications When you configure whether unlisted application...

Страница 125: ...devices and one for unlisted applications that you do not permit on BlackBerry devices You can also create custom application control policies for unlisted applications that are optional For more information about the rule settings in application control policies for unlisted applications see the BlackBerry Enterprise Server Policy Reference Guide 1 In the BlackBerry Administration Service on the ...

Страница 126: ...erry Java Applications to control application permissions and the data that the applications can access specify that a BlackBerry Java Application is not permitted specifywhetherBlackBerryJavaApplicationsthatyoudonotincludeinthesoftwareconfigurationarepermitted or not permitted configure the access permissions for BlackBerry Java Applications that you do not include in the software configuration i...

Страница 127: ...dd BlackBerry Device Software configurations and BlackBerry Java Applications to the software configuration Add a BlackBerry Java Application to a software configuration You must add a BlackBerry Java Application to a software configuration and assign the software configuration to user accounts to install the BlackBerry Java Application on BlackBerry devices over the wireless network To upgrade an...

Страница 128: ... 3 Click a group 4 Click Edit group 5 On the Software configuration tab in the Available software configurations list click a software configuration 6 Click Add 7 Repeat steps 5 and 6 for each software configuration that you want to assign 8 Click Save all Related topics Create a group to manage similar user accounts 72 View the status of a job 128 Managing the default distribution settings for jo...

Страница 129: ...puter If you do not want to install BlackBerry Java Applications on a BlackBerry device over the wireless network and you do not want the user to install the BlackBerry Java Applications using the BlackBerry Web Desktop Manager or BlackBerry Desktop Software you can install the BlackBerry Java Applications on a BlackBerry device by connecting the BlackBerry device to a central computer that can ac...

Страница 130: ...a job that is running 136 View the status of a task Each deployment job consists of multiple tasks Each task delivers a specific object or setting to a BlackBerry device that carries out an action for example updating BlackBerry Device Software installing or removing a BlackBerry Java Application or applying updated IT policy settings or application settings You can view the status of tasks If a B...

Страница 131: ...ackBerry Policy Service sends application data to a BlackBerry device as a group of application modules If the BlackBerry Policy Service does not deliver one of the application modules to the BlackBerry device the remaining application modules are not delivered to the BlackBerry device You can try to resend the BlackBerry Java Application to the BlackBerry device SendApp failed due to error gettin...

Страница 132: ...ice Software version that is running on the BlackBerry device Device reported Data Format Error in packet while installing module An error occurred in the BlackBerry Policy Service that prevented the BlackBerry device from installing the BlackBerry Java Application Inthelogfilesthatyoucollected locatetheuseraccountthatexperiencedtheissue Tracetheinstallationactivity Device reported a s error while...

Страница 133: ...lication Inthelogfilesthatyoucollected locatetheuseraccountthatexperiencedtheissue Tracetheinstallationactivity Error messages BlackBerry Device Software tasks To troubleshoot errors that display for a task when you are updating BlackBerry Device Software on a BlackBerry device you can try to determine the cause by collecting the following information BlackBerry Policy Service log files from the d...

Страница 134: ...ted with the BlackBerry device does not support the BlackBerry Device Software update You can verify that the BlackBerry device model the current BlackBerry Device Softwareversion and the vendor ID that are associated with the BlackBerry device support the BlackBerry Device Software update 0x03 disallowed by IT policy An IT policy rule in an IT policy that you assigned to the user account does not...

Страница 135: ... application performs the update and the user no longer has the option to defer the update Upgrade rejected An error or inconsistency exists in the BlackBerry Device Software files that are available from the BlackBerry Infrastructure Upgrade failed rollback complete After the update application downloaded and applied the current BlackBerry Device Software patch files to the BlackBerry device an e...

Страница 136: ...kBerry Synchronization Service log files from the day the issue was reported log level 6 recommended system event logs copy of the BlackBerry Configuration Database SQL trace of the BlackBerry Synchronization Service that communicates with the BlackBerry Configuration Database For information about changing the log level for a BlackBerry Enterprise Server component visit www blackberry com support...

Страница 137: ...Berry Synchronization Service received an invalid command from the BlackBerry device Related topics Restarting BlackBerry Enterprise Server components 327 Error messages IT policy tasks To troubleshoot errors that display for a task when you send an IT policy to a BlackBerry device or update an IT policy on a BlackBerry device you can try to determine the cause by collecting the following informat...

Страница 138: ...password criteria that you configured using IT policy rules Sequence Processing Stopped due to error processing SET_IT_POLICY_COMMAND command The BlackBerry Policy Service can send the IT policy data to a BlackBerry device in a group of commands If the IT policy command is not delivered to the BlackBerry device the remaining commands in the group are not delivered to the BlackBerry device You can ...

Страница 139: ... ID of the job that you want to stop You can only stop jobs with a Running status 5 Click Stop Current Execution 6 Click Yes Stop Current Execution Related topics View the status of a job 128 Managing the default distribution settings for jobs 247 Managing the distribution settings for a specific job 252 View the users that have a BlackBerry Java Application installed on their BlackBerry devices 1...

Страница 140: ...cations To view how the BlackBerry Administration Service resolved conflicts that involve the standard application settings in BlackBerry Device Software configurations click View Resolved BlackBerry Device Software application settings 6 View the appropriate information about how the BlackBerry Administration Service resolved the software configuration conflicts for the user account Reconciliatio...

Страница 141: ...s BlackBerry Java Applications Scenario Rule Multiple software configurations are assigned to a user account or the groups the user belongs to Multiple BlackBerry Java Applications are contained in each software configuration The BlackBerry Java Applications in each software configuration are installed on the BlackBerry device If the BlackBerry Device Software does not support a specific BlackBerr...

Страница 142: ...er the optional disposition and the optional disposition takes precedence over the disallowed disposition The BlackBerry Administration Service resolves the deployment method after resolving the disposition of an application The deployment method specified for an application in a software configuration that is assigned to a user account takes precedence over the deployment method for the same appl...

Страница 143: ...s assigned to a user account and it contains a BlackBerry Java Application that has a dependency on another BlackBerry Java Application The dependent application is not supported on the BlackBerry device If a dependent application is not supported by the BlackBerry device or was not installed successfully on the BlackBerry device the application with the dependency is not installed on the user s B...

Страница 144: ...tandard application settings is assigned to a group that the user account belongs to The standard application settings in a software configuration that is assigned to a user account take precedence over the standard application settings in a software configuration that is assigned to a group A user account belongs to multiple groups The calendar initialviewsettingisconfigureddifferentlyineachofthe...

Страница 145: ...application settings are configured differently in the software configurations that are assigned to the groups The Locked and visible setting takes precedence over the Unlocked and visible setting The Unlocked and visible setting takes precedence over the Unlocked and hidden setting Standard application settings are configured in a software configuration and assigned to user accounts with BlackBer...

Страница 146: ...er the application control policy for unlisted applications in a software configuration that is assigned to a group A software configuration that defines unlisted applications as disallowed is assigned to a user account A software configuration that defines unlisted applications as optional is also assigned to the user account If unlisted applications are defined as disallowed in a software config...

Страница 147: ...r Eclipse to generate cod files that contain the compiled application code for a BlackBerry Java Application BlackBerry devices execute cod files to run BlackBerry Java Applications The BlackBerry JDE and the BlackBerry Java Plug in for Eclipse also include tools to generate jad files or alx descriptor files that provide information about a BlackBerry Java Application that is used when the applica...

Страница 148: ...re a full installation of the BlackBerry Desktop Software Install BlackBerry Java Applications using a web browser on BlackBerry devices You can install a BlackBerry Java Application on a BlackBerry device by installing the files for the BlackBerry Java Application on a web server and instructing the user to browse to the appropriate web address on the BlackBerry device Users can download the Blac...

Страница 149: ...plication code The application loader tool requires these files so that it can install the BlackBerry Java Application on BlackBerry devices required modules Some BlackBerry Java Applications require modules that are part of the BlackBerry Device Software The required modules are listed in the alx file in a requires tag If the required modules do not exist on the BlackBerry device you need to inst...

Страница 150: ... MIDlet convert the jar file to a cod file For more information about how to compile java and jar file formats into the cod file format visit www blackberry com developers to read the BlackBerry Java Development Environment Development Guide For more information about the BlackBerry Application Web Loader and a sample development template visit www blackberry com go docs to read the BlackBerry App...

Страница 151: ...tion Web Loader is 32 MIDlet support The BlackBerry Application Web Loader supports CLDC applications that reference the BlackBerry API or MIDlets that have been converted to the cod file format Enable the BlackBerry Application Web Loader on a web server Before you begin Obtain the jad and cod files for the BlackBerry Java Application from the application developer vendor or wireless service prov...

Страница 152: ...ionfiles Youcanmake the standalone application loader tool available from a shared network folder and provide users with a link to run the tool and install the BlackBerry Java on their BlackBerry devices The users must connect their BlackBerry devices to their computers to install the BlackBerry Java Application You must install the BlackBerry Device Manager on users computers so that users can us...

Страница 153: ...red modules do not exist on the BlackBerry device you must install the required BlackBerry Device Software on the BlackBerry device For more information about application dependencies visit www blackberry com developers to read the BlackBerry Java Development Environment Development Guide required BlackBerry Java Applications To configure a BlackBerry Java Application as required on a BlackBerry d...

Страница 154: ...re you begin Verify that BlackBerry Device Manager version 4 1 or later is installed on the user s computer When you distribute the link to the shared network folder to users specify the loading command using the following format USB shared_computer_name Research In Motion Apploader loader exe defaultUSB forceload Install the BlackBerry Java Application using the standalone application loader tool...

Страница 155: ...r computers Users are responsible for completing the installation This method has the following disadvantages You cannot control when users install the BlackBerry Java Application Installing a BlackBerry Java Application on BlackBerry devices over the wireless network can result in increased network usage Prerequisites Installing BlackBerry Java Applications using a web browser on BlackBerry devic...

Страница 156: ...web server that hosts the web page After you finish Select a distribution method for example an email message or an intranet web page that you can use to provide users with the web address for the web page that you created Install the BlackBerry Java Application using a web browser on the BlackBerry device Send these instructions to users 1 Open a web browser on the BlackBerry device 2 Navigate to...

Страница 157: ...tion Service in your organization s BlackBerry Domain to act as a central push server If a BlackBerry MDS Connection Service in your organization s environment is earlier than version 5 0 it is not designated as a central push server automatically when it starts Related topics Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry MDS Connection Service 70 Specify a B...

Страница 158: ...MDS Connection Service 3 Click Edit component 4 OntheHTTPtab intheProtocol service informationsection intheAuthenticationsupportenableddrop down list perform one of the following actions If you want BlackBerry devices to authenticate to content servers directly click No If you want the BlackBerry MDS Connection Service to store authentication information and perform HTTP authentication on behalf o...

Страница 159: ...ure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that use LTPA BlackBerry devices that are running BlackBerry Device Softwareversion 3 8 or later manage how HTTP cookies are stored and used to authenticate to content servers that use LTPA authentication technology For BlackBerry devices thatusepreviousversionsoftheBlackBerryDeviceSoftware youmustpermi...

Страница 160: ...rry MDS Connection Service If required in the RSA Authentication Manager delete the node secret data for the computer that hosts the BlackBerry MDS Connection Service If required delete the node secret data that is located on the computer that hosts the BlackBerry MDS Connection Service Retrieve the RSA Authentication API version 5 0 3 2 from RSA Configure the BlackBerry MDS Connection Service to ...

Страница 161: ...rn on for Intranet only If you want users to use RSA authentication for web addresses or intranet addresses that you specify select Turn on for specific sites only 5 In the RSA authentication timeout field type a number in minutes to specify how long devices that the RSA Authentication Manager authenticates can remain connected to your organization s network while the users are active By default t...

Страница 162: ...ervice closes the HTTP connection to the BlackBerry device The default timeout limit is 120 000 milliseconds 2 minutes 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click MDS Connection Service 3 Click Edit component 4 On the HTTP tab in the Protocol service information section in the Device conn...

Страница 163: ...rtificate to open HTTPS connections to the BlackBerry MDS Connection Service to push application data and application updates to the BlackBerry devices that are assigned to that BlackBerry MDS Connection Service You can use the Java keytool to create a self signed certificate for the BlackBerry MDS Connection Service or you can import a signed certificate from a trusted public certification author...

Страница 164: ... tomcat keyalg RSA keystore webserver keystore b Type the required information c To confirm the information that you typed type Yes Add a publicly signed certificate to the key store a Type keytool import trustcacerts alias tomcat file trustedserver cer keystore webserver keystore b Type the key store password c When prompted click Yes 3 Copy the key store file to drive Program Files Research In M...

Страница 165: ... to the key store at the prompt type Yes After you finish If the certificate does not exist import the certificate to drive Program Files Java JRE version lib security cacerts Permitpushapplicationstoselectthetransportprotocolfor PAP requests By default when a push application sends a PAP request to the BlackBerry MDS Connection Service the BlackBerry MDS Connection Service directs requests to an ...

Страница 166: ...dress of the web server For example type to represent all web servers or type https domain com to specify all web servers in a specific domain For more information about regular expressions in Java visit java sun com j2se 1 4 2 docs api java util regex Pattern html and java sun com docs books tutorial essential regex literals html 6 In the Settings section in the Allow untrusted servers drop down ...

Страница 167: ...ML The BlackBerry MDS Connection Service searches each LDAP server using LDAP or DSML in the order that you specify If you configure the BlackBerry MDS Connection Service to use both LDAP and DSML to search and retrieve certificates the BlackBerry MDS Connection Service searches the servers using LDAP and then searches the servers using DSML After the BlackBerry MDS Connection Service retrieves th...

Страница 168: ... 5 Click Save all After you finish To configure the BlackBerry MDS Connection Service to retrieve the status of certificates configure the OCSP and CRL server information Add the communication information that you configured for the LDAP server to the BlackBerry MDS Connection Service configuration set Related topics Add communication information to a BlackBerry MDS Connection Service configuratio...

Страница 169: ...for the DSML certificate server that you want the BlackBerry MDS Connection Service to search b In the Service URL field type the FQDN of the DSML certificate server for example http server01 rim com 1234 dsml adssoap dsmlx c In the Settings section if you do not want the BlackBerryMDSConnectionServicetosearchtheentire directory tree in the Base query field type the search base that the BlackBerry...

Страница 170: ...tion Service to authenticate to OCSP servers on behalf of BlackBerry devices and to retrieve the status of certificates 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click MDS Connection Service 3 On the OCSP tab click Edit component 4 Perform the following actions Configure the BlackBerry MDS Co...

Страница 171: ...ure the CRL handler to use the CRL responder extension in a certificate 5 Perform one of the following tasks Task Steps Create a CRL server configuration a Type the CRL server name and the web address for the server b Click the Add icon Change an existing CRL server configuration a Click the Edit icon beside the CRL server b Click the Accept icon 6 Click Save all After you finish Add the communica...

Страница 172: ... the order that you specify The order of that you specify for LDAP DSML or file communication applies to each communication method separately The order permits the BlackBerry MDS Connection Service to resolve conflicts between domains if you created multiple communication methods for a specific URL 9 Perform one of the following actions To add a new configuration set click the Add icon To update a...

Страница 173: ...rry MDS Connection Service copy the cer file to drive Program Files Java JRE_version lib security 3 At a command prompt navigate to drive Program Files Java JRE_version bin 4 Type keytool import trustcacerts alias alias_name file cert_filename keystore cacerts 5 Type the key store password 6 To add the certificate to the key store at the command prompt type Yes After you finish For more informatio...

Страница 174: ...pand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click the instance that you want to change 3 Click Edit instance 4 On the General tab in the Flow control section in the Maximum data amount permitted per connection field type a number in KB 5 Click Save all Specify the pending content timeout limit for a BlackBerry MDS Connection Service You can specify h...

Страница 175: ...MDS Connection Service 2 Click the instance that you want to specify the thread pool size for 3 Click Edit instance 4 On the General tab in the Socket connection settings section in the Thread pool size field type a number between 100 and 1000 5 Click Save all Specify the maximum number of scalable socket connections You can specify the maximum number of scalable socket connections that can be ope...

Страница 176: ...calable HTTP drop down list click No 5 Click Save all Specify the port number that the web server listens on for push application requests You can specify the port number that the web server listens on for HTTP requests and HTTPS requests from server side push applications You should change the default port parameters only if a port conflict exists with another service on the same computer 1 In th...

Страница 177: ...e The default interval is 5 minutes 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click the instance that you want change 3 Click Edit instance 4 On the General tab in the Database section in the Database admin configuration cycle timer field type a time in minutes 5 Click ...

Страница 178: ...erry Enterprise Server applies the changes immediately Create an email message filter that applies to all user accounts on a BlackBerry Enterprise Server 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Email 2 Click the instance that you want to change 3 Click Edit instance 4 On the Email message fil...

Страница 179: ...xpand User 2 Click Manage users 3 Search for a user account 4 In the search results click the name of the user account 5 Click Edit user 6 In the Messaging configuration section click Default configuration 7 On the Email tab in the Email message filter name field type a name for the email message filter 8 In the Email message filter rules section configure the options for the email message filter ...

Страница 180: ...opying existing email message filters to another BlackBerry Enterprise Server You can copy the existing email message filters for a BlackBerry Enterprise Serverand apply them to other instances of the BlackBerry Enterprise Server To create a copy of existing email message filters you can export the existing email message filters for a BlackBerry Enterprise Server as an xml file You can then import...

Страница 181: ...that you can use it with other user accounts Export email message filters for a user account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the name of the user account 5 In the Messaging configuration section click Default configuration 6 On the Email tab click Export ...

Страница 182: ...multiple extension plug ins to a BlackBerry Messaging Agent you can define the order that the BlackBerry Messaging Agent uses the extension plug ins to process email messages in Install an extension plug in application To add an extension plug in to the BlackBerry Administration Service you must first install the application for the extension plug in on the computer that hosts the BlackBerry Enter...

Страница 183: ...rocess to load extension plug ins to process email messages If you do not add an extension plug in to the BlackBerry Administration Service and you install the extension plug in application on the computer that hosts the BlackBerry Enterprise Server the extension plug inisloadeddirectlybytheBlackBerryMessagingAgentinsteadoftheextensionprocess Tostabilizeandmanage your organization s messaging envi...

Страница 184: ...gy BlackBerry Domain Component view Email 2 Click the instance that you want to change 3 Click Edit instance 4 In the State database pruning section in the Turn on state database pruning options click Yes 5 In the Remove deleted messages from state database after field type a number of days that is greater than 30 The default value is 183 days 6 In the Remove created messages from state database a...

Страница 185: ...t field in an email application to a contact list field on a BlackBerry device 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the display name for the user account 5 Click Edit user 6 In the Messaging configuration section click Default configuration 7 On the Mappings f...

Страница 186: ...mail application to a BlackBerry device 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the display name for the user account 5 Click Edit user 6 In the Messaging configuration section click Default configuration 7 On the Mappings for organizer data synchronization tab i...

Страница 187: ...he email address that is assigned to the device For more information about the enrollment process see the BlackBerry Enterprise Solution Security Technical Overview You can make the certificate enrollment process required so that devices automatically start the certificate enrollment process after the devices receive the updated IT policy from the BlackBerry Enterprise Server If you do not make th...

Страница 188: ...ion topology BlackBerry Domain Component view 2 Click MDS Connection Service 3 Click Edit component 4 On the HTTP tab in the Name field type the certificate authority name 5 In the Service URL field type the URL that the BlackBerry MDS Connection Service can use to send certificate requests to the certification authority using the following format http FQDN_of_CA_server port_number for example htt...

Страница 189: ...he configuration set Click the Add icon To change an existing configuration set click the Edit icon 5 In the Priority Service group drop down list click the name of the service that you want to configure the communication method for 6 In the Service Name Description drop down list click the name of the communication method that you want to configure 7 Click the Add icon 8 To specify the communicat...

Страница 190: ...e on the Instance information tab in the Status list click Restart instance 7 To assign the BlackBerry MDS Connection Service configuration set to another BlackBerry MDS Connection Service instance repeat steps 3 to 7 Add certificate information to a Wi Fi profile You must add the name of the certification authority profile that contains certificate information to a Wi Fi profile The name of the c...

Страница 191: ...he BlackBerry Enterprise Server deletes the existing certificate from the BlackBerry Configuration Database when the certificate enrollment process starts for a new certificate Also if a certificate is expired or revoked you or a BlackBerry device user can update the certificates on the device using the certificate synchronization tool in the BlackBerry Desktop Software or by copying an updated ce...

Страница 192: ...the certificate authority The default interval is 60 minutes application handler pkcs10 poolsize If the certificate authority requires a certificate administrator to approve certificate requests this property specifies the maximum number of simultaneousworkerthreadsthatcanmanagependingcertificaterequests The default pool size is 100 worker threads application handler pkcs10 logging This property s...

Страница 193: ...Related topics Configuring the BlackBerry Web Desktop Manager 196 Publish the client files for the BlackBerry Web Desktop Manager in a Windows GPO for Windows XP If you use Microsoft Active Directory you can create a Windows GPO to make sure that the browser settings are correct for your organization s environment Alternatively you can check the browser settings on users computers and if necessary...

Страница 194: ... the BlackBerry Web Desktop Manager in a Windows GPO for Windows Vista Before you begin Add the web address for the BlackBerry Administration Service to the list of trusted web sites in the web browser Download and install the Microsoft Group Policy Management Console with Service Pack 1 For more information about installing the service pack see www microsoft com 1 Open the Microsoft Exchange Mana...

Страница 195: ...r the BlackBerry Web Desktop Manager automatically You can create a new Windows GPO so that you can add the registry key HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion Internet Settings UseCoInstall to users computers When you add the registry key the users computers install the RIMWebComponents msi file and other Microsoft ActiveX controls automatically The Windows GPO adds the regi...

Страница 196: ...ion Administrative Templates 8 Right click Administrative Templates Perform one of the following actions If the computer uses Windows 2000 Server clear the View Show Policies Only option If the computer uses Windows Server 2003 click View Filtering Clear the Only show policy settings that can be fully managed check box 9 Right click Administrative Templates Click Add Remove Templates 10 Add the En...

Страница 197: ...ou want to display the changes on the login screen you must direct users to https full_computer_name webdesktop app page Login service page orgId 0 Send users the following information BlackBerry Web Desktop Manager web page address IBM Lotus Domino Internet user names and passwords that you configured for the users in your messaging environment Administration Guide Make the BlackBerry Web Desktop...

Страница 198: ... Manager to activate BlackBerry devices using a wired connection to a computer 1 In the BlackBerry Administration Service in the Servers and components menu expand BlackBerry Solution Topology BlackBerry Domain Component view 2 Click BlackBerry Administration Service 3 Click Edit component 4 On the BlackBerry Web Desktop Manager information tab perform one of the following actions To permit users ...

Страница 199: ...on Service 3 Click Edit component 4 On the BlackBerry Web Desktop Manager information tab in the Device backup domains field type a domain that permits the user to back up data 5 Click the Add icon 6 Repeat steps 4 and 5 for each domain that you want to add 7 Click Save all Change the text colors in the BlackBerry Web Desktop Manager You can change the text colors in BlackBerry Web Desktop Manager...

Страница 200: ...ecifies the hexadecimal color value of the text in the BlackBerry Web Desktop Manager headers and the text in the tab links that point to web pages that the user is not currently visiting ffffff white Font color 7 This text color specifies the hexadecimal color value of the text in the available BlackBerry Web Desktop Manager menu and text in the option links 005387 blue Font color 8 This text col...

Страница 201: ...e the domain name to users when you send their login information to them 1 In the BlackBerry Administration Service in the Servers and components menu expand BlackBerry Solution Topology BlackBerry Domain Component view 2 Click BlackBerry Administration Service 3 Click Edit component 4 On the Microsoft Active Directory authentication tab in the Login domain section in the Default domain field type...

Страница 202: ...ite survey and assign channels If your organization does not use a switched enterprise Wi Fi network and your organization has multiple subnets configure the subnets to cover the same physical area The configuration can affect how users send or receive calls Assign an SSID to each access point or each group of access points that share an SSID If users can roam between the access points configure a...

Страница 203: ...ses Permit all access points to use the AAA server If you configure service specific access security create a captive portal login You must configure user accounts in your organization s environment Perform the following actions Create authentication credentials for the user accounts If your organization uses EAP TLS EAP TTLS or PEAP authentication methods permit the BlackBerry Enterprise Server t...

Страница 204: ...rm the following task if you want users to configure a Wi Fi profile for the Wi Fi networks that you did not create a Wi Fi profile for in the BlackBerry Administration Service By default new Wi Fi profiles appear at the end of the Wi Fi profile list on the BlackBerry device 1 On the Home screen or in the application list click Manage Connections 2 Click Set Up Wi Fi Network 3 Perform the instruct...

Страница 205: ...er accounts 4 Click the name of the user account that you want to assign a Wi Fi profile to 5 Click Edit user 6 On the Wi Fi profiles tab in the Wi Fi profile name section in the drop down list click the Wi Fi profile 7 If required in the Wi Fi user specific settings section specify the login information for the Wi Fi profile 8 Click the Add icon 9 Click Save all When you assign a Wi Fi profile to...

Страница 206: ...sociate the VPN profile with the Wi Fi profile for the user account Depending on your organization s security policy you can save a user name and password to a BlackBerry device to prevent the BlackBerry device from prompting the user for the login information the first time or each time the BlackBerry device connects to the enterprise Wi Fi network Create a VPN profile 1 In the BlackBerry Adminis...

Страница 207: ...ution management menu expand Group 2 Click Manage groups 3 In the Manage groups section click the group that you want to assign a VPN profile to 4 On the VPN profiles tab click Edit group 5 In the Available VPN profiles list click the profile that you want to assign to the group and click Add Repeat for any additional profiles that you want to assign to the group 6 Click Save When you assign a VPN...

Страница 208: ...configuration 2 Click Manage Wi Fi profiles 3 Click the name of the Wi Fi profile 4 Click Edit profile 5 On the Wi Fi profile settings tab in the Wi Fi associations section in the Associated VPN Profile drop down list click the VPN profile that you want to associate with the Wi Fi profile 6 Click Save All After you finish To update the BlackBerry device information immediately resend the IT policy...

Страница 209: ...n more than one action to a user account create multiple rows for the user account If you are using a text editor to create the csv file include a comma after the value that appears in each field in each row If a field does not contain a value include only a comma in the field If you are using a text editor to create the csv file include a character return at the end of each row If you are using a...

Страница 210: ... Name Attribute Type Action User Name Password 16 Westlee Barichak wbarichak rim com wlan_1 WLAN UPDATE update_username update_ password 8 Sherisse Da Silva 2072C4B7 sdasilva rim com wifi_1 WLAN UPDATE update_username up date_password Example Removing profile information from user accounts User Id Display Name PIN Email Address Logon Name Attribute Name Attribute Type Action User Name Password 8 L...

Страница 211: ...s required Password ThisfieldspecifiesthepasswordthattheBlackBerrydevicecanusetoaccess the enterprise Wi Fi network or VPN if a password is required You can include quotation marks in the password Import profile information from a csv file The BlackBerry Administration Service processes actions in the order that they appear in the csv file If two actions that you listed in the file contradict each...

Страница 212: ...ackBerry device is WEP key 0 in the configuration settings and WEP key 2 on the BlackBerry device is WEP key 1 in the configuration settings You type or copy the WEP keys for the access points as a string of hexadecimal digits BlackBerry devices do not support a WEP passphrase Configure WEP keys for BlackBerry devices using a Wi Fi profile If BlackBerry device users in your organization s environm...

Страница 213: ...Solution supports PSK encryption see the BlackBerry Enterprise Server Security Technical Overview Configure PSK encryption data for BlackBerry devices using a Wi Fi profile If BlackBerry device users in your organization s environment use BlackBerry 7270 smartphones you must configure passphrases using IT policy rules instead of configuration settings Before you begin Obtain the passphrase for the...

Страница 214: ...tings Before you begin Using the wireless access point configure the LEAP settings to accept SSID association requests from users that have the credentials that you specify or to identify the authentication server that the Wi Fi enabled BlackBerry devices use to verify user credentials For more information see the documentation for your organization s access points Configure strong password polici...

Страница 215: ... about how the BlackBerry Enterprise Solution supports PEAP authentication see the BlackBerry Enterprise Server Security Technical Overview Configure PEAP authentication data for BlackBerry devices using a Wi Fi profile If BlackBerry device users in your organization s environment use BlackBerry 7270 smartphones you must configure user names and passwords using IT policy rules instead of configura...

Страница 216: ...icate or both you can distribute the certificates using BlackBerry Desktop Manager The BlackBerry device can add the certificates to the list of explicitly trusted certificate authority certificates or the list of client certificates 1 On the user s computer right click the certificate Click Install certificate 2 Click Next 3 Click Place all certificates in the following store 4 Click Browse 5 Per...

Страница 217: ...ion server 7 Select the Inner link security type 8 If your organization does not use EAP MS CHAPv2 if necesssary in the Token list select the token type 9 If necesssary in the Server subject field type the server name in the server certificate in URL format for example server1 domain com or server1 domain net If you leave the field blank the BlackBerry device skips over it during server authentica...

Страница 218: ...erry Desktop Manager or you can enroll the certificate over the wireless network You must configure a Wi Fi profile to provide the user name and password for authentication For more information about how the BlackBerry Enterprise Solution supports EAP TLS authentication see the BlackBerry Enterprise Server Security Technical Overview Configure EAP TLS authentication data for BlackBerry devices usi...

Страница 219: ... the authentication server certificate 8 In the Client certificate list click the user certificate 9 Ifnecessary intheServersubjectfield typetheservernameintheservercertificate inURLformat forexample server1 domain com or server1 domain net If you leave the field blank the BlackBerry device skips over it during server authentication 10 If necessary in the Server SAN field type the alternative name...

Страница 220: ...ry device users in your organization s environment use BlackBerry 7270 smartphones you must configure user names and passwords using IT policy rules instead of configuration settings 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Policy Wi Fi configuration 2 Click Manage Wi Fi profiles 3 Click the name of the Wi Fi profile that you want to change 4 Cli...

Страница 221: ... net If you leave the field blank the BlackBerry device skips over it during server authentication 10 If your organization use dynamic IP addresses verify that the Automatically obtain IP address and DNS option is selected 11 Verify that the Allow inter access point handover option is selected 12 If necesssary select the Prompt before connection check box If you do not select the check box the Bla...

Страница 222: ...g the BlackBerry Desktop Manager 214 Creating and configuring Wi Fi profiles 200 Send EAP FAST authentication data to a BlackBerry device using a Wi Fi profile If BlackBerry users in your organization s environment use BlackBerry 7270smartphones you must configure user names and passwords using IT policy rules instead of configuration settings 1 In the BlackBerry Administration Service on the Blac...

Страница 223: ...n the BlackBerry device in the device options click Wi Fi Connections 2 Click the Wi Fi profile that you want to change 3 Click Edit 4 In the Security Type list select EAP FAST 5 Type the user name and password for the messaging server 6 In the Inner link security list click the security type 7 If necessary in the Token list select the token type 8 If your organization uses dynamic IP addresses ve...

Страница 224: ...Berry Enterprise Solution Security Technical Overview Prerequisites Configuring BlackBerry devices for RSA authentication To perform tasks in the RSA Authentication Manager see the RSA Authentication Manager documentation and the documentation for the RSA SecurID token In the RSA Authentication Manager configure the following policies for the PINs of the software tokens in your organization s envi...

Страница 225: ...nd time on the BlackBerry devices with the date and time on the users computers After you finish Assign the Wi Fi profile to the user accounts Resend the IT policy to BlackBerry devices Configure RSA authentication over a Wi Fi network using a software token You must add the serial number of the software token that the Wi Fi enabled BlackBerry devices can use to a Wi Fi profile so that RSA authent...

Страница 226: ...se to authenticate to a Wi Fi network or VPN network to the user accounts Depending on the number of software token records that are available to you you can assign up to three software tokens to each user account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 Click the display name for the user a...

Страница 227: ...11 Click Save all Administration Guide Assign software tokens to a user account 225 ...

Страница 228: ...alias httpssl keystore drive Program Files Research In Motion BlackBerry Enterprise Server BAS bin web keystore 3 Using the keytool and the SSL password that you specified when you installed the BlackBerry Administration Service generateanewentryandprivatekeyintheweb keystorefile for example keytool genkey aliashttpssl keypass password keystore drive Program Files Research In Motion BlackBerry Ent...

Страница 229: ... Service can access user account information The BlackBerry Web Desktop Manager uses DIIOP if users authenticate with it using their IBM iNotes credentials You can update the IBM Lotus Domino server information if you want the BlackBerry Administration Service to connect to a different server after you install the BlackBerry Administration Service If you want to configure high availability for the...

Страница 230: ...d Confirm password field type the password for the Microsoft Active Directory account 6 In the User domain field type the name of the Windows domain that is a part of the resource forest 7 In the Global Catalog search base field perform one of the following actions To permit the BlackBerry Administration Service to search the global catalog leave the Global Catalog search base field blank To contr...

Страница 231: ... Active Directory user name and password Ifyouturnonsinglesign onauthentication andyou logintoa computer usinga Microsoft ActiveDirectory account you can bypass the login screen and access the BlackBerry Administration Service and BlackBerry Web Desktop Manager directly The BlackBerry Monitoring Service does not support single sign on authentication Before you turn on single sign on you must confi...

Страница 232: ...inistration Service and BlackBerry Web Desktop Managerto the list of web sites in the local intranet zone and install the certificate for the BlackBerry Administration Service or BlackBerry Web Desktop Manager in the certificate store of their computers BlackBerry Administration Service web addresses and BlackBerry Web Desktop Manager web addresses that support BlackBerry Administration Service si...

Страница 233: ...rd settings for BlackBerry Administration Service authentication 1 In the BlackBerry Administration Service on the Servers and components menu click BlackBerry Solution topology BlackBerry Domain Component view 2 Click BlackBerry Administration Service 3 Click Edit component 4 In the Security settings section change the minimum password length and number of days until the password expires 5 Click ...

Страница 234: ...rvice services 4 OnthecomputersthathosttheremainingBlackBerryAdministrationServiceinstances intheWindowsServices start the BlackBerry Administration Service services Related topics Restarting BlackBerry Enterprise Server components 327 Administration Guide Regenerate the system credentials for the BlackBerry Administration Service 232 ...

Страница 235: ...uter that you used to log in to the BlackBerry Administration Service 2 If you receive a prompt type the device password 3 In the BlackBerry Administration Service on the Devices menu click Attached devices Manage current device 4 Click Remove user data from current device 5 Click Yes Remove user data 6 Click Assign current device 7 Search for the new user account that you want to assign the devic...

Страница 236: ...es the Delete only the organizationdataandremovedeviceITadministrativecommandoverthewirelessnetwork Allpersonaldataremains on the device A BlackBerry device user cannot use the device or make emergency calls while the device deletes the work data The device permanently deletes the following work data Item Description email messages email messages that are sent to the user s work email account and ...

Страница 237: ...onfiguration to the user account to send it to the device For more information see the BlackBerry Enterprise Server Administration Guide 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the PIN for the user account 5 In the Device activation list click Delete only the org...

Страница 238: ... BlackBerry device user locates the device When the user unlocks the device the device prompts the user to accept or reject the new password You can use this command if the device is lost If you or a user turned on content protection and a device is running BlackBerry Device Software 4 3 0 or later you can use this command If you or a user turned on two factor content protection you cannot use thi...

Страница 239: ...rform one of the following actions To delete a user account from the BlackBerry Enterprise Server but retain the BlackBerry Enterprise Server information in the user s mailbox click Delete the user To delete a user account from the BlackBerry Enterprise Server and remove the BlackBerry Enterprise Server information from the user s mailbox click Delete the user and remove the profile document and t...

Страница 240: ...he BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the PIN for the user account 5 In the Device activation section click Delete all device data and remove device 6 In the Erase Data Settings section perform the following actions In the Erase Data Delay hours field type the number...

Страница 241: ...kBerry Enterprise Server information from the user s mailbox click Disable the user and remove the profile document and the state database 8 Click Yes Delete all device data and remove device Administration Guide Using IT administration commands to protect a lost or stolen device 239 ...

Страница 242: ... in again so that the changes can take effect immediately Change the roles for an administrator account To reflect the changes to an administrator s responsibilities in your organization you can add or remove one or more administrative roles for the administrator account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search ...

Страница 243: ... If the administrator is also a BlackBerry device user remove the BlackBerry device from the administrator account 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Administrator User 2 Click Manage users 3 Search for an administrator account 4 In the search results click the display name for the administrator account 5 In the Status list click Delete use...

Страница 244: ...es to those groups or use the default user groups that contain pre existing roles If you are managing a large number of groups over 3000 using the BlackBerry Administration Service in a single domain your organization s environment might experience a performance impact Usingdefaultgroupstomanageuseraccountsandadministratoraccounts The BlackBerry Enterprise Server installation includes default grou...

Страница 245: ...roup 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Group 2 Click Manage groups 3 Click the group name 4 In the Manage users in group membership list click Remove users from group membership 5 Search for a user account 6 Select the check boxes beside the display names for the user accounts that you want to remove 7 Click Remove from group membership Ch...

Страница 246: ...er account will have the same settings it had before you deleted it Move a user account to a different group 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the display name for the user account 5 Click Edit user 6 On the Groups tab in the Current groups list click the g...

Страница 247: ... click Yes Switch the users and fail the deployment tasks If you do not want to move the user accounts that have pending deployment tasks click No Switch only the users that have no existing deployment tasks Delete a user account from the BlackBerry Enterprise Server Before you begin Verify that the primary BlackBerry Enterprise Server is running 1 In the BlackBerry Administration Service on the B...

Страница 248: ...tact list depends on the contact list size 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click Email 3 Click Refresh available user list from company directory Resend service books to a BlackBerry device 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand ...

Страница 249: ... multiple tasks Each task delivers a specific object or setting to a BlackBerry device for example upgrading BlackBerry Device Software installing or removing a BlackBerry Java Application or sending updated IT policy settings or application settings You can change the default settings for a job to control how the BlackBerry Administration Service processes jobs If you change the default settings ...

Страница 250: ...ce day for sending IT policy updates If you want to add more than one recurrence day for sending IT policy updates the schedules for the separate recurrence days cannot overlap a In the Scheduled deployment day s drop down list click the appropriate recurrence option If necessary select the recurrence days b In the Start time drop down list click the appropriate option If necessary set the start t...

Страница 251: ...ications a Click the Edit icon for the default recurrence day b In the Scheduled deployment day s drop down list click the appropriate recurrence option If necessary select the recurrence days c In the Start time drop down list click the appropriate option If necessary change the start time and end time d Click the Update icon By default the recurrence day is Every day and the start time is All da...

Страница 252: ...ronment might experience a performance impact 1 In the BlackBerry Administration Service on the Devices menu expand Deployment jobs 2 Click Specify BlackBerry Device Software distribution settings 3 Click Edit distribution settings 4 Perform any of the following tasks Task Steps Change the recurrence day for installing updating or removing the BlackBerry Device Software a Click the Edit icon for t...

Страница 253: ...ault value is 150 9 Click Save all Change how the BlackBerry Enterprise Server sends standard application settings to BlackBerry devices BlackBerry Device Software configurations include standard application settings that you can use to control calendar email andcontactlistsettingsonBlackBerrydevices YoucanchangehowtheBlackBerry EnterpriseServer sends the settings to and updates the settings on Bl...

Страница 254: ...e the maximum number of tasks for standard application settings that you want the BlackBerry Enterprise Server to process at the same time The default value is 25 8 If necessary in the Total number of tasks per time window per BlackBerry Administration Service instance field type the total number of tasks for standard application settings that you want the BlackBerry Enterprise Server to process d...

Страница 255: ...w a job sends IT policies to BlackBerry devices You can change how the BlackBerry Administration Service sends IT policy settings and changes in a specific job to BlackBerry devices You can change a job s distribution settings for IT policies only if the job is not running If you changingtheITpolicydistributionsettingsforajob yourorganization senvironmentmightexperienceaperformance impact 1 In the...

Страница 256: ...fault value is 25 9 If necessary in the Total number of tasks per time window per BlackBerry Administration Service instance field type the total number of IT policy tasks in the job that you want the BlackBerry Enterprise Serverto process during each processing interval The default value is 150 10 Click Save all Change how a job sends BlackBerry Java Applications to BlackBerry devices You can cha...

Страница 257: ...abled to reduce load on system 8 If necessary in the Default throttling for all application tasks in each job in a time window section in the Maximum number of simultaneous tasks per BlackBerry Administration Service instance field type the maximum number of application tasks in the job that you want the BlackBerry Enterprise Server to process at the same time The default value is 25 9 If necessar...

Страница 258: ...f necessary click the recurrence days b In the Start time drop down list click the appropriate recurrence option If necessary change the start time and end time c Click the Add icon 7 To turn on throttling for all BlackBerry Device Software tasks in jobs in the Default throttling enablement for all BlackBerry Device Software tasks in each job in a time window section click Enabled to reduce load o...

Страница 259: ...tings a Click the Edit icon for the recurrence day b In the Scheduled deployment day s drop down list click the appropriate recurrence option If necessary select the number of recurrence days c In the Start time drop down list click the appropriate recurrence option If necessary change the start time and end time d Click the Update icon By default the recurrence day is Every day and the start time...

Страница 260: ...ou do not want to make the BlackBerry Java Application available to add to software configurations You cannot delete a BlackBerry Java Application from the application repository if the BlackBerry Java Applicationis in a software configuration 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Software Applications 2 Click Manage applications 3 Search for ...

Страница 261: ...onfiguration from a group the applications in the software configuration are removed from the BlackBerry devices that are associated with the user accounts that belong to the group 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Group 2 Click Manage groups 3 Click a group 4 Click Edit group 5 On the Software configuration tab in the Current software con...

Страница 262: ...ch for one or more user accounts 4 In the search results click the display name for a user account 5 Click Edit user 6 On the Software configuration tab in the Current software configurations list click a software configuration 7 Click Remove 8 Repeat steps 6 and 7 for each software configuration that you want to remove 9 Click Save all Delete a software configuration You can delete a software con...

Страница 263: ...e Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click the instance that you want to change 3 Click Edit instance 4 In the Access control section in the Pull authorization drop down list click Yes 5 Click Save all Users cannot access web content on their BlackBerry devices until you permit the users to access specific web s...

Страница 264: ...nents menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click MDS Connection Service 3 Click Edit component 4 On the Access control rules tab in the Rule name field type a name for the pull rule 5 In the Control type drop down list click Pull 6 Click the Add icon 7 Click Save all After you finish Restrict or permit web address patterns using a pull rule Restrict or permit...

Страница 265: ...the web site To require that the BlackBerry MDS Connection Service authenticates a user using integrated Windows authentication click Integrated To require that a user authenticates to the RSA Authentication Manager using RSA authentication click RSA To require that the BlackBerry MDS Connection Service authenticates the user using integrated Windows authentication and that a user authenticates to...

Страница 266: ... more information about MIME media types visit www iana org Prevent users from accessing specific media types You can configure the BlackBerry MDS Connection Service instances in your organization s environment to prevent users from accessing every format of a media type for example video or a specific format of a media type for example mp3 using the BlackBerry Browser and other applications on a ...

Страница 267: ... for the Media content type field include application msword application pdf video mpeg application image 5 In the Maximum KB Connection field type the maximum size in KB of content that a user can download to the device during each connection to the BlackBerry MDS Connection Service 6 In the Disallow content drop down list click No 7 Click the Add icon 8 Click Save all Related topics Default down...

Страница 268: ...ion Service is running on and other Microsoft Active Directory domains in other forests that the BlackBerry MDS Connection Service must connect to The S4U2proxy extension that the BlackBerry MDS Connection Service uses to retrieve the Kerberos service tickets for users requires a two way trust between Microsoft Active Directory domains After you turn on Integrated Windows authentication and specif...

Страница 269: ...sources that you want to turn on Integrated Windows authentication for For more information about configuring the Microsoft Active Directory account using setspn and Microsoft Active Directory visit www blackberry com btsc to read article KB22726 1 If a pool of application servers host a intranet site and the pool is running on Microsoft IIS and is located behind a load balancer use setspn or ADSI...

Страница 270: ... the password meets the security requirements of your organization the user is not required to change their password the next time that the user logs in the user s password never expires Configure the Microsoft Active Directory account to delegate access to a shared folder You are required to have only one Microsoft Active Directory account in each Microsoft Active Directory domain that includes t...

Страница 271: ...tory account that you create in the Microsoft Active Directory domain that includes the messaging server or global catalog server Configure the BlackBerry MDS Connection Service when the messaging server is located in a remote Microsoft Active Directory domain Before you begin Create a Microsoft Active Directory account in the Microsoft Active Directory domain that the messaging server or global c...

Страница 272: ... tab click Edit component 8 In the Authentication support enabled drop down list click Yes 9 Click Save all 10 On the Pull URL Patterns tab specify web address patterns for the intranet sites or shared folders that you want to permit BlackBerry device users to access for example intranet_site 80 The web address patterns are based on Java regular expressions Consider specifying the following web ad...

Страница 273: ...ce from sending push requests and create push initiators that permit specific server side applications to send push requests to BlackBerry devices To permit specific users to receive push requests on BlackBerry devices you can create push rules and assign the rules to the users For more information about push requests see the BlackBerry Java Development Environment Development Guide Restrict push ...

Страница 274: ...erry devices 5 In the Credentials field type the password for the server side push application 6 Click the Add icon 7 Click Save all After you finish Create a push initiator for each server side push application that you want to permit to send push requests to BlackBerry devices To specify which users can receive push requests from authenticated push applications turn on push authorization and cre...

Страница 275: ...Administration Service in the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click MDS Connection Service 3 Click Edit component 4 On the Access control rules tab click the Edit icon for a push rule 5 In the Available push initiators list click the push initiator that you want to assign to the push rule 6 Click Add 7 Repeat steps 5 and 6 for each...

Страница 276: ...the Available push rules list click a push rule 7 Click Add 8 Click Save Encrypt push requests that push applications send to BlackBerry devices You can configure a BlackBerry MDS Connection Service to use SSL or TLS to encrypt the push requests that server side push applications send to BlackBerry devices By default the BlackBerry MDS Connection Service does not encrypt the push requests that ser...

Страница 277: ...ush requests 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click the instance that you want to specify device ports for 3 Click Edit instance 4 In the Device ports enabled for reliable pushes field type the device port number 5 Click the Add icon 6 Repeat steps 4 to 5 for e...

Страница 278: ...on Database to store 5 In the Maximum push message age field type the maximum length of time in minutes that you want the BlackBerry Configuration Database to store a push request before the BlackBerry Enterprise Server deletes it from the BlackBerry Configuration Database 6 Click Save all Configure the maximum number of active connections that a BlackBerry MDS Connection Service can process You c...

Страница 279: ... when the number of pending push connections in the queue exceeds the limit 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click the instance that you want to configure the maximum number of queued connections for 3 Click Edit instance 4 In the Push access protocol section i...

Страница 280: ...guration section click Default configuration 7 On the Organizer data synchronization tab in the General section in the Automatic wireless backup turned on drop down list click No 8 Click Continue to user information edit 9 Click Save all Delete organizer data for members of a user group from the BlackBerry Enterprise Server If the BlackBerry Enterprise Server is not writing organizer data for memb...

Страница 281: ...hat are associated with a BlackBerry Enterprise Server 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Synchronization 2 Click the instance that you want to change 3 In the Instance information section click Synchronization 4 Click Edit component 5 In the Synchronization turned on drop down list clic...

Страница 282: ...rom the BlackBerry Enterprise Server to the BlackBerry device only click Server to Device To synchronize data from the BlackBerry device to the BlackBerry Enterprise Server only click Device to Server To synchronize data from the BlackBerry device to the BlackBerry Enterprise Server and from the BlackBerry Enterprise Server to the BlackBerry device click Bidirectional 6 Click Save all Change the d...

Страница 283: ...atthe BlackBerry EnterpriseServerdataoverridesthe BlackBerrydevicedata clickServerWins To specify that the BlackBerry device data overrides the BlackBerry Enterprise Server data click Device Wins 6 Click Save all ChangehowtheBlackBerryAdministrationServiceresolvesconflictsduring organizer data synchronization for a specific user account 1 In the BlackBerry Administration Service on the BlackBerry ...

Страница 284: ...es to find a BlackBerry user s address book or memo organizer data Note If the Location Server and Location Relative Path fields are not populated the BlackBerry Enterprise Server does not synchronize the user s address book and memo application to the user s BlackBerry device 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 S...

Страница 285: ...configure a BlackBerry Enterprise Server to deliver incoming messages to a user s BlackBerry device when no email message filters apply to those messages 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the name of a user account 5 In the Messaging configuration section c...

Страница 286: ...ard email messages from the user s inbox and sent items folder click Inbox and Sent Items only To select the folders that you want the BlackBerry Enterprise Serverto forward messages from click Selected folders Click the folders that you want to forward messages from 8 Click Continue to user information edit 9 Click Save all Turn off email message forwarding to user accounts in a group You can tem...

Страница 287: ... that the user sends from the BlackBerry device you can turn off synchronization for email messages that the user sends from the BlackBerry device 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for a user account 4 In the search results click the name of the user account 5 Click Edit user 6 In the Messaging configurat...

Страница 288: ...rry Administration Service on the BlackBerry solution management menu expand User 2 Click Manage users 3 Search for one or more user accounts 4 Select the user accounts that you want to delete incoming messages for 5 In the Pending data packets list click Purge pending data packets for selected devices If wireless calendar synchronization for a user account is turned on the BlackBerry Enterprise S...

Страница 289: ...ation s messaging server 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component View Email 2 Click the name of the BlackBerry Enterprise Server instance or BlackBerry Enterprise Server pair that you want to change 3 Click Edit instance 4 On the Messaging tab in the Messaging Options section change Free busy look...

Страница 290: ...se Server using one of the following methods If you are changing a BlackBerry Enterprise Server instance in the Status list click Restart instance If you are changing a BlackBerry Enterprise Server pair in the Status list for one of the instances in the pair click Restart instance Repeat this step for the other instance in the pair In the Windows Services restart the BlackBerry Dispatcher 9 Repeat...

Страница 291: ...ng email messages that contain inline images to BlackBerry devices If you turn off support for rich content and inline images you reduce the resource consumption on the computers that are running the messaging server BlackBerry Attachment Service and BlackBerry MDS Connection Service 1 In the BlackBerry Administration Service in the Servers and components menu expand BlackBerry Solution topology B...

Страница 292: ...erprise Server components 327 Configuring IBM Lotus Notes links on devices In IBM Lotus Notes BlackBerry device users can include Lotus Notes links to connect to documents specific sections of a document views folders or applications in Lotus Notes The BlackBerry Enterprise Server supports Lotus Notes links in email messages that users create and receive on their BlackBerry devices The BlackBerry ...

Страница 293: ...er name and host name to the map manually using a registry value 1 On the computer that hosts the BlackBerry Messaging Agent click Start Run 2 Type regedit 3 Perform one of the following actions If you are running a 32 bit version of Windows go to HKEY_LOCAL_MACHINE SOFTWARE Research In Motion BlackBerry Enterprise Server Agents If you are running a 64 bit version of Windows go to HKEY_LOCAL_MACHI...

Страница 294: ... 7 In the Value data field type the interval in seconds that can elapse before the map updates itself The minimum value is 3600 seconds 1 hour the maximum value is 86 400 seconds 24 hours 8 Click OK Turn off support for IBM Lotus Notes links By default support for IBM Lotus Notes links is turned on If your organization s environment has security restrictions you can turn off support for Lotus Note...

Страница 295: ...to synchronize with the contact lists on the BlackBerry device 8 Click Continue to user information edit 9 Click Save all Control which personal contact subfolders a user can synchronize to a BlackBerry device By default a user can synchronize all of the personal contact subfolders on the messaging server with the contact lists on the BlackBerry device To help manage network resources you can sele...

Страница 296: ...fy public contact databases that users can access from their BlackBerry devices 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view 2 Click Email 3 Click Edit component 4 In the Published contact servers section in the User synchronized public contact servers maximum field type the maximum number of publ...

Страница 297: ...t want to access from the BlackBerry devices In BlackBerry Enterprise Serverversion 5 0 or later and BlackBerry Device Software version 5 0 or later if you want to permit users to access specific documents that are not located on the Windows network for example documents that are located on a Linux network from the BlackBerry devices you must configure the BlackBerry MDS ConnectionServicetosearcht...

Страница 298: ...s for example the DFS Namespace in Windows Server and fs_path is the optional directory path that can include a specific filename When you type the UNC path you can use an asterisk to represent a sequence of arbitrary characters including blank spaces a question mark to represent a single arbitrary character and a backslash to represent an escape character You cannot type a URL that can search all...

Страница 299: ...hange an existing configuration set click the Edit icon 5 In the Priority Service group drop down list click the name of the service that you want to configure the communication method for 6 In the Service Name Description drop down list click the name of the communication method that you want to configure 7 Click the Add icon 8 To specify the communication method that the BlackBerry MDS Connectio...

Страница 300: ...onnection Service instance 6 Click Save all 7 To restart the BlackBerry MDS Connection Service instance on the Instance information tab in the Status list click Restart instance 8 To assign the BlackBerry MDS Connection Service configuration set to another BlackBerry MDS Connection Service instance repeat steps 3 to 7 Related topics Restarting BlackBerry Enterprise Server components 327 Managing s...

Страница 301: ... a disclaimer for 6 Click Save all Add a disclaimer to email messages that a user sends from a BlackBerry device You can add a disclaimer to all email messages that are sent by a user that is different from the disclaimer that you added for all users on a BlackBerry Enterprise Server A user cannot change the disclaimer that you define 1 In the BlackBerry Administration Service on the BlackBerry so...

Страница 302: ... In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry solution topology BlackBerry Domain Component view Email 2 Click the instance that you want to change 3 Click Edit instance 4 On the Messaging tab in the Messaging options section perform any of the following actions To turn off disclaimers that appear before the body of the message in the Prepended disc...

Страница 303: ...sages PIN messages are appropriate for informing users about messaging server outages because BlackBerry devices send and receive PIN messages directly without using the messaging server BlackBerry devices do not apply filters to PIN messages When users reply to a notification email message their BlackBerry devices send the replies to the administration email address Send a notification message to...

Страница 304: ...ype the message that you want to send 7 Click Send message Automated notification messages If the BlackBerry Enterprise Server cannot send email messages to BlackBerry devices it sends a notification PIN message to the BlackBerry devices automatically informing users about an issue with wireless email delivery Change the subject for automated notification messages You can change the subject for au...

Страница 305: ...ftware Research In Motion BlackBerry Enterprise Server Agents If you are running a 64 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software WOW6432Node Research In Motion BlackBerry Enterprise Server Agents 5 Right click Agents Click New DWORD Value 6 Type MaxSkippedNotificationsPerDay 7 Double click the new value 8 In the Value data field type 0 9 Click OK After you finish Restart the Bl...

Страница 306: ... topics Create a BlackBerry Attachment Service pool for high availability 98 Change how a BlackBerry Attachment Connector retries sending requests to a BlackBerry Attachment Service The BlackBerry Attachment Connector sends requests to view attachments from users BlackBerry devices to a BlackBerry Attachment Service You can change how a BlackBerry Attachment Connector processes attachment requests...

Страница 307: ...lost connection field type the amount of time in milliseconds that the BlackBerry Attachment Connector waits before it tries to restore a lost connection to a BlackBerry Attachment Service The default value is 1000 milliseconds 5 Click Save all Attachment file formats that the BlackBerry Attachment Service supports Format Extension Adobe Acrobat pdf ASCII text txt audio amr mp3 wav wma Corel WordP...

Страница 308: ...vailable The BlackBerry Attachment Service does not support the following features in odp files some text effects and style options line spacing proportional at least leading text with position functionality animation transitions tables svm images crop and clip image effects specific types of text object spacing table of contents portrait page orientation color gradient hatching and bitmap fill ef...

Страница 309: ...ning conversion process The maximum file size of attachments impacts the amount of cached memory that the BlackBerry Attachment Service uses By default the BlackBerry Attachment Service does not limit the file size of an attachment that is embedded in an email message or retrieved using a link The BlackBerry Enterprise Server sends data to BlackBerry devices over the wirelessnetworkinpacketsthatar...

Страница 310: ...number of processes ThissettingspecifiesthenumberofconversionrequeststhattheBlackBerry Attachment Service can process at the same time When you specify this value considertheamountofavailablememoryandthecompetingservices on the computer that hosts the BlackBerry Attachment Service The default value is 4 1 through 64 Process recycle time minutes This setting specifies the length of time that an app...

Страница 311: ...istration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Attachment Server 2 Click the instance that you want to change 3 Click Edit instance 4 In the Distiller display name section in the Attachment size KB column type a value in KB for the distillers that you want to change If necessary configure the settings in the Additional data...

Страница 312: ...ents 327 Add support for an additional attachment file format to a BlackBerry Attachment Service You can configure a BlackBerry Attachment Service to support additional file formats If your organization s messaging server connects to a document management system that renames file format extensions you must add the necessary extensions to the list of supported file formats for all BlackBerry Attach...

Страница 313: ... If the BlackBerry Messaging Agent receives more than one attachment at a time it limits the total file size of all of the attachments to a maximum of 5 MB Data that a BlackBerry device and the messaging server send each other over the wireless network must be in packets that are no larger than 64 KB If a BlackBerry device sends an attachment that is larger than a single packet the BlackBerry devi...

Страница 314: ...t users from sending large attachments they can only send specific attachments such as certificates and contact list entries that are less than a single packet 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Email 2 Click the instance that you want to change 3 Click Edit instance 4 On the Messaging t...

Страница 315: ...ximumsingleattachmentdownloadsize KB field type a number in KB that is between 0 and 10240 10 MB If you type 0 users cannot download attachments in a native format to their BlackBerry devices 5 Click Save all Administration Guide Changing how the BlackBerry Messaging Agent reconciles attachments to the messaging server 313 ...

Страница 316: ...ion levels using the BlackBerry Enterprise Trait Tool You can use the BlackBerry Enterprise Trait Tool to specify whether corrective calendar synchronization checks calendar entries for a specific user users on a specific BlackBerry Enterprise Server or all users The tool uses a hierarchy to determine what calendar entries to check Settings at the user level override settings at the server level s...

Страница 317: ...ccount the server name of a specific BlackBerry Enterprise Server for all user accounts that are associated with the specific BlackBerry Enterprise Server or global for all user accounts View the current settings for corrective calendar synchronization 1 Copy the BlackBerry Enterprise Serverinstallation files to a computer that hosts a BlackBerry Enterprise Server instance 2 Extract the contents t...

Страница 318: ...SendUpdate set true 5 Press ENTER Example Configuring the process to correct calendar synchronization errors for a specific user traittool user ian dundas blackberry com trait DominoSmartSyncSendUpdate set true After you finish To turn off calendar synchronization error correction type traittool level trait DominoSmartSyncSendUpdate set false where level is the SMTP address of a specific user acco...

Страница 319: ...s to a folder on the computer 3 At the command prompt navigate to the folder that the TraitTool exe file is located in 4 Perform one of the following actions To configure calendar synchronization to occur at a specific hour for a specific user account type traittool user smtp_address trait DominoSmartSyncTriggerHour set value where value is a number from 0 to 23 0 is 12 00 AM and 23 is 11 00 PM Th...

Страница 320: ...23 Example Corrective calendar synchronization that runs on weekdays for all users traittool global trait DominoSmartSyncSchedule set Weekdays Example Corrective calendar synchronization that runs on Monday Wednesday and Friday for a specific user traittool user greg stark blackberry com trait DominoSmartSyncSchedule set Monday Wednesday Friday Configure throttling for corrective calendar synchron...

Страница 321: ...Corrective calendar synchronization writes the following information to the BlackBerry Messaging Agent log file Item Description DIF specifies that a calendar item is different on the BlackBerry device than it is in the email application MOD specifies that a calendar item is missing on the device MON specifies that a calendar item is missing in the email application SAM specifies that a calendar i...

Страница 322: ...onization begins on the BlackBerry Enterprise Server that is named SERVER01 type traittool server SERVER01 trait DominoSmartSyncTriggerHour erase Start corrective calendar synchronization manually for a user account By default the BlackBerry Enterprise Server synchronizes the calendar on each BlackBerry device user s computer with the calendar on each user s BlackBerry device at a regular interval...

Страница 323: ...f the BlackBerry Enterprise Server Administration Guide To download the zip file for the appropriate collaboration client visit www blackberry com support downloads For information about the compatibility of collaboration clients and versions of the BlackBerry Enterprise Server visit na blackberry com eng support downloads im_server_compatibility jsp Change the instant messaging server or pool tha...

Страница 324: ...essagingservers click TCP if you do not want the BlackBerry Collaboration Service to encrypt the data thatitsendstotheinstantmessagingservers For Microsoft Office Live Communications Server 2005 or Microsoft Office Communications Server 2007 In the Transport protocol drop down list perform one of the following actions click HTTPS if you want the BlackBerry Collaboration Service to encrypt the data...

Страница 325: ...an be open between the BlackBerry Collaboration Service and the instant messaging server at the same time 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Collaboration 2 Expand the instant messaging environment 3 Click the instance that you want to change 4 Click Edit instance 5 In the General sectio...

Страница 326: ...maximum size of file types that users can send using the BlackBerry Client for IBM Lotus Sametime To control the use of network resources in your organization s environment you can use the media content management feature to specify the maximum size of specific file types that BlackBerry device users can send to each other using the BlackBerry Client for IBM Lotus Sametime The maximum file size th...

Страница 327: ...Servers and components menu expand BlackBerry solution topology BlackBerry Domain Component view Collaboration 2 Expand the instant messaging environment 3 Click the instance that you want to change 4 Click Edit instance 5 In the General section in the Show Mobile Icon drop down list click False 6 Click Save all Make additional contact information and phone numbers available for the BlackBerry Cli...

Страница 328: ...ation Telephone Photo Company OfficePhone HomePhone CellPhone Manager Department HomeAddress HomeZip HomeState HomeCity WorkAddress WorkZip WorkCity WorkSt ate LoginId 6 Save the UserInfoConfig xml file 7 Restart the IBM Lotus Domino server 8 To verify that the new fields were added to each user s contact information perform the following actions a Create a test user account in the IBM Lotus Domin...

Страница 329: ...rvice Synchronization BlackBerry Synchronization Service BlackBerry Attachment Service Attachment Service BlackBerry Attachment Service BlackBerry MDS Connection Service MDS Connection Service BlackBerry MDS Connection Service BlackBerry Monitoring Service BlackBerry Monitoring Service Application Core BlackBerry Monitoring Service Data Collection Subsystem BlackBerry Monitoring Service Polling En...

Страница 330: ... Attachment Service BlackBerry Controller All of the remaining services for BlackBerry Enterprise Server components Best practice Restarting more than one BlackBerry Administration Service instance To restart all BlackBerry Administration Service instances without issues the best practice is to stop all instances before you begin restarting the instances If you must keep at least one BlackBerry Ad...

Страница 331: ...ecified Type traittool trait trait name set value Erase the value of a trait Type traittool trait trait name erase Replace the braces and asterisk with one or more of the following command line options global to specify all BlackBerry Enterprise Server instances in the BlackBerry Domain agent agent id to specify the ID for the BlackBerry Messaging Agent group groups_name to specify a group of Blac...

Страница 332: ...ses the Web Proxy Autodiscovery protocol to discover proxy servers automatically If you want to enable the Web Proxy Autodiscovery protocol change the value to 1 If you want to disable the Web Proxy Autodiscovery protocol change the value to 0 If you do not change the value to 1 the Web Proxy Autodiscovery protocol is not enabled For more information see Configure the BlackBerry Administration Ser...

Страница 333: ...delivers email messages change the valuetofalse 0 IfyouwanttopreventtheBlackBerryMessaging Agent from sending confirmations automatically when the BlackBerry Messaging Agent delivers email messages change the value to true 1 The default value is false 0 the BlackBerry Messaging Agent sends confirmations automatically when the BlackBerry Messaging Agent delivers email messages DominoSmartSyncDays T...

Страница 334: ...BlackBerry Messaging Agent log file or writes the errors to the log file and corrects the calendar synchronization errors on devices You can configure the BlackBerry Messaging Agent to correct calendar synchronization errors automatically for a specific user account all user accounts that you associate with a BlackBerry Enterprise Server or all user accounts If you want the BlackBerry Messaging Ag...

Страница 335: ...mail message sent to a device when the BlackBerry Enterprise Server synchronizes email messages that an email application sends The default value is false 0 the body of an email message is sent to a device EnableNNEIDFileProvisioning This trait specifies whether the BlackBerry Enterprise Server can synchronize IBM Lotus Notes id files with the Lotus Notes ID vault automatically and send the files ...

Страница 336: ...display the folders and the BlackBerry Administration Service might time out If you want to turn off the look up function change the value to false 0 If you turn off the look up function you can access the BlackBerry MessagingAgentintheBlackBerryAdministrationServicebutyou cannot see the list of available public folders in the Email component page in the BlackBerry Administration Service The defau...

Страница 337: ...ers the email messages and places them in the Junk folder If you do not want the BlackBerry Enterprise Server to monitor the Junk folder for activation messages change the value to false 0 and restart the BlackBerry Controller The default value is true 1 the BlackBerry Enterprise Server monitors the Junk folder for activation messages NumberOfUserTargetTypeForSlowSyncInPara llel This trait specifi...

Страница 338: ...er the BlackBerry Policy Service uses throttling to send applications the same way that it throttles IT policies and service books If you want the BlackBerry Policy Service to send applications using throttling in the same way that it throttles IT policies and service books change the value to true 1 If you do not want the BlackBerry Policy Service to send applications using throttling in the same...

Страница 339: ...tling for PIN encryption keys PrepopulatePIMForNotesUsers This trait specifies whether administrators can change the PIM location for roaming If you want to permit administrators to change the PIM location for roaming change the value to false 0 IfyoudonotwanttopermitadministratorstochangethePIM location for roaming change the value to true 1 and the BlackBerry Messaging Agent determines the PIM l...

Страница 340: ...ers for user accounts and messaging servers UserHealthPercentage This trait specifies the percentage of user accounts that are healthy The BlackBerry Dispatcher uses this trait to change the User accounts health parameter If either of the health parameters indicate that the primary BlackBerry Enterprise Server is unhealthy and you turn on automatic failover the BlackBerry Enterprise Server starts ...

Страница 341: ...topology BlackBerry Domain Component view 2 Click BlackBerry Administration Service 3 Click Edit component 4 In the License key section perform one of the following actions To add a BlackBerry CAL key type the information for the BlackBerry CAL key Click the Add icon To delete a BlackBerry CAL key click the Delete icon 5 Click Save all Copy a BlackBerry CAL key to a text file You can copy a BlackB...

Страница 342: ...ase might not contain the contact information for all user accounts on your organization s messaging server If the BlackBerry Configuration Database does not contain contact information for a user account you cannot create the user account by searching for the contact information in the BlackBerry Administration Service You can only create the user account if you use the Add from company directory...

Страница 343: ...the BlackBerry Enterprise Server open the Registry Editor 2 Perform one of the following actions If you are running a 32 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software Research In Motion BlackBerry Enterprise Server Agents If you are running a 64 bit version of Windows navigate to HKEY_LOCAL_MACHINE Software WOW6432Node Research In Motion BlackBerry Enterprise Server Agents 3 Creat...

Страница 344: ...ge can lead to unexpected behavior such as database updates not completing To avoid this scenario you can throttle the processing of IT policies and service books You can specify the maximum number of processes for IT policies and service books that a BlackBerry Policy Service can run at one time before the BlackBerry Policy Service schedules additional processes for IT policies and service books ...

Страница 345: ...ice books that a BlackBerry Policy Service can send If you want to configure the maximum number of IT policies or service books that a BlackBerry Policy Service can send to 500 type traittool global trait PolicyThrottlingMaxDomainJobs set 500 Configuring BlackBerry Policy Service throttling for PIN encryption keys If the BlackBerry Policy Service detects that you updated the PIN encryption keys in...

Страница 346: ...st as the server permits which might result in an unexpected increase in CPU usage and database usage If you configure throttling the BlackBerry Policy Service sends applications to devices using the same method that it uses to throttle IT policies and service books Configure BlackBerry Policy Service throttling for application polling 1 Copy the BlackBerry Enterprise Server installation file to a...

Страница 347: ...on Panel 2 In the Database Connectivity tab in the Use dynamic ports or specify SQL port field type the port number 3 Click Apply 4 Click OK 5 In the Windows Services restart the appropriate service for the BlackBerry Enterprise Server component 6 Repeat steps 1 to 5 on each computer that hosts a BlackBerry Enterprise Server component that connects to the BlackBerry Configuration Database Related ...

Страница 348: ...exist create a DWORD value that you name Default 5 Change the DWORD value to the port number that the syslog tools listen on 6 Click OK 7 In the Windows Services restart the service for the BlackBerry Enterprise Server component Related topics Restarting BlackBerry Enterprise Server components 327 Syslog connection type and port number 386 Administration Guide Change the port number that the syslo...

Страница 349: ...rvice is inactive for a long period of time Registry keys determine how the BlackBerry Controller monitors the BlackBerry Enterprise Server components and restarts the services that are associated with the components You can change the default behavior of the BlackBerry Controller by creating new registry keys and changing the default values of the registry keys TheBlackBerryControlleralsomonitors...

Страница 350: ...eld type a value The default maximum number of requests that can occur daily is 100 Change the number of minutes that the BlackBerry Controller waits for NSD to finish if it is running when the BlackBerry Controller tries to restart IBM Lotus Domino and the BlackBerry Messaging Agent a Double click WaitForNSDToComplete b In the Value data field type a value The default number of minutes is 30 Chan...

Страница 351: ...koutTo f Double click the new DWORD value g In the Base section select the Decimal option h In the Value data field type the highest value of the time range For example if you configure the RestartAgentOnHungBlackoutFrom value to eight and the RestartAgentOnHungBlackoutTo value to 17 the BlackBerry Controller does not restart the BlackBerry Messaging Agent between 8 00 AM and 5 00 PM if it detects...

Страница 352: ...Service if the service stops responding type 0 To permit the BlackBerry Controller to restart the BlackBerry Attachment Service if the service stops responding type 1 Change how the BlackBerry Controller restarts the BlackBerry Collaboration Service a Click BlackBerry Collaboration Service b Double click the DWORD value that is named RestartOnCrash c In the Value data field perform one of the foll...

Страница 353: ...estarting the BlackBerry Mail Store Service if the service stops responding type 0 To permit the BlackBerry Controller to restart the BlackBerry Mail Store Service if the service stops responding type 1 Change how the BlackBerry Controller restarts the BlackBerry Policy Service a Navigate to BlackBerry Enterprise Server b Click PolicyServer c Double click the DWORD value that is named RestartOnCra...

Страница 354: ...ation Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view Alert 2 Click the instance that you want to change 3 Click Edit instance 4 In the SMTP host name field type the SMTP host name of your organization s gateway in DNS format for example smtp CompanyName com 5 In the SMTP account name field type the name of the SMTP account that you w...

Страница 355: ...o change 3 Click Edit instance 4 In the User name field type the name of the contact 5 In the Event level drop down list click one of the following menu items To send notification messages for the default event monitoring level click Default To send notification messages for all events up to and including level 1 critical and error click Error To send notification messages for all events up to and...

Страница 356: ...o save the log files 5 Click Save all Monitor PIN messages You can use the log files for PIN messages to monitor the time and frequency when users send PIN messages from BlackBerry devices The log files are named using the format PINLog_ yyyymmdd By default logging for PIN messages is turned off 1 In the BlackBerry Administration Service on the BlackBerry solution management menu expand Policy 2 C...

Страница 357: ...ver saves the log files in C Program Files Research In Motion BlackBerry Enterprise Server Logs Each BlackBerry Enterprise Server instance saves the log files in folders that it creates daily and organizes by date To prevent the BlackBerry Enterprise Server log files from taking up too much disk space you can change how BlackBerry Enterprise Server components create and delete log files By default...

Страница 358: ...e General section in the Create folder for daily logs drop down list click False 5 Click Save all 6 On each computer that hosts a BlackBerry Enterprise Servercomponent or BlackBerry Enterprise Server service in the Windows Services restart the BlackBerry Enterprise Server services Changing how BlackBerry Enterprise Server components create log files Add a prefix to the file names of the log files ...

Страница 359: ...rver component when the current log file reaches its maximum size 358 Restarting BlackBerry Enterprise Server components 327 Change the logging level for a BlackBerry Enterprise Server component You can select whether the information that you save to the log files is detailed or limited by changing the logging level for a BlackBerry Enterprise Server component A more detailed logging level can hel...

Страница 360: ...u changed Related topics Restarting BlackBerry Enterprise Server components 327 Change the identifier of the log file for a BlackBerry Enterprise Server component You can identify the log file for a BlackBerry Enterprise Server component by the identifier that is included in the file name For example a log file that is named BBServer01_SYNC_01_20080120_001 txt uses the default component identifier...

Страница 361: ... the components that contain the logging settings that you changed Related topics Restarting BlackBerry Enterprise Server components 327 Change the character encoding of the log file for a BlackBerry Enterprise Server component You can change the character encoding of the log files of a BlackBerry Enterprise Server component so that the encoding supports the tools that you use to parse and examine...

Страница 362: ...inistration Service Native Code Container service Related topics Restarting BlackBerry Enterprise Server components 327 Component identifiers for log files You can identify the names for the BlackBerry Enterprise Server log files using the following component identifiers Component identifier Logging component ACNV BlackBerry Attachment Service attachment conversion ALRT BlackBerry Enterprise Serve...

Страница 363: ...vel for the BlackBerry MDS Connection Service log file which includes the event log UDP log files and TCP log files 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click an instance of the BlackBerry MDS Connection Service 3 On the Logging tab click Edit instance 4 In the Fil...

Страница 364: ...P log file messages from the same host and port number that the BlackBerry MDS Connection Service connects to when it sends UDP log messages 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click an instance of the BlackBerry MDS Connection Service 3 On the Logging tab click E...

Страница 365: ...d TCP log files 1 In the BlackBerry Administration Service on the Servers and components menu expand BlackBerry Solution topology BlackBerry Domain Component view MDS Connection Service 2 Click a BlackBerry MDS Connection Service instance 3 On the Logging tab click Edit instance 4 In the Logging section perform any of the following tasks Task Steps Do not trace how data packets travel inside the S...

Страница 366: ... server In the CRL logging turned on drop down list click Yes Monitor PGP key status and revocation information that the BlackBerry device retrieves from the PGP server InthePGPloggingturnedondrop downlist clickYes 5 Click Save all Related topics Restarting BlackBerry Enterprise Server components 327 Using BlackBerry MDS Connection Service log files to view information for proxied connections to B...

Страница 367: ...KBytes size of messages that the BlackBerry device sends in KB MTH_KBytes size of messages that the BlackBerry device receives in KB MFH_PACKET_COUNT number of packets that the BlackBerry device sends MTH_PACKET_COUNT number of packets that the BlackBerry device receives BlackBerry Collaboration Service log files ChangewhichactivitiestheBlackBerryCollaborationServicewritestoalog file 1 In the Blac...

Страница 368: ... the BlackBerry Collaboration Service to the BlackBerry Dispatcher In the GME logging turned on drop down list click True 5 Click Save all Related topics Restarting BlackBerry Enterprise Server components 327 Administration Guide BlackBerry Collaboration Service log files 366 ...

Страница 369: ...gure the connection for a Microsoft SQL Server incoming data connections from and outgoing data connections to the BlackBerry Configuration Database TCP 1433 Windows registry On a 32 bit version of Windows HKEY_LOCAL_M ACHINE SOFTWARE Research In Motion BlackBerry Enterprise Server Database Port On a 64 bit version of Windows HKEY_LOCAL_M ACHINE SOFTWARE WOW6432Nod e Research In Motion BlackBerry ...

Страница 370: ...a connections to BlackBerry Enterprise Server components for Java RMI TCP 13873 BlackBerry Configuration Panel incoming data connections from and outgoing data connections to BlackBerry Enterprise Server components for Java RMI over SSL TLS 13843 BlackBerry Configuration Panel internal data connection TCP 14457 BlackBerry Configuration Panel internal data connection TCP 28083 BlackBerry Configurat...

Страница 371: ...y Administration Service incoming document queries from the BlackBerry Attachment Service TCP 2000 BlackBerry Administration Service outgoing conversion results of large attachments to the BlackBerry Attachment Connector for the BlackBerry Attachment Service TCP 2000 BlackBerry Administration Service incoming data connections from and outgoing data connections to the BlackBerry Configuration Datab...

Страница 372: ...tion Service incoming data connections from and outgoing data connections to IBM Lotus Sametime TCP IP 1516 BlackBerry Administration Service incoming data connections from and outgoing data connections to the Novell GroupWise Messenger SSL 8300 BlackBerry Administration Service incoming data connections from and outgoing data connections to the BlackBerry Dispatcher TCP 3201 incoming data connect...

Страница 373: ...ction types and port numbers Item Connection type Default port number UIwhereyoucanconfigure the connection for a Microsoft SQL Server incoming data connections from and outgoing data connections to any of the following BlackBerry Enterprise Server components BlackBerry Administration Service BlackBerry Attachment Service BlackBerry Collaboration Service BlackBerry Dispatcher BlackBerry MDS Connec...

Страница 374: ...mponents 327 BlackBerry Controller connection types and port numbers Item Connection type Default port number UIwhereyoucanconfigure the connection incoming syslog connections from the BlackBerry Messaging Agent UDP 4070 Microsoft Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerry Enterprise Server Logging Info Mailbox Agent SysLogHost On a 6...

Страница 375: ...Connection type Default port number UIwhereyoucanconfigure the connection incoming data connections from the BlackBerry Messaging Agent TCP 5096 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerry Enterprise Server Agents TcpPortDispatcher On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerry Ent...

Страница 376: ...ections to the BlackBerry Configuration Database that a Microsoft SQL Server hosts TCP 1433 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerry Enterprise Server Database Port On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Database Port incomingdataconnectionfromtheBlackB...

Страница 377: ...nd port numbers Item Connection type Default port number UIwhereyoucanconfigure the connection outgoing data connections to the BlackBerry Dispatcher TCP 5096 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerry Enterprise Server Agents TcpPortDispatcher On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion ...

Страница 378: ...On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Database Port incoming syslog connections from the BlackBerry Controller and CalHelper UDP first unused port number from 4085 to 4499 outgoing syslog connections to the BlackBerry Controller UDP 4070 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Res...

Страница 379: ...otion BlackBerry Enterprise Server Agents UDPPort On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Agents UDPPort incoming data connections from the BlackBerry database notification system UDP first unused port number from 4185 to 4499 incoming data connections from and outgoing data connections to the IBM Lotus Domino server u...

Страница 380: ...ispatcher TCP 3201 incoming data connections from and outgoing data connections to the BlackBerry Configuration Database that a Microsoft SQL Server hosts TCP 1433 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerry Enterprise Server Database Port On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackB...

Страница 381: ...owsers HTTP 58180 incoming data connections from and outgoing data connections to browsers HTTPS 8443 incoming data connections from and outgoing data connections to the BlackBerry Enterprise Server and any other applications that you configured the BlackBerry Monitoring Service to send SNMP traps to SNMP 161and162 BlackBerry Monitoring Service console internal data connection to the BlackBerry Mo...

Страница 382: ..._MACHI NE SOFTWARE Research In Motion BlackBerry Enterprise Server Database Port On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Database Port incoming data connections from the BlackBerry database notification system UDP first unused port number from 4185 to 4499 BlackBerry Router connection types and port numbers Item Connec...

Страница 383: ... TCP 3101 BlackBerry Configuration Panel Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerryRouter TcpPort On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerryRouter TcpPort incoming data connections from and outgoing data connections to BlackBerry devices that use the BlackBerry Device Manager ...

Страница 384: ...32Node Research In Motion BlackBerryRouter DevicePort outgoing syslog connections to the SNMP agent UDP 4071 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerrySNMPAg ent Parameters UDPPort On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerrySNMPAg ent Parameters UDPPort Administration Guide Bla...

Страница 385: ...search In Motion BlackBerry Enterprise Server Database Port On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Database Port incoming data connections from the BlackBerry database notification system UDP first unused port number from 4185 to 4499 IBM Lotus Domino connection types and port numbers Item Connection type Default port...

Страница 386: ...ng data connections to the connector for the Microsoft Office Live Communications Server TLS 5061 Microsoft Office Live Communications Server incoming data connections from and outgoing data connections to the connector for the Microsoft Office Live Communications Server TCP 5060 Microsoft Office Live Communications Server BlackBerry Client for use with Microsoft Office Live Communications Server ...

Страница 387: ... connections from the following BlackBerry Enterprise Server components BlackBerry Messaging Agent BlackBerry Dispatcher BlackBerry Router UDP 4071 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerrySNMPAg ent Parameters UDPPort On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerrySNMPAg ent Para...

Страница 388: ...UDP 514 Windows registry On a 32 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE Research In Motion BlackBerry Enterprise Server Logging Info component Default On a 64 bit version of Windows HKEY_LOCAL_MACHI NE SOFTWARE WOW6432Node Research In Motion BlackBerry Enterprise Server Logging Info component Default Administration Guide Syslog connection type and port number 386 ...

Страница 389: ...nection is still available However while the BlackBerry Administration Service instance processestherequest itcompletesitsshutdownprocess and the connection becomes unavailable The web browser displays an error message Wait a few seconds and then try to click a link in the BlackBerry Administration Service console again The web browser redirects you to an instance in the BlackBerry Administration ...

Страница 390: ...te from the BlackBerry Configuration Database As a result BlackBerry Enterprise Server instances that are located geographically close to the BlackBerry Configuration Database can use the BlackBerry Mailstore Service to refresh the user information from your organization s address book in the BlackBerry Configuration Database TraitTool exe is located in the Tools directory on the BlackBerry Enterp...

Страница 391: ...CAL_MACHINE Software Research in Motion BlackBerry Enterprise Server 5 Click Agents 6 Create a DWORD value that you name SECMSGPasswordCacheTimeout 7 Double click SECMSGPasswordCacheTimeout 8 In the Value Data field type 0 9 Click OK Troubleshooting Setting up user accounts You cannot create a user account in the BlackBerry Administration Service Possible cause Possible solution The BlackBerry Adm...

Страница 392: ... account restart the Lotus Domino server that isrunningonthecomputerthathoststheBlackBerryEnterpriseServer You cannot find a new user account in the directory using the BlackBerry Administration Service Possible solution Refresh the list of available user accounts that the BlackBerry Administration Service can access from the directory By default the BlackBerry Administration Service refreshes the...

Страница 393: ...nterprise Server is located in a network that does not permit direct HTTP connections to the IBM Lotus Sametime server the BlackBerry Collaboration Service cannot retrieve the phone numbers from the IBM Lotus Sametime server instead of the IBM Lotus Sametime API Possible solution You must configure a proxy server that prevents your organization s BlackBerry Enterprise Server from receiving HTTP re...

Страница 394: ... components 327 Auserdidnotacceptanotificationaboutaninstantmessageonacomputer and the notification disappeared Applies to BlackBerry Collaboration Service version 4 1 or later with the BlackBerry Clientfor use with Microsoft Office Live Communications Server 2005 or the BlackBerry Client for use with Microsoft Office Communications Server 2007 Possible cause A user logged in to Microsoft Office C...

Страница 395: ...rry Collaboration Service version 4 1 or later with the BlackBerry Client for use with Microsoft Office Live Communications Server 2005 and the BlackBerry Client for use with Microsoft Office Communications Server 2007 Possible cause Possible solution The BlackBerry Collaboration Service does not support the version of the instant messaging application that is installed on the BlackBerry device Re...

Страница 396: ...onnections 2 Click Wi Fi Options 3 In the Wi Fi field verify that a checkmark appears A Wi Fi profile is not configured on the BlackBerry device 1 On the BlackBerry device on the Home screen click Manage Connections 2 In the Wi Fi field verify that the name of the Wi Fi network appears If the name does not appear resend the IT policy to the BlackBerry device or instruct the user to configure a Wi ...

Страница 397: ...rry device is not using the same channel as the access point Perform the following actions Useawirelessdevice suchasalaptopcomputer totesttheassociation with the access point Use the settings that the BlackBerry uses to configure the wireless connection Use a wireless device such as a computer to ping the BlackBerry Router The ping tests whether the BlackBerry Router is on the ACL of the access po...

Страница 398: ... DHCP was granted to the BlackBerry device Low signal strength is causing intermittent drops in data connectivity Move the BlackBerry device into a wireless coverage area 1 On the BlackBerry device in the device options click Wi Fi Connections 2 Press the Menu key 3 Click Wi Fi Tools Wi Fi Diagnostics 4 Verify the information in the status fields for the following connection groups Wi Fi VPN UMA G...

Страница 399: ... This indicator displays when a connection error exists between the BlackBerry device and a Wi Fi network Status fields for Wi Fi connections Field Description Current Profile This field specifies the name of the Wi Fi profile that the user is currently using SSID This field specifies the identifier for the Wi Fi network When the BlackBerry device displays an SSID value the BlackBerry device is co...

Страница 400: ...802 11b hasadatarateof11Mbps and IEEE 802 11a and IEEE 802 11g have a data rate of 54 Mbps Status This field provides a descriptive status message such as Status acquired It also specifies warnings and errors that a user encountered when the user tried to open a connection to an access point Network Type This field specifies whether the wireless connection type is IEEE 802 11a IEEE 802 11b or IEEE...

Страница 401: ...e is associated with Certificate This field specifies the certificate that the BlackBerry device can use for Wi Fi authentication if applicable Software Token If you configured a software token for the BlackBerry device this field specifies the serial number of the software token Status fields for VPN connections Field Description Current Profile This field specifies the name of the VPN profile th...

Страница 402: ...vice obtains this information from the VPN concentrator Failed Login Attempts This field specifies the number of login attempts that are not successful If a user logs in the field is cleared and reverts to 0 automatically Certificate This field specifies the certificate that the BlackBerry device uses for VPN authentication if applicable Software Token If you configured a software token for the Bl...

Страница 403: ...the transition from one network type to the other when the user is on a call Cellular rove in failures This field specifies errors that the BlackBerry device received during the transition from one network type to the other when the BlackBerry device is idle Status fields for BlackBerry Infrastructure connections The connection status indicators for the BlackBerry Infrastructureappear on a BlackBe...

Страница 404: ...ckBerry Enterprise Server through the BlackBerry Infrastructure A BlackBerry device cannot open a VPN connection Possible cause Possible solution The connection to the VPN concentrator is not configured correctly Verify that the VPN is turned on Ping the IP address of the VPN concentrator Verify that the VPN concentrator host name resolves to an IP address If it does not configure the VPN IP addre...

Страница 405: ... the BlackBerry device does not display a success message check the Status field for a reason for this error Verify whether a BlackBerry device can resolve an IP address If a BlackBerry device cannot connect to a Wi Fi network you can determine which connections the BlackBerry device cannot make to it You can ping the IP address of another wireless device the Wi Fi gateway a VPN concentrator the U...

Страница 406: ...le cause If BlackBerry Administration Service instances are located in different network segments that are separated by a firewall the firewall can block the dynamic ports on the BlackBerry Administration Service Possible solution Perform the following actions 1 Make sure that you configured the BlackBerry Administration Service instances to communicate across network subnets using TCP with TCP pi...

Страница 407: ...Intheparagraphcluster service xml uncommenttheline attributename RmiPort 11101 attribute The port number can be port 11101 or any port from port 1000 to port 5000 4 Comment out the line attribute name RmiPort 0 attribute 5 Add the JNDI delegate port that you configured in step 3 to the firewall Troubleshooting IT policies I cannot find an IT policy rule in the BlackBerry Administration Service Pos...

Страница 408: ...ject ACP ANSI code page AES Advanced Encryption Standard AES CCMP Advanced Encryption Standard Counter Mode CBCMAC Protocol AJAX Asynchronous JavaScript and XML ANSI American National Standards Institute API application programming interface ARFCN absolute radio frequency channel ASCII American Standard Code for Information Interchange BCC blind carbon copy BlackBerry CAL A BlackBerry Client Acces...

Страница 409: ...e data is outside an organization s firewall CDMA Code Division Multiple Access CLDC Connected Limited Device Configuration CMIME Compressed Multipurpose Internet Mail Extension content protection Content protection helps protect user data on a locked BlackBerry device by encrypting the user data using the content protection key and ECC private key CRL certificate revocation list CSR certificate s...

Страница 410: ...rch for and download certificates EAP FAST Extensible Authentication Protocol Flexible Authentication via Secure Tunneling EAP GTC Extensible Authentication Protocol Generic Token Card EAP TLS Extensible Authentication Protocol Transport Layer Security EAP TTLS Extensible Authentication Protocol Tunneled Transport Layer Security EAP Extensible Authentication Protocol Enterprise Service Policy The ...

Страница 411: ...Global Positioning System HTML Hypertext Markup Language HTTP Hypertext Transfer Protocol HTTPS Hypertext Transfer Protocol over Secure Sockets Layer IIS Internet Information Services IP address An Internet Protocol IP address is an identification number that each computer or mobile device uses when it sends or receives information over a network such as the Internet This identification number ide...

Страница 412: ...lets the BlackBerry Desktop Software and the BlackBerry Web Desktop Manager can perform Java ME Java Platform Micro Edition JDE Java Development Environment JNDI Java Naming and Directory Interface JRE Java Runtime Environment LAN local area network LDAP Lightweight Directory Access Protocol LDAPS Lightweight Directory Access Protocol over SSL LEAP Lightweight Extensible Authentication Protocol LE...

Страница 413: ... mirror database In database mirroring a mirror database is a standby copy of a principal database MNC mobile network code MTLS Mutual Transport Layer Security NAT network address translation NSD Notes System Diagnostic NTLM NT LAN Manager OCSP Online Certificate Status Protocol OEM original equipment manufacturer PAC proxy auto configuration PAP Push Access Protocol PEAP Protected Extensible Auth...

Страница 414: ...e is the database that starts the mirroring session PSK pre shared key RMI Record Management System RTF Rich Text Format SAN subject alternative name S MIME Secure Multipurpose Internet Mail Extensions SMS Short Message Service SMTP Simple Mail Transfer Protocol SNMP Simple Network Management Protocol SPN service principal name SQL Structured Query Language SRP Administration Guide Glossary 412 ...

Страница 415: ...ission Control Protocol TCP IP Transmission Control Protocol Internet Protocol TCP IP is a set of communication protocols that is used to transmit data over networks such as the Internet TKIP Temporal Key Integrity Protocol TLS Transport Layer Security Triple DES Triple Data Encryption Standard UCS Universal Content Stream UDP IP User Datagram Protocol Internet Protocol UDP User Datagram Protocol ...

Страница 416: ...tle Endian VPN virtual private network VoIP Voice over Internet Protocol WAP Wireless Application Protocol WEP Wired Equivalent Privacy witness In database mirroring a witness is a Microsoft SQL Server instance that permits the mirror database to know when to promote itself WLAN wireless local area network XML Extensible Markup Language Administration Guide Glossary 414 ...

Страница 417: ...Provide feedback 38 To provide feedback on this deliverable visit www blackberry com docsfeedback Administration Guide Provide feedback 415 ...

Страница 418: ...AS IS and AS AVAILABLE and without condition endorsement guarantee representation or warranty of any kind by Research In Motion Limited and its affiliated companies RIM and RIM assumes no responsibility for any typographical technical or other inaccuracies errors or omissions in this documentation In order to protect RIM proprietary and confidential information and or trade secrets this documentat...

Страница 419: ...E NO OTHER OBLIGATION DUTY OR LIABILITY WHATSOEVER IN CONTRACT TORT OR OTHERWISE TO YOU INCLUDING ANY LIABILITY FOR NEGLIGENCE OR STRICT LIABILITY THE LIMITATIONS EXCLUSIONS AND DISCLAIMERS HEREIN SHALL APPLY A IRRESPECTIVE OF THE NATURE OF THE CAUSE OF ACTION DEMAND OR ACTION BY YOU INCLUDING BUT NOT LIMITED TO BREACH OF CONTRACT NEGLIGENCE TORT STRICT LIABILITY OR ANY OTHER LEGAL THEORY AND SHAL...

Страница 420: ...RIMapplicable thereto NOTHING IN THIS DOCUMENTATION IS INTENDED TO SUPERSEDE ANY EXPRESS WRITTEN AGREEMENTS OR WARRANTIES PROVIDED BY RIM FOR PORTIONS OF ANY RIM PRODUCT OR SERVICE OTHER THAN THIS DOCUMENTATION Certain features outlined in this documentation might require additional development or Third Party Products and Services for access to corporate applications This product contains a modifi...

Отзывы:

Нет отзывов