Blackberry Enterprise Server Guide For Microsoft Exchange

Facebookgoogle_plus

Microsoft Store

Blackberry Enterprise Server Guide For Microsoft Exchange
Pre-installation Guide:                                

Before installing the Blackberry Enterprise Server (BES) Server:
1. Check System Requirements
2. Set up a Domain User Account
3. Configure Firewall

Check to indicate that you fulfilled the requirements.

Operating System Software
The system on which you install the BES must not be a domain controller.
General: For all platforms:
o If using Windows 2000 Server download and install Microsoft .NET framework 1.1 from
http://www.microsoft.com/downloads/details.aspx?familyid=262D25E3-F589-4842-8157-034D1E7CF3A3&displaylang=en
o Hebrew fonts must be installed and Hebrew must be set as default language
o Microsoft Outlook client must not be installed on the BlackBerry server machine
o If using Windows 2000 Server the following software is required for Mobile Data Service 1.0 to function:
1. Open Database Connectivity (ODBC) on the Mobile Data Service computer. ODBC is installed with SQL Server 2000 or MSDE; if you are running Windows 2000 and not installing a database tool (which is required for the BlackBerry Enterprise Server Management database), download Microsoft Data Access Components (MDAC) 2.8 with Security Patch MS04-003 (version 2000.85.1025.00) from 
http://www.microsoft.com/downloads/details.aspx?FamilyId=39472EE8-C14A-47B4-BFCC-87988E062D91&displaylang=en .
2. When working with MSDE: Run SVRNETCN.exe from :\Program Files\Microsoft SQL Server\80\Tools\Binn and enable the TCP/IP and Named Pipes protocols.
3. The BlackBerry Enterprise Server must be able to send HTTP requests through TCP/IP Port 3101 for browsers on Mobile Data Service-enabled handhelds to function properly.

Option A: For Exchange 5.5 platforms:
o OS – Windows 2000 Server (SP3 or later)
o MS Exchange Administrator 5.5 on the BES machine and apply SP4.
o Microsoft CDO hotfix Q312273 to the BES. You can download the hotfix and obtain information on the Knowledge Base article from:
http://www.microsoft.com/downloads/release.asp?ReleaseID=38952&area=sear… and then copy the CDO.dll hotfix to C:/winnt/system32/.The CDO.dll should be version 06.00.16.5770.
o Manually register the CDO.dll hotfix using the following method: At the command prompt (C:/winnt/system32/), type the following:regsvr32 cdo.dll
o Verify that Lightweight Directory Access Protocol (LDAP) default settings include the following: Port number value is 389 (this value can be changed to prevent a port conflict with Active Directory, but you must change the LDAP port value in Blackberry Enterprise Server Management after it is installed), Enable protocol is selected, Windows NT Challenge/Response authentication is selected at the site level and the server level.

Option B: For Exchange 2000 platforms:
• OS – Windows 2000 Server (SP3 or later)
• MS system Manager for Exchange 2000 on the BES machine and apply Exchange 2000 SP2 or later

Option C: For Exchange 2003 platforms:
• OS – Windows 2003 Server (latest SP and critical updates)
• MS system Manager for Exchange 2003 (SP2 for exchange) on the BES machine (Make sure the MS system Manager Service Pack is the same as the Exchange Server Service Pack).

Option D: For Exchange 2007 platforms:
• OS – Windows 2003 Server (latest SP and critical updates)
• MS system Manager for Exchange 2003 SP2 or Microsoft Exchange Server MAPI Client and Collaboration Data Objects  on the BES machine.

2. Set Up a Domain User Account for the BES Services (You must Logon to the exchange server as an Exchange Admin, in order to run the changes below)
Set up a domain user account with Exchange mailbox called “besadmin” for the BES services
• Grant this account Local Administrators rights to the target BES Machine.
• Grant this account the “Log on as a service” right to the BES server.
• Grant this account the “Log on as a batch job” right on the BES server.
• Grant this account the “Log on locally” right on the BES server.
• Send a message to this account’s mailbox to initialize it.
• If this account is on Exchange 5.5: grant this account “Service Account Admin” rights at the Exchange Site and Configuration container level for the site which your potential Blackberry users reside
• If the account is on Exchange 2000/2003: delegate this account “View Only Administrator” permissions at the Administrative Group Level.
• If the account is on Exchange 2000/2003: grant this account “Administer Information Store”, “Send As” and “Receive As” permissions to the Exchange server security properties in addition to those already inherited from the Administrative Group level for all servers hosting user accounts for potential Blackberry users.
• If the account is on Exchange 2007: grant this account “Administer Information Store”, “Send As” and “Receive As” permissions to the Exchange server security properties in addition to those already inherited from the Administrative Group level for all servers hosting user accounts for potential Blackberry users.
On the Microsoft Exchange 2007 Server, in the Exchange Management Shell, type the following commands:
get-mailboxserver “” | add-exchangeadministrator “BESAdmin” –role ViewOnlyAdmin

get-mailboxserver “” | add-adpermission –user “BESAdmin” –accessrights ExtendedRight –extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

• Set Send As Permission to enable BlackBerry users to send messages:
1. On the taskbar, click Start > Administrative Tools > Active Directory Users and Computers.
2. On the View menu, click Advanced Features.
3. Right-click the root of the domain.
4. Click Properties.
5. On the Security tab, click Advanced.
6. Click Add.
7. Type BESAdmin.
8. Click Check Name.
9. Click OK.
10. In the Apply Onto drop-down list, click User Objects.
11. In the Allow column, select the Send As check box.
12. Click Apply.
13. Click OK.

3. Configure Firewall
Ensure your firewall is configured to allow outbound-initiated two-way TCP traffic from the Blackberry Enterprise Server to an outside server listening on port 3101. The outside server address is: srp.eu.blackberry.net. Only one connection is required per BES, and the connection can be proxied.