Welcome to the Mundy IT Knowledgebase, by Daniel Mundy from Adelaide, Australia.

Mundy.net.au

IT Knowledge Base

 

Please

Please let me know what you think of my website by leaving a comment at the bottom of the page.

Login Form



 
Install BlackBerry Enterprise Server (BES) on SBS 2003 or a Domain Controller PDF Print E-mail
Written by Daniel Mundy   
Thursday, 05 March 2009 11:44

See also: BlackBerry

Historically there has been some controversy about whether or not BES should be installed on SBS. I always try to avoid it and recommend Windows Mobile based devices as the support for them is already built into Exchange, and we don't have to worry about a third party application with its compatibility issues.

That said, sometimes it is unavoidable, and you have to do something you'd prefer not to. I installed BES on SBS 2003 and I have documented the process here. It actually went fairly smoothly. I believe some of the past issues may have been worked out, so if you're reading this and have an experience to share please use the comments at the bottom of this page - I'd love to hear from you!

Installing an MSDE database instance

  1. Locate the MSDE files on the SBS 2003 CD 3 or download from Microsoft.
  2. Open a command prompt window (Start, Run, cmd, clickOK).
  3. On the Command Prompt, change to the directory where the MSDE files are located e.g. cd D:\SBS\MONITOR\MSDE
  4. Enter the following command to create the new instance:
    setup INSTANCENAME=”BESMgmt” SAPWD=”AStrongSAPwd” /L*v C:\MSDELog.log
  5. Start the service: Start -> Run -> Services.msc -> Click OK. Scroll down to the instance you just created MSSQL$BESMGMT, select and click start service.
  6. Check the log file to make sure everything installed correctly at C:\MSDELog.log

Enabling TCP/IP on the MSDE Database

  1. Then click start, run, type svrnetcn
  2. Enable TCP/IP and Named Pipes for the BESMgmt database
  3. Click Properties of the TCP/IP and change the port number to 1433
  4. Restart the service againt to apply these changes (note you will have to restart ALL services listening on the same port. eg. on SBS 2003 I had to restart both MSSQL$BESMGMT and MSSQL$SHAREPOINT)

Prep

  1. Ensure the port 3101 TCP is open on the firewall (Outbound ONLY).
  2. Create a new user called BESadmin and ensure you create a mailbox. Ensure this user is ONLY a member of "Domain users"
  3. Make BESadmin a local Administrator of the server. This is done in AD via the "Built-in" Administrators group
  4. Go to Administrative Tools on in Group Policy Management, edit the "Domain Controller Security Policy" and expand the "Local Policies" and "User Right Assignment". You need to add BESadmin to "Log on Locally" and "log on as Service".
  5. Open Exchange System Manager and right mouse click on "DOMAINNAME (Exchange)" and select Delegate Control. Follow the steps and add BESadmin as an Exchange View Only Administrator.
  6. In Exchange manager expand the servers folder and right mouse click on your server and select properties. On the security tab select BESadmin and add the permissions "Administer Information Store, Receive As, Send As"
  7. Open Active Directory and from the View menu select "Advanced Features". Then go to each user that will be added to the BES and open their properties, go to the security tab and add the user BESadmin and add the security permission "Send As". (This will overcome some MS patches that prevent BES sending emails)

Installation

  1. Log on as BESadmin and install the BES software, normally you just install "BlackBerry Enterprise Server" as most sites don't use the MDS services (MDS is a much heavier install). Follow the prompts of the install and the server will be required to restart half way through the install. Restart the server and log back on as BESadmin and the install will continue. (Make sure the Connect Test works and the SRP ID etc is validated during the install

    Database Location: Local
    Microsoft SQL Server Name: SERVER\BESMgmt
    Database Name: BESMgmt
    Port: 1433
    Data Directory: C:\Program Files\Microsoft SQL Server\
    Backup Directory: C:\Program Files\Microsoft SQL Server\
    Database Authentication: Windows (trusted)

    You'll get a prompt that database 'BESMgmt' does not currently exist. Do you want to create it? Choose Yes.
  2. After the install is finished open BlackBerry Manager, an error will appear about MAPI client which you can just hit OK. The MAPI setting windows will appear so just add the server name back in and select "Check Name", if it resolves just hit OK and the manager will start.
  3. Within Blackberry Manager click on Blackberry Domain in the left column and then the users SERVERS tab in the center section, select your server within this tab and view the properties below. Ensure that "SRP Status:" is Connected (This can take a few minutes the first time so refresh the screen a few times). Once your status is connected you can start adding users.
  4. Within Blackberry Manager click on you server name in the left column and then the users TAB in the centre section, just add a user and the click on that user. You will see all the users’ properties and a drop down menu called "Service Access” and select “Set Activation Password” and set a password of “a” for example.
  5. Turn on you BlackBerry device and ensure Wireless is enabled. Go into “Options/Settings” and “Time & Date” and set the correct zone and time etc. Then from the home screen go to enterprise activation and enter the users email address and enter the password that was set in step 4. Press the track wheel and select Activate. Within a minute you should get data returned which indicates the process is functioning correct.

Extra

Note: Sites running SBS 2003 premium will need to change the BES "Web Server Listen Port" from 8080 to another available port (e.g. 8090 or 9090) as soon as it is installed. This port needs to be changed as the BES Web Server will be listening on the same port as ISA. To change this setting open Blackberry Manager, select MDS and then "edit Properties" and change the "Web Server Listen Port" to the desired port number.

a. Also ensure you review the IT Policy in BlackBerry Manager. This can be found in BlackBerry Domain > Global TAB > Edit properties. It is recommended that in the IT Policy you go into “Device Only Items” and set “Enable WAP config” to FALSE, this will force user to use the free browser (It uses the internet connection of your BES server). It is also highly recommended that you configure a password policy prior to rolling out any handhelds.

b. If you are unable to activate devices wirelessly you can test your connectivity to Blackberry buy running the following app from the command prompt:

C:\Program Files\Research In Motion BlackBerry Enterprise Server\Utility\BBSrpTest.exe

This will send a signal to BB and wait for a response, it this fails check your firewall settings (open and/or direct port 3101 TCP to you BES server)

c. If you have Domain Admins using BlackBerry devices you may have to run the following script if you are unable to send email for those users devices:

dsacls "cn=adminsdholder,cn=system,dc=domainname,dc=c om " /G "DOMAINNAME\BESadmin:CA;Send As"

Error When Changing the Port Number

I got the following error when I tried to change the port from 1433 to 1434. I ended up just changing it back to the default 1433 and it worked.

Failed to write License key to the Database . Refer to the installation log file for more information.

Digging into the log file it says: Failed to update the license keys as no database connections.

Trackback(0)
Comments (0)Add Comment
feedSubscribe to this comment's feed

Write comment

security code
Write the displayed characters


busy
Last Updated on Thursday, 20 August 2009 11:13
 
Joomla 1.5 Templates by Joomlashack