9:52 AM
IRSAN
BlackBerry professional Server™ Express is for the company that wants to get up and running quickly with BlackBerry Enterprise Server, and includes one Client Access License (CAL), with the ability to add up to 30 additional CALs and/or upgrade to BlackBerry Enterprise Server at any time.
The BlackBerry Professional Server Express can be downloaded for free by entering the device pin (you can find it in your BB in options/status)
http://na.BlackBerry.com/eng/services/server/offers/professional_express.jsp
You will then receive an email with a link. Click on it and verify your information. On the next page, you can start downloading the software. At the bottom of the page you will have find important information (CAL License key, SRP identifier and SRP Authentication key).
Once the download is finished, unzip it but DO NOT start the installation yet.
Go here for the steps:
http://na.BlackBerry.com/eng/support/preinstallation/exchange.jsp
If your OS is Windows Server 2003, you can install and access the BlackBerry Enterprise Server using the Microsoft remote desktop connection program.
Attention: Do not install the Terminal Server program.
The process is the following:
1. Prepare BlackBerry enterprise server
1. Install Microsoft Exchange server 2003 or 2000 SP4 specifically dedicated to a BlackBerry Enterprise server
2. Install MSMQ Version 3
To install Message Queuing on a computer running Windows Server 2003
a. Click add or remove programs in control panel
b. In the add or remove programs dialog box, click add/remove windows components
c. In the windows components wizard dialog box, in the components box, click application server, and then click details
d. In the application server dialog box, in the subcomponents of application server box, select the message queuing check box, and then click details
e. Clear the default Active Directory Integration and Triggers subcomponents and select only the Common subcomponent.
f. Click OK.
3. Verify that MDAC version 2.8 SP1 or later is installedb. In the add or remove programs dialog box, click add/remove windows components
c. In the windows components wizard dialog box, in the components box, click application server, and then click details
d. In the application server dialog box, in the subcomponents of application server box, select the message queuing check box, and then click details
e. Clear the default Active Directory Integration and Triggers subcomponents and select only the Common subcomponent.
f. Click OK.
Use component checker to do that. You can download it directly from:
http://www.microsoft.com/downloads/
4. Other software you will need to install if they are not present:
a. If you are using SNMP monitoring, you must install the SNMP service before you install the BlackBerry Enterprise Server.
Visit www.microsoft.com/technet/ for more information about installing and configuring the SNMP service.
b. Install Microsoft® Windows Media® Player Version 9 or later to support audio attachments.
5. Install one of the following database applications if needed otherwise gather the info about the SQL instance as you will need it later on.Visit www.microsoft.com/technet/ for more information about installing and configuring the SNMP service.
b. Install Microsoft® Windows Media® Player Version 9 or later to support audio attachments.
a. Microsoft SQL Server 2000 Desktop Engine (MSDE 2000)
b. Microsoft SQL Server 2000 SP3a
c. Microsoft SQL Server 2005 (Professional, Enterprise, or Express) (Recommended)
Note 2: If you install BlackBerry MDS Services, you cannot use Microsoft SQL Server 2005 Express as your database application (hopefully a solution will be found for that)
Visit Microsoft for the download of SQL Server 2005 and install it: b. Microsoft SQL Server 2000 SP3a
c. Microsoft SQL Server 2005 (Professional, Enterprise, or Express) (Recommended)
Note 2: If you install BlackBerry MDS Services, you cannot use Microsoft SQL Server 2005 Express as your database application (hopefully a solution will be found for that)
1) Use the instance “server_name\SQLEXPRESS in the installation process. (no need to reboot yet).
2) Use the same instance name: SQLEXPRESS (by default)
3) Use local service as the log on account.
4) Accept all the other options default.
2. Prepare Network 2) Use the same instance name: SQLEXPRESS (by default)
3) Use local service as the log on account.
4) Accept all the other options default.
Run a program to verify that outbound-initiated, bidirectional port communications to the BlackBerry infrastructure are operational.
1. Go to Commander and go to the directory where you unzipped the downloaded file.
2. Go to Tools directory
3. Type bbrsptext.exe –host srp.na.BlackBerry.net
4. You should receive a successful message
3. Prepare Active Directory and messaging system
1. Create a Microsoft Active Directory® account with an associated mailbox to act as a BlackBerry Enterprise. The user is called BESAdmin
2. Set permissions: http://www.BlackBerry.com
- Task 1
For a BlackBerry Enterprise Server on a Domain Controller
a. Click Start > Programs > Administrative Tools > Active Directory Users and Computers.
b. Select the Built-in folder.
c. Double-click Administrators.
d. On the Members tab, click Add.
e. Select the BlackBerry Enterprise Server service account name (for example, BESAdmin), and then click Add.
g. Click OK.
For a BlackBerry Enterprise Server on a Member Server b. Select the Built-in folder.
c. Double-click Administrators.
d. On the Members tab, click Add.
e. Select the BlackBerry Enterprise Server service account name (for example, BESAdmin), and then click Add.
g. Click OK.
a. Click Start > Administrative Tools > Computer Management.
b. In the left pane, expand System Tools and click Local Users and Groups.
c. In the right pane, double-click Groups.
d. Right-click Administrators and click Properties.
e. In the Select Users, Contacts, Computers, or Groups window, select the BlackBerry Enterprise Server service account name.
f. Click OK.
b. In the left pane, expand System Tools and click Local Users and Groups.
c. In the right pane, double-click Groups.
d. Right-click Administrators and click Properties.
e. In the Select Users, Contacts, Computers, or Groups window, select the BlackBerry Enterprise Server service account name.
f. Click OK.
- Task 2
Note: This procedure allows the BlackBerry Enterprise Server service account to access the local computer and to run the BlackBerry Enterprise Server software as a Windows® service.
a. Click Start > Administrative Tools > Local Security Policy.
If the computer is a domain controller, click Start > Administrative Tools > Domain Controller Security Policy.
b. In the Local Securities window, click Local Policies > User Rights Assignment.
c. Perform one of the following steps:
If the computer is a domain controller, click Start > Administrative Tools > Domain Controller Security Policy.
b. In the Local Securities window, click Local Policies > User Rights Assignment.
c. Perform one of the following steps:
* For Windows Server® 2000, double-click Log on Locally.
* For Windows Server 2003, double-click Allow Log on Locally.
d. Click Add User or Group.
e. Select the BlackBerry Enterprise Server service account name, and then click Add.
f. Click OK.
g. In the Local Security Settings window, double-click Log On As a Service.
h. Click Add User and then select the BlackBerry Enterprise Server service account.
i. Click OK.
e. Select the BlackBerry Enterprise Server service account name, and then click Add.
f. Click OK.
g. In the Local Security Settings window, double-click Log On As a Service.
h. Click Add User and then select the BlackBerry Enterprise Server service account.
i. Click OK.
- Task 3
Note: This procedure allows a system administrator to manage BlackBerry smartphone users and groups.
For Microsoft Exchange 2000 or 2003
a. Click Start > Programs > Microsoft Exchange > System Manager.
b. Select Administrative Groups.
c. Right-click First Administrative Group and select Delegate Control.
d. In the Exchange Administration Delegation Wizard, click Next, and then click Add.
e. Click Browse and then select the BlackBerry Enterprise Server service account.
f. Click OK.
g. In the Role drop-down list in the Delegate Control window, select Exchange View Only Administrator.
h. Click OK to add the BlackBerry Enterprise Server service account to the Users and Groups list.
i. Click Next, and then click Finish.
For Microsoft Exchange 2007b. Select Administrative Groups.
c. Right-click First Administrative Group and select Delegate Control.
d. In the Exchange Administration Delegation Wizard, click Next, and then click Add.
e. Click Browse and then select the BlackBerry Enterprise Server service account.
f. Click OK.
g. In the Role drop-down list in the Delegate Control window, select Exchange View Only Administrator.
h. Click OK to add the BlackBerry Enterprise Server service account to the Users and Groups list.
i. Click Next, and then click Finish.
To set an Exchange View Only Administrator role:
a. Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
b. In the command prompt window, type the following and then press ENTER:
add-exchangeadministrator <BESAdmin> -role ViewOnlyAdmin
where < BESAdmin> is the name of the BlackBerry Enterprise Server service account.
To check an Exchange View Only Administrator role:b. In the command prompt window, type the following and then press ENTER:
add-exchangeadministrator <BESAdmin> -role ViewOnlyAdmin
where < BESAdmin> is the name of the BlackBerry Enterprise Server service account.
a. Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
b. In the command prompt window, type the following and then press Enter:
get-exchangeadministrator | Format-List
c. Verify that the BlackBerry Enterprise Server service account has the ViewOnlyAdmin role.
b. In the command prompt window, type the following and then press Enter:
get-exchangeadministrator | Format-List
c. Verify that the BlackBerry Enterprise Server service account has the ViewOnlyAdmin role.
- Task 4
For Microsoft Exchange 2000 or 2003
a. Click Start > Programs > Microsoft Exchange > System Manager.
b. Select Administrative Groups > First Administrative Group > Servers.
c. Right-click the Microsoft Exchange Server name and then click Properties.
d. On the Security tab, select the BlackBerry Enterprise Server service account.
e. Select the following permissions from the Permissions list:
f.
b. Select Administrative Groups > First Administrative Group > Servers.
c. Right-click the Microsoft Exchange Server name and then click Properties.
d. On the Security tab, select the BlackBerry Enterprise Server service account.
e. Select the following permissions from the Permissions list:
f.
* Administer Information Store
* Send As
* Receive As
g. Click the Advanced button.
h. Verify that the Select the Allow inheritable permissions from parent to propagate to this object and all child objects option is selected.
i. Click OK.
j. Repeat the preceding steps for each Microsoft Exchange Server that will host mailboxes within the routing group.
For Microsoft Exchange 2007 h. Verify that the Select the Allow inheritable permissions from parent to propagate to this object and all child objects option is selected.
i. Click OK.
j. Repeat the preceding steps for each Microsoft Exchange Server that will host mailboxes within the routing group.
To set Send As, Receive As, and Administer Information Store permissions, complete the following steps:
a. Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
b. Type the following line, and then press Enter:
get-mailboxserver <Exchange2007> | add-adpermission -user <BESAdmin> -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin
b. Type the following line, and then press Enter:
get-mailboxserver <Exchange2007> | add-adpermission -user <BESAdmin> -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin
Where < Exchange2007> is the name of the Microsoft Exchange 2007 Server and < BESAdmin> is the name of the BlackBerry Enterprise Server service account.
If inheritiance to the individual mail stores is not enabled, to set the Send As, Receive As, and Administer information store permissions at the store level, complete the following steps from the Exchanage management shell:
get-mailboxdatabase <Exchange2007>\<dbname> | add-adpermission -user <BESAdmin> -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin
Where <dbname> = ‘First storage group\Mail box database’
To verify the Send As, Receive As, and Administer Information Store permissions, complete the following steps:a. Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
b. In the command prompt window, type the following line and press Enter.
get-mailboxserver <Exchange2007> | get-ADpermission -user <BESAdmin> | Format-List
To verify the Send As, Receive As, and Administer Information Store permissions at the mailbox store level, complete the following steps:b. In the command prompt window, type the following line and press Enter.
get-mailboxserver <Exchange2007> | get-ADpermission -user <BESAdmin> | Format-List
a. Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
b. In the command prompt window, type the following and press Enter.
get-mailboxdatabase <Exchange2007>\<dbname> | get-ADpermission -user <BESAdmin> | Format-List
For Microsoft Exchange 5.5 b. In the command prompt window, type the following and press Enter.
get-mailboxdatabase <Exchange2007>\<dbname> | get-ADpermission -user <BESAdmin> | Format-List
The BlackBerry Enterprise Server service account requires the Service Account Admin permissions on the Site container and Configuration container.
- Task 5
a. Open Active Directory Users and Computers.
b. From the View menu, select the Advanced Features option.
b. From the View menu, select the Advanced Features option.
Note: If Advanced Features is not selected, the Security tab will not be visible for domain and container objects.
c. Right-click the appropriate domain or container and then click Properties.
d. On the Security tab, click Advanced.
e. If the BlackBerry Enterprise Server service account that requires the Send As permission is not listed, click Add and then select the BlackBerry Enterprise Server service account name.
f. Click OK.
g. Double-click the BlackBerry Enterprise Server service account name.
i. Select the Send As check box.
j. Click Apply and then click OK.
k. Close the Properties window and then close Active Directory Users and Computers.
Note: For more information about the Send As permission, see article 912918 in the Microsoft Support Knowledge Base.d. On the Security tab, click Advanced.
e. If the BlackBerry Enterprise Server service account that requires the Send As permission is not listed, click Add and then select the BlackBerry Enterprise Server service account name.
f. Click OK.
g. Double-click the BlackBerry Enterprise Server service account name.
i. Select the Send As check box.
j. Click Apply and then click OK.
k. Close the Properties window and then close Active Directory Users and Computers.
Note that if the user is a domain admin or administrator you will either need to remove it from those groups or do the following:
Research: http://www.experts-exchange.com/Hardware/Handhelds_-_PDAs/BlackBerry/Q_23069375.html
To correct the “Send As” issue here are the steps used to quickly resolve this issue:
1. Open Active Directory and from the View menu select “Advanced Features”. Then go to each user that will be added to the BES and open their properties, go to the security tab and add the user BESadmin and add the security permission “Send As”.
2. Run the following script logged on as Administrator
Note: Only use this step if you have BlackBerry users that are members of Admin groups. Using best practice methods it is recommended that mobile user accounts aren’t members of any administration groups.
dsacls “cn=adminsdholder,cn=system,dc=domainname,dc=com ” /G “DOMAINNAME\BESadmin:CA;Send As”
Example 1: dsacls “cn=adminsdholder,cn=system,dc=ipsofacto,dc=office ” /G “ipsofacto\BESadmin:CA;Send As”
NOTE: dsacls can be found in the Windows Server 2003 SP1 Support Tools pack: Download details: http://www.microsoft.com/downloads/details.aspx?FamilyId=6EC50B78-8BE1-4E81-B3BE-4E7AC4F0912D
4. Install BlackBerry enterprise server
Install the BlackBerry Enterprise Server while logged in with the BESAdmin service account.
1. Execute the setup.exe
2. Follow the instruction:
a. Enter user info and accept agreement
b.Prerequisites are ok
c. Enter besadmin’s password
d. Installation path do d:\Program Files\Research In Motion\BlackBerry Enterprise Server\
e. Logs path to d:\Program Files\Research in Motion\BlackBerry Enterprise Server\
f. BB Professional software name: “enter server name”
3. Restart and log in with BESAdmin Service Accountb.Prerequisites are ok
c. Enter besadmin’s password
d. Installation path do d:\Program Files\Research In Motion\BlackBerry Enterprise Server\
e. Logs path to d:\Program Files\Research in Motion\BlackBerry Enterprise Server\
f. BB Professional software name: “enter server name”
4. The setup has restarted and the setup will continue automatically
5. Database Settings
a. Database location: local
b. SQL server: downtown\SQLEXPRESS
c. Database name BESMgmt (default) port 1433
d. Database authentication: windows trusted
It will then prompt that the database BESMgmt doesn’t exit and ask if I would like to create it Yes
It has been created.
6. Enter SRP authentication info (received at registration)b. SQL server: downtown\SQLEXPRESS
c. Database name BESMgmt (default) port 1433
d. Database authentication: windows trusted
It will then prompt that the database BESMgmt doesn’t exit and ask if I would like to create it Yes
It has been created.
a. Click on validate srp key and ID
7. Enter microsoft exchange server name : sfsbs01.Cooper-Roberts.officea. Mailbox is besadmin
b. Click on check name
c. Click ok It has populated the SRP address with srp.us.BlackBerry.net
8. Click start services to start the BB services and complete the installation by clicking on finishb. Click on check name
c. Click ok It has populated the SRP address with srp.us.BlackBerry.net
5. Activate BlackBerry device
Start the BlackBerry manager:
It asks for a mapi profile. Enter the server name (example Downtown) and user: besadmin
1. Add a BlackBerry device user
a. Open BlackBerry Manager.
b. In the left pane, click on add new users wizard
c. Select the user
d. IT policy: default
e. Device deployment:
b. In the left pane, click on add new users wizard
c. Select the user
d. IT policy: default
e. Device deployment:
1) Wirelessly … best solution as there is no need to have a physical connection with the BB device
2) Using the BB manager
3) Using desktop manager
2) Using the BB manager
3) Using desktop manager
f. User create successfully. Click device management withing a users account to assign them a device with the users messaging account, and install the appropriate service books
2. Enable wireless activation of the BlackBerry devicea. Open BlackBerry Manager.
b. In the left pane, click the appropriate BlackBerry Enterprise Server.
c. In the right pane, click the User List tab.
d. Select a BlackBerry device user account.
e. Click Service Access.
f. Click Set Activation Password.
g. Specify a password to use for the BlackBerry device activation.
3. Enable folder redirectionb. In the left pane, click the appropriate BlackBerry Enterprise Server.
c. In the right pane, click the User List tab.
d. Select a BlackBerry device user account.
e. Click Service Access.
f. Click Set Activation Password.
g. Specify a password to use for the BlackBerry device activation.
a. Highlight the device and select folder redirection.
b. Select the folders you would like the messages to be redirected to the inbox on the device
6. Finalize Installation: Activate the BlackBerry device (see activation issue article)b. Select the folders you would like the messages to be redirected to the inbox on the device
Make sure that the user has the BB enterprise plan (if you go to options, advanced options but can’t see enterprise activation; then you don’t have the plan)
1. On the BlackBerry device, open Options.
2. Select Advanced Options, then select Enterprise Activation.
3. Type the BlackBerry device user email address and activation password.
4. Select Activate.
5. Send test email messages and appointments.
7. Adding new BlackBerry users to the BlackBerry manager:
1. Order an extra license (BBE BlackBerry Enterprise Server CAL, 1 user) from the BlackBerry website
2. Add the extra license in BB manager:
a. Click on BB domain on the left
b. Then Global Tab
c. Account on the right side
d. License management
e. Enter the cal you received in the email
3. Add new user:b. Then Global Tab
c. Account on the right side
d. License management
e. Enter the cal you received in the email
a. Choose the appropriate BlackBerry enterprise express server
b. Click the server configuration tab
c. Click Common
d. Then click add user and choose the user you want to add
4. Activate the new user by setting Activation Password:b. Click the server configuration tab
c. Click Common
d. Then click add user and choose the user you want to add
a. Choose the appropriate BlackBerry enterprise express server
b. Click the Users list tab
c. Select a BlackBerry device user account
d. Click Service Activity
e. Click set an activation password
f. Specify a password
5. Enter the information in the BBb. Click the Users list tab
c. Select a BlackBerry device user account
d. Click Service Activity
e. Click set an activation password
f. Specify a password
a. On the bb, open Options
b. Select advanced options
c. Then Enterprise activation
d. Type the email and the password
e. Select activate
f. It should now synchronize with the server (it may take a long time)
g. You should now be able to send and receive messages, as well as checking contacts, calendars
b. Select advanced options
c. Then Enterprise activation
d. Type the email and the password
e. Select activate
f. It should now synchronize with the server (it may take a long time)
g. You should now be able to send and receive messages, as well as checking contacts, calendars
Posted in: BlackBerry Apps
