Solved

Blackberry Enterprise Server for Exchange configured, but won't communicate over the Web

Posted on 2007-11-17
12
675 Views
Last Modified: 2011-09-20
Hi Guys.

My boss has recently presented me with a new BlackBerry Curve and told me it needs to be setup to sync email with our Exchange Server. The Blackberry gives license for using the cut-down version of the Enterprise Server (or BES, as I think it is referred?) to setup a push email service that interacts with Exchange.

I've set everything up following RIM's instructions to the dot to try and get this to work. Here's a synopsis of what I've done:

* I created the custom AD user account called 'BESAdmin' to run the services for BlackBerry Enterprise under, and to administer the system. I have followed all their points on what security righs and access rights to give this account with a fine tooth comb.

* I am running the express version of SQL Server 2005, and have created a instance and database on this which BES uses sucessfully

* I have fully installed the BES software, and put in all the correct details and license / activation keys that it asks for. There were no errors at any stage.

* I have successfuly link the BES software to it's own MAPI account for mail sending

* I have opened port 3101 on our firewall, which BlackBerry didn't tell me to do - I however assume some port(s) needed to be open, and lots of people came up as saying this on the web.

I can load up the software manager, and everything shows as connected, and very happy. I have created the one user I'm licensed to have, and linked it to his Exchange email account, with custom policy that simply requires a password. I have started the activation process, using a custom password.

I go to the blackberry, put in the email address and password as requested. I assume it should resolve and look to our server, and thus see our BES server, but it just says it fails.

And this is where I am stumped! I am new to this software, but adept if people can give me any pointers on what might be incorrectly configured, or if I need to open up firewall ports or for all I know activate something with RIM that acts as part of the infrastructure.

I hope someone can help! I need to get this fixed this weekend, so I hope someone can reply quick. Worth 500 points if you can help me bumble my way through this!

Many thanks,

Bluemercury
0
Comment
Question by:bluemercury
  • 8
  • 3
12 Comments
 
LVL 5

Accepted Solution

by:
tlbrittain earned 250 total points
ID: 20304932
the only port you need is 3101 no others - it sounds as though you have done everything correct.  I would check with your phone service provider and make sure that everything is set up correctly on their end.  Also I would verify that you actually see traffic passing across port 3101 on your firewall.  Do an SRP test in server configuration this should generate traffic across the port from your server to RIMs servers.
0
 
LVL 1

Author Comment

by:bluemercury
ID: 20304968
Many thanks indeed for your post - your message has already pointed out somthing I thought might be the case. You mentioned "Do an SRP test in server configuration this should generate traffic across the port from your server to RIMs servers.". Am I therefore right in thinking that Servers owned by RIM do make up part of the messaging infrastructure involved in the push of email? No docs could verify this for me...

Also, how can I do the SRP test? I saw this documented for the full blown enterprise server, but couldn't find the function under my cut down pro one.....

Many thanks indeed for posting so quick :)

Bluemercury
0
 
LVL 1

Author Comment

by:bluemercury
ID: 20304990
Sorry to bombard you with questions, but thinking out load could RIM having given me the wrong SRP Identifier and authentication key? Ever since I started the installation I've been concerned by the fact that I told them we were with "O2 - UK", but on our license agreement it says that our carrier is "RIM - Canada". This didn't ring right, but my lack of understanding on the SRP infrastructure and its overall purpose leaves me in the dark as to whether this is relevant or not....
0
 
LVL 1

Author Comment

by:bluemercury
ID: 20305004
I think I may have answered my own question on the last one - found an article on the web that stated: "BES communicates with RIM's SRP (Server Relay Protocol) server using Port 3101. Communication is outbound only; BES initiates a connection to the SRP server, and data passes between BES and the SRP server using this connection. The advantage here is that no inbound connection is allowed to the BES server, so no inbound ports have to be opened on the corporate firewall."

Is this report acurate? Sorry to keenly add to the messages here.....
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20305825
What Enterprise activation does is send the user an email. This email is then picked up by the BES software in the mailbox. If that email fails to get to the mailbox, then something is wrong. Do you see the email in the mailbox? If you do, then the permissions are not correct.
If you don't, then it could be blocked by antispam software. Presuming that you receive email directly and not via a POP3 connector.
Message tracking on Exchange will show you if the message is coming in if you don't have access to the mailbox to see the message for yourself.
O2 have good Blackberry support, if it comes to it. I have dealt with them a few times. If things get really tight then you could call them for assistance.

The fact that you have an agreement with RIM - Canada doesn't mean a thing - RIM ultimately control everything - the mobile phone providers are just resellers of the service.

Simon.
0
 
LVL 1

Author Comment

by:bluemercury
ID: 20309769
Many thanks for your post Sembee.

To activate the device the enterprise manager gave me two options - create a randomly generated activation password via email or create your own custom one. To date, I had always taken the latter option.

Having read your post, I tried the email method as you suggested. The email does come through (so no spam blocking), and I've tried activating the device using the activation password it sends through, but again nothing happens :(

Looks like it's time to get on the phone to O2. Infact, I have one free support token with RIM directly, so may use this up in getting them to help.

Thanks for confirming that fact that 'RIM - Canada' is an ok setting - as this is all done via the web, and as I appreciate O2 are just resellers, this makes a lot of sense. Bit concerning when they tell you conflicting things at different points on the order / download though!

Many thanks for your input, and I'll post back here to let you know how I get on....

Cheers,

Bluemercury
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 104

Expert Comment

by:Sembee
ID: 20319167
You didn't quite understand what I meant.
This has nothing to do with the activation password generated by the server. That wouldn't be blocked by spam filtering as it is an internal message.

What i am referring to is the message that is sent from the device. So when you do Enterprise Activation on the device, what the device does is send an email - so it is coming in from the Internet. That could be blocked by a spam filter.

Simon.
0
 
LVL 1

Author Comment

by:bluemercury
ID: 20319308
Hi Sembee.

Thanks for your post. Having re-read it, I see how it can be taken the way you've clarified. My apologies for misunderstanding.

Since my last post, I have had a mixed time with the BlackBerry. In a nutshell, my boss had ordered the wrong data plan from O2 - not really his fault but the monkey in the O2 shop where he got it from. O2 quickly put this right, and within 2 hours we had a BlackBerry data plan. Then activation worked perfectly, as did push email and everything. I was very excited to see it working, and that I had configured it all ok, it was just a problem with the O2 / RIM end, as we suspected might be the case.

I thought I'd hold fire on announcing the good news, just in case things went sour. They did. I get in this morning, and having worked solidly for 12 hours, the blackberry is once again refusing to receive anything. I've checked all settings, but nothing has changed our end. I suspect there is something weird going on on the network again. It seems that the inbox on the blackberry has emptied as well, but this could just be that my boss has been 'tidying' the inbox - haven't managed to get a straight answer from him on this.

I will post again once there is some kind of more success. In the meantime if you have any suggestions, they'd be very welcome. Thanks so much for your input.

Bluemercury
0
 
LVL 1

Author Comment

by:bluemercury
ID: 20319326
Looking at it, there is an underlying implication that I need to register something else with BlackBerry. Really weird that it would run fine for 12 hours as an interim, then stop working, then an hour later send me a message about some kind of BlackBerry Service registration. I'll post again soon....

Bluemercury
0
 
LVL 1

Author Comment

by:bluemercury
ID: 20329802
My suspicion was correct - the monkeys at O2 screwed up again. They had put me on a BlackBerry data plan that supports only connecting to POP3 & IMAP based email accounts. It is completely incompatible with the Enterprise services, despite us asking exactly for that! I am now waiting for the next day or so (noone can speak to me straight away about this, probably because they've got minimal staff dealing with BlackBerry services) for an O2 account manager from the enterprise side to get back to me. According to O2, their general business team never deals with Enterprise BlackBerry services - a fact I find remarkable. I know even sole traders who would happily use this service.

The service worked for the first 12 hours apparently because O2 only carry out a 'sweep' of legitimate users every 24 hours, and when they did across their network and saw my BlackBerry PIN wasn't registered, they barred me from the service.

So in a nutshell, if it hadn't been for the complete incompetance of O2, I would never have had to even post on EE!

Thanks again for you input, will post again and reward points once we've actually got resolution from O2, and this chapter can be closed.

Best wishes,

Bluemercury
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 250 total points
ID: 20330216
I do most of my deployments of Blackberry on Vodafone. With them you just ask them to enable Enterprise and they do...

Simon.
0
 
LVL 1

Author Comment

by:bluemercury
ID: 20339741
Dear Sembee & tlbrittain,

Thanks to both of you for your input. After extensive chats with O2, they have now switched on the Enterprise service for our BlackBerry. They were very apologetic and admitted it was all their fault, but wouldn't give any kind of compensation. We're writing to their complaints departments.

RIM phoned me to see how I was getting on with the BlackBerry. I told them about our whole ordeal with O2, and they said they were less than impressed, and would be putting pressure on O2 to recompense us for a bad service.

It's clear that O2 have it in their head that the professional / enterprise side of BlackBerry is only good for companies 50+ in size, a rediculous notion when I have sole traders as clients that run their own SBS Exchange implementations and want to use this technology. They really need to address their business model.

Thanks to both of you for your support in this; tlbrittain, you said right at the beginning that I had everything configured right, and that the problem was with the provider as i suspected. You were spot on, so thanks for making this observation :)

Thanks Sembee for making comments as I went along - you've helped give me a better insight to the software operation of Enterprise Server.

I will split the points evenly between the 2 of your.

Thanks again,

Bluemercury
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now