We help IT Professionals succeed at work.

BlackBerry devices can receive but not send after changing BES service account

David Haycox
David Haycox asked
BES working fine since installed several  months ago.  After server reboot yesterday, problem occurred "Failed to retrieve the Server DN".  Fixed this by setting up a new service account (BesAdmin2) with all the required permissions as per installation guide and running all BlackBerry services with the new account.  Devices now communicate ok, but they can only receive, not send.  Errors in app log from BlackBerry Messaging Agent:

Event ID: 20265
{user@domain.com} MAPIMailbox::Send(ppMAPIMessage) - SubmitMessage (0x80070005) failed
Event ID: 20472
{user@domain.com} Send() failed: ERR_SUBMIT_MAIL, Tag=6408

Error only occurs for 3 of the 4 users - one works fine.  Only difference is the user that still works was added to the BES after it was installed a few months ago - others were already set up on old server and were migrated across when it was decommissioned.

Have checked Send As permissions, assigned to BesAdmin2 correctly as per documentation.
Have tried adding Send As permissions individually to users for BesAdmin2, no change.
Have tried removing user, wiping handheld and adding again, same problem.

Server is running SBS2003 Standard R2 SP2, patched up to date.

Would appreciate any help, thanks.
Watch Question

IT manager
when you say you have checked send as permissions, is that in the AD advanced>user properties?

Check the mail stores indervidualy as well, as last time i had this problem it was due to the permissions not propergating fown to the seperate stores.
David HaycoxConsultant Engineer


Yes, AD (with advanced features enabled) user properties.  BesAdmin2 does not appear in the list (not sure if it's supposed to) so I added it anyway.

Mail stores - both public and private are both showing inherited permissions for BesAdmin2 already - so I've just added them in at that level as well (Send As, Receive As and Administer Information Store).

Let's try that - no, no difference I'm afraid.
Dave StringfellowIT manager

aye, BESadmin2 should be included in the users "send as.." part of the AD,, thats what fixed it for me when i had this issue, i know someone else who had this problem too, and we had to take Blackberry off the server, and install the new version of the software
David HaycoxConsultant Engineer


Problem solved!

Despite adding the "Send As" permission manually on each user, this would seem to be not enough.  The permission must be inherited from the parent object, as suggested in the first reply to the question by Dave_AND.

Although I'd got the permissions right, some of the user accounts (the ones that were migrated across from the customer's old SBS2000) has inheritance disabled.  User accounts created on the SBS2003 had inheritance enabled.

Solution was to enabled enheritance on the user accounts.

Worked for me too after I restarted the server.  By server I mean Exchange Server and BES server too because both are installed on the same box.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.