Link to home
Start Free TrialLog in
Avatar of harrydolan
harrydolan

asked on

Questions on BlackBerry BES mailbox access

Hi

We are running BES 5.0.3 and Exchange 2010. We have four AD sites

London:
CAS array: Lon-CASArray

Paris:
CAS array: Par-CASArray

Manchester:
CAS array: Manc-CASArray

Glasgow:
CAS Array: Glas-CASArray

We have BES servers in each data centre, and also mailbox servers. In terms of DAG, we have one dag stretched between London and Paris, and one between Manchester and Glasgow. We run Active/Active from a site perspective, although can fail over all DB's to the alternate site if needed (e.g. for DAG1, half the DB's are active in London and the other half in Paris normally, but we can activate all DB's in Paris or London if need be).

The Blackberry service account is located on a DB named DB0001 which is normally active in London. Although we try to match BES servers to Exchange servers, each BES generally holds users from all four sites (the network latency between the four sites is pretty good so this causes no problems).

What I'm not sure is how BES accesses user mailboxes. If I look at the MAGT logs, I can see that each MAGT seems to connect to a unique CAS (e.g. MAGT1 to London CAS, MAGT 2 to Paris CAS, MAGT 3 to Manchester etc). Is it the case that the BES connects to the user mailboxes directly and the service account is only used for authentication? Or does it connect to the service account and this is somehow proxied to the user mailbox?
Avatar of Manpreet SIngh Khatra
Manpreet SIngh Khatra
Flag of India image

Is it the case that the BES connects to the user mailboxes directly and the service account is only used for authentication? Or does it connect to the service account and this is somehow proxied to the user mailbox? - Yes once user does the activation it firstly checks and connects but otherwise the information there after is caught and it can directly work with it

- Rancy
Avatar of harrydolan
harrydolan

ASKER

Hi Rancy

I'm not sure I understand your response, could you expand?
ASKER CERTIFIED SOLUTION
Avatar of Manpreet SIngh Khatra
Manpreet SIngh Khatra
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
The location of the BES Admin mailbox makes no difference. Nothing is actually moved through the mailbox. I have a number of clients using a single BES Admin account with geo-
dispersed servers.
The BES Server makes a direct MAPI connection to the relevant mailbox server in the same way as Outlook does.

Simon.
Hi Simon

I thought that too, but then I read this article here:

http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=87B1C900412F839F0935018E8E7D4B41?noCount=true&externalId=KB31003&sliceId=2&cmd=&forward=nonthreadedKC&command=show&kcId=KB31003&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl

"In Exchange 2010, each mailbox enabled account has a home CAS which determines the RPC Endpoint for all RPC connections. Since the BlackBerry Enterprise Server connects via MAPI and MAPI is based on RPC, this can have significant impact on the performance of the BlackBerry Enterprise Server. The home CAS can be determined by the RPCClientAccessServer property on the mailbox database.

If the BlackBerry Service Account's RPCClientAccessServer is not the same as that of the BlackBerry smartphone users being hosted on the BlackBerry Enterprise Server, connections to users' mailboxes may be required to proxy through one CAS before going to the destination CAS. This likely wouldn't be noticeable in a LAN or low-latency WAN, but in a high-latency WAN it could cause significant impact.

For example, if the BlackBerry Enterprise Server is in EMEA along with all the BlackBerry smartphone users' mailboxes (which all have an RPCClientAccessServer value of emea.company.com), and the BlackBerry Service Account's mailbox is in NA, with an RPCClientAccessServer value of na.company.com, then connections to users' mailboxes may need to be proxied through North America, even though the server and mailboxes are both in EMEA."

To me this doesn't make any sense, why would the BES make a MAPI connection to the CAS array of the service account?
Does anyone know?