Administration Guide
BlackBerry Enterprise Server for Microsoft Exchange
Version: 4.1 | Service Pack: 6
SWD-493311-0708083041-001
Contents |
|
1 Creating administrator accounts..................................................................................................................................... |
13 |
Administrative roles.................................................................................................................................................................... |
13 |
Creating a BlackBerry Enterprise Server administrator in a Microsoft SQL Server environment................................... |
14 |
Assign an administrative role to a new or existing Microsoft SQL Server database account..................................... |
15 |
Configure the BlackBerry Manager to use database authentication in a Microsoft SQL Server environment............ |
15 |
2 Setting up security options............................................................................................................................................... |
17 |
How the BlackBerry Enterprise Solution encrypts data on the transport layer................................................................. |
17 |
Standard encryption algorithms that the BlackBerry Enterprise Solution uses............................................................ |
17 |
Change the encryption type.................................................................................................................................................. |
18 |
Options for extending messaging security.............................................................................................................................. |
18 |
Protection of data using the PGP Support Package for BlackBerry devices.................................................................. |
18 |
Prerequisites: Protecting data using the PGP Support Package for BlackBerry devices............................................. |
19 |
Prerequisites: Protecting data using the S/MIME Support Package for BlackBerry devices...................................... |
19 |
Generating organization-specific encryption keys for PIN-to-PIN message encryption................................................ |
20 |
Generate a new peer-to-peer encryption key.................................................................................................................... |
20 |
Authenticating the BlackBerry MDS Integration Service to the BlackBerry Manager and web services...................... |
20 |
Allow the BlackBerry MDS Integration Service to communicate with the BlackBerry Manager................................ |
21 |
Allow client authentication between the BlackBerry MDS Integration Service and web services............................. |
21 |
3 Setting up proxy servers for BlackBerry Enterprise Server components................................................................. |
23 |
Configuring certain BlackBerry Enterprise Server components to use proxy servers...................................................... |
23 |
Configure a BlackBerry Enterprise Server component to use a .pac file........................................................................ |
23 |
Configure a BlackBerry Enterprise Server component to use a proxy server................................................................ |
24 |
Configure a BlackBerry Enterprise Server component to authenticate to a proxy server on behalf of BlackBerry |
|
devices....................................................................................................................................................................................... |
24 |
4 Sharing BlackBerry Enterprise Server components..................................................................................................... |
27 |
Configuring multiple BlackBerry Enterprise Server instances to use the same BlackBerry Enterprise Server |
|
component.................................................................................................................................................................................... |
27 |
Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry MDS Connection Service |
|
.................................................................................................................................................................................................... |
27 |
Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry MDS Integration Service |
|
.................................................................................................................................................................................................... |
28 |
Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry Collaboration Service |
|
.................................................................................................................................................................................................... |
28 |
5 Setting up user accounts................................................................................................................................................... |
29 |
Adding user accounts to the BlackBerry Enterprise Server.................................................................................................. |
29 |
Add user accounts to the BlackBerry Enterprise Server.................................................................................................... |
29 |
Creating user groups................................................................................................................................................................... |
29 |
Create a user group................................................................................................................................................................. |
29 |
Add a user account to a user group...................................................................................................................................... |
30 |
6 Sending software and Java applications to BlackBerry devices............................................................................... |
31 |
Making BlackBerry Device Software and Java applications available to users................................................................. |
31 |
Making software and applications available on a network drive......................................................................................... |
31 |
Install the BlackBerry Device Software on a network drive.............................................................................................. |
31 |
Add a Java application to a network drive........................................................................................................................... |
32 |
Add a collaboration client to a network drive..................................................................................................................... |
32 |
Add the BlackBerry MDS Runtime to a network drive....................................................................................................... |
32 |
Indexing applications on a network drive................................................................................................................................ |
33 |
Create or update a software index for applications on a network drive......................................................................... |
33 |
Share a network drive for applications................................................................................................................................ |
33 |
Defining software configurations............................................................................................................................................. |
33 |
Create a software configuration........................................................................................................................................... |
34 |
Define an application control policy.................................................................................................................................... |
34 |
Assign an application control policy to an application..................................................................................................... |
35 |
Assign a software configuration to a user group............................................................................................................... |
35 |
Assign a software configuration to a user account............................................................................................................ |
35 |
Send an application to a BlackBerry device over the wireless network.............................................................................. |
36 |
Monitor wireless application push failures.............................................................................................................................. |
36 |
Error messages: Wireless application push......................................................................................................................... |
36 |
Install the BlackBerry Device Software or BlackBerry Applications on a BlackBerry device using the BlackBerry |
|
Manager........................................................................................................................................................................................ |
39 |
Installing the collaboration client on BlackBerry devices..................................................................................................... |
39 |
7 Setting up the messaging environment......................................................................................................................... |
41 |
Creating email message filters.................................................................................................................................................. |
41 |
Create an email message filter that applies to all users................................................................................................... |
41 |
Turn on an email message filter that applies to all user accounts.................................................................................. |
42 |
Create an email message filter that applies to a user group............................................................................................ |
42 |
Turn on an email message filter that applies to a user group.......................................................................................... |
43 |
Create an email message filter that applies to a specific user account......................................................................... |
43 |
Turn on an email message filter that applies to a specific user account........................................................................ |
44 |
Enforcing secure messaging using classifications................................................................................................................. |
45 |
Configure message classifications............................................................................................................................................ |
45 |
Create a message classification............................................................................................................................................ |
45 |
Create a message classification based on an existing classification.............................................................................. |
46 |
Order message classifications.............................................................................................................................................. |
46 |
Delete message classifications............................................................................................................................................. |
47 |
Mapping address book fields for synchronization and address lookups............................................................................ |
47 |
Map an address book field in the email application to an address book field on all BlackBerry devices................. |
48 |
Map an address book field in the email application to an address book field on a specific BlackBerry device....... |
48 |
Map address book fields that users defined to address book fields on all BlackBerry devices.................................. |
48 |
Map address book fields that users defined to address book fields on a specific BlackBerry device........................ |
49 |
8 Making BlackBerry MDS Runtime Applications available to users.......................................................................... |
51 |
Creating BlackBerry MDS Runtime Applications and sending them to BlackBerry devices........................................... |
51 |
Preparing BlackBerry devices to install BlackBerry MDS Runtime Applications.............................................................. |
53 |
Configuring access to web services and managing signed and unsigned applications.................................................. |
54 |
Allow BlackBerry MDS Runtime Applications to access web services using HTTPS.................................................... |
54 |
Define a BlackBerry MDS Runtime Application as a trusted application...................................................................... |
54 |
Configure whether users can install unsigned BlackBerry MDS Runtime Applications on BlackBerry devices...... |
55 |
Configuring how users access and use BlackBerry MDS Runtime Applications............................................................... |
55 |
Create a BlackBerry MDS Integration Service device policy............................................................................................ |
55 |
Assign a BlackBerry MDS Integration Service device policy to a user group................................................................ |
56 |
Assign a BlackBerry MDS Integration Service device policy to a specific user............................................................. |
56 |
Sending BlackBerry MDS Runtime Applications to BlackBerry devices............................................................................. |
56 |
Install a BlackBerry MDS Runtime Application on BlackBerry devices.......................................................................... |
57 |
Install a BlackBerry MDS Runtime Application on a specific BlackBerry device.......................................................... |
57 |
Applying an application control policy to a BlackBerry MDS Runtime Application......................................................... |
58 |
Add the application launcher file for a BlackBerry MDS Runtime Application to the network drive........................ |
58 |
Assign an application control policy to a BlackBerry MDS Runtime Application......................................................... |
59 |
9 Configuring how users access enterprise applications and web content............................................................... |
61 |
Specifying a BlackBerry MDS Connection Service as the central push server.................................................................. |
61 |
Specify the central push server............................................................................................................................................. |
61 |
Configuring how BlackBerry devices authenticate to content servers............................................................................... |
61 |
Configure how BlackBerry devices authenticate to content servers.............................................................................. |
62 |
Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that |
|
use NTLM.................................................................................................................................................................................. |
62 |
Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that |
|
use Kerberos............................................................................................................................................................................. |
63 |
Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that |
|
use LTPA.................................................................................................................................................................................... |
63 |
Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to the RSA Authentication |
|
Manager.................................................................................................................................................................................... |
63 |
Configuring how the BlackBerry MDS Connection Service manages requests for web content.................................... |
64 |
Configure the BlackBerry MDS Connection Service to manage HTTP cookie storage................................................ |
64 |
Configure the timeout limit for HTTP connections with BlackBerry devices................................................................. |
64 |
Configure the timeout limit for HTTP connections to web servers.................................................................................. |
65 |
Configure the maximum number of times that the BlackBerry Browser accepts HTTP redirections........................ |
65 |
Allowing push applications to make trusted connections to the BlackBerry MDS Connection Service........................ |
65 |
Create a key store to store certificates for use with HTTPS connections....................................................................... |
66 |
Add a certificate for the BlackBerry MDS Connection Service........................................................................................ |
66 |
Export the BlackBerry MDS Connection Service certificate to make it available to push applications.................... |
67 |
Import the BlackBerry MDS Connection Service certificate to the key store of a push application.......................... |
67 |
Configuring how applications open trusted connections to web servers........................................................................... |
68 |
Allow BlackBerry devices to connect to untrusted web servers....................................................................................... |
68 |
Configure the BlackBerry MDS Connection Service to retrieve certificates for web servers...................................... |
68 |
Configure the BlackBerry MDS Connection Service to retrieve the status of certificates for web servers............... |
69 |
Add retrieved certificates for web servers........................................................................................................................... |
70 |
Configuring how the BlackBerry MDS Connection Service connects to BlackBerry devices.......................................... |
70 |
Specify the maximum amount of data that the BlackBerry MDS Connection Service can send to BlackBerry devices |
|
.................................................................................................................................................................................................... |
70 |
Specify the pending content timeout limit for the BlackBerry MDS Connection Service........................................... |
70 |
Allow Java applications to use persistent socket connections with the BlackBerry MDS Connection Service........ |
71 |
Specify the thread pool size of the BlackBerry MDS Connection Service...................................................................... |
71 |
Specify the maximum number of persistent socket connections.................................................................................... |
71 |
Specify the port number that the web server listens on for push application requests............................................... |
72 |
Specify how often the BlackBerry MDS Connection Service polls for configuration information............................. |
72 |
10 Assigning BlackBerry devices to users........................................................................................................................... |
73 |
Preparing to distribute BlackBerry devices............................................................................................................................. |
73 |
Change how the BlackBerry Enterprise Server loads users’ existing messages onto BlackBerry devices................ |
73 |
Prevent the BlackBerry Enterprise Server from loading legacy messages onto new BlackBerry devices................. |
73 |
Assigning BlackBerry devices to user accounts...................................................................................................................... |
74 |
Option 1: Activate a BlackBerry device using the BlackBerry Manager......................................................................... |
74 |
Option 2: Activating BlackBerry devices over the wireless network............................................................................... |
74 |
Option 3: Activating BlackBerry devices over the LAN..................................................................................................... |
78 |
11 Managing administrator accounts.................................................................................................................................. |
79 |
Assign a BlackBerry Enterprise Server administrator to a different administrative role................................................. |
79 |
Delete an administrator account from a BlackBerry Enterprise Server.............................................................................. |
79 |
12 Controlling the BlackBerry environment....................................................................................................................... |
81 |
Controlling BlackBerry device access to the BlackBerry Enterprise Server....................................................................... |
81 |
Turn on the Enterprise Service Policy.................................................................................................................................. |
81 |
Permit a user to override the Enterprise Service Policy.................................................................................................... |
82 |
Controlling BlackBerry device behavior using IT policies..................................................................................................... |
82 |
Create an IT policy.................................................................................................................................................................. |
82 |
Assign an IT policy to a group of users................................................................................................................................ |
83 |
Assign an IT policy to a user account................................................................................................................................... |
84 |
Enforcing IT policy changes over the wireless network.................................................................................................... |
84 |
Deactivating BlackBerry devices without applied IT policies........................................................................................... |
85 |
Changing the default behavior of the BlackBerry devices and BlackBerry Desktop Software in your organization |
|
.................................................................................................................................................................................................... |
85 |
Returning to the original default behavior of BlackBerry devices and the BlackBerry Desktop Software............... |
86 |
Creating new IT policy rules to control third-party applications..................................................................................... |
87 |
13 Managing user accounts................................................................................................................................................... |
89 |
Managing user groups................................................................................................................................................................ |
89 |
Change the properties of a user group................................................................................................................................ |
89 |
Rename a user group.............................................................................................................................................................. |
89 |
Delete a user group................................................................................................................................................................. |
90 |
Managing user accounts............................................................................................................................................................ |
90 |
Move a user account to a different user group................................................................................................................... |
90 |
Move a user account out of a user group............................................................................................................................. |
90 |
Move a user account from one BlackBerry Enterprise Server to another....................................................................... |
91 |
Delete a user account from the BlackBerry Enterprise Server......................................................................................... |
91 |
Update a user account manually.......................................................................................................................................... |
91 |
14 Protecting and reassigning BlackBerry devices........................................................................................................... |
93 |
Protecting lost, stolen, or replaced BlackBerry devices......................................................................................................... |
93 |
Protect a lost BlackBerry device........................................................................................................................................... |
93 |
Protect a lost BlackBerry device that a user might recover.............................................................................................. |
94 |
Protect a stolen BlackBerry device....................................................................................................................................... |
94 |
Reissuing BlackBerry devices to new users............................................................................................................................. |
94 |
Preparing a BlackBerry device for redistribution............................................................................................................... |
95 |
15 Managing wireless applications...................................................................................................................................... |
97 |
Managing applications on BlackBerry devices....................................................................................................................... |
97 |
Upgrade an application on a BlackBerry device over the wireless network.................................................................. |
97 |
Remove applications from BlackBerry devices over the wireless network..................................................................... |
97 |
Change an application control policy.................................................................................................................................. |
97 |
Managing software configurations........................................................................................................................................... |
98 |
Delete a software configuration from a user account....................................................................................................... |
98 |
Create a software configuration based on an existing software configuration............................................................ |
98 |
16 Managing organizer data synchronization.................................................................................................................... |
99 |
Turning off organizer data synchronization............................................................................................................................ |
99 |
Turn off synchronization of organizer data for all user accounts.................................................................................... |
99 |
Turn off synchronization of organizer data for a user group............................................................................................ |
99 |
Turn off synchronization of organizer data for a specific user account.......................................................................... |
99 |
Changing how organizer data synchronizes........................................................................................................................... |
100 |
Change the direction of organizer data synchronization for all user accounts............................................................. |
100 |
Change the direction of organizer data synchronization for a user group.................................................................... |
100 |
Change the direction of organizer data synchronization for a specific user account.................................................. |
101 |
Change how conflicts during organizer data synchronization are resolved for all user accounts............................. |
101 |
Change how conflicts during organizer data synchronization are resolved for a user group..................................... |
101 |
Change how conflicts during organizer data synchronization are resolved for a specific user account.................. |
102 |
17 Managing your messaging environment and attachment support........................................................................... |
103 |
Managing message forwarding................................................................................................................................................. |
103 |
Forward messages to a BlackBerry device when no filter rules apply............................................................................ |
103 |
Do not deliver messages to a BlackBerry device when no filter rules apply.................................................................. |
103 |
Forward messages from inbox subfolders to a BlackBerry device................................................................................... |
104 |
Turn off synchronization for messages sent from BlackBerry devices that belong to a user group.......................... |
104 |
Turn off synchronization for messages sent from a BlackBerry device.......................................................................... |
104 |
Turn off message forwarding to user accounts in a user group....................................................................................... |
105 |
Turn off message forwarding to a user account................................................................................................................. |
105 |
Managing wireless message reconciliation............................................................................................................................. |
105 |
Turn off wireless message reconciliation............................................................................................................................ |
106 |
Turn on reconciliation for permanently deleted messages.............................................................................................. |
106 |
Managing content in RTF and HTML-formatted messages.................................................................................................. |
106 |
View settings for HTML-formatted messages..................................................................................................................... |
106 |
Turn off rich content and inline images for groups of users............................................................................................. |
107 |
Turn off rich content and inline images in messages for individual users..................................................................... |
107 |
Managing access to remote message data............................................................................................................................. |
108 |
Turn off the ability to check meeting invitee availability on the BlackBerry device..................................................... |
108 |
Turn off the ability to search for remote email messages from the BlackBerry device................................................ |
108 |
Managing message signatures and disclaimers..................................................................................................................... |
108 |
Add a signature to all messages sent by members of a user group................................................................................ |
108 |
Add a signature to all messages sent from a user’s BlackBerry device.......................................................................... |
109 |
Add a disclaimer to all messages sent from BlackBerry devices..................................................................................... |
109 |
Add a disclaimer to all messages sent by members of a user group............................................................................... |
109 |
Add a disclaimer to all messages sent from a user’s BlackBerry device......................................................................... |
110 |
Specify conflict rules for disclaimers.................................................................................................................................... |
110 |
Turn off disclaimers................................................................................................................................................................. |
111 |
Monitor messages that users send from their BlackBerry devices...................................................................................... |
111 |
Managing the incoming message queue................................................................................................................................. |
111 |
Delete messages for a specific user from the incoming message queue....................................................................... |
111 |
Managing the wireless backup and recovery of organizer data.......................................................................................... |
112 |
Turn off the wireless backup of organizer data for a user group..................................................................................... |
112 |
Turn off the wireless backup of organizer data for a user account................................................................................. |
112 |
Delete a user’s organizer data from the BlackBerry Enterprise Server........................................................................... |
113 |
Synchronizing contact pictures................................................................................................................................................. |
113 |
Turn off synchronization for contact pictures on a user account.................................................................................... |
113 |
Sending notification messages to users.................................................................................................................................. |
113 |
Send a notification message to all users in the BlackBerry Domain............................................................................... |
114 |
Send a notification message to all users on a BlackBerry Enterprise Server................................................................. |
114 |
Send a notification message to the members of a user group......................................................................................... |
114 |
Send a notification message to a specific user................................................................................................................... |
114 |
Managing instant messaging.................................................................................................................................................... |
114 |
Change the instant messaging server that the BlackBerry Collaboration Service connects to................................. |
115 |
Changing the transport protocol that the BlackBerry Collaboration Service uses to connect to the instant |
|
messaging server..................................................................................................................................................................... |
115 |
Specify the Microsoft Windows domain name for users who log in to the collaboration client................................. |
116 |
Managing instant messaging sessions.................................................................................................................................... |
117 |
Specify the maximum number of instant messaging sessions that can be open at the same time........................... |
117 |
Specify the idle timeout limit for instant messaging sessions......................................................................................... |
117 |
Specify the inactivity timeout limit for instant messaging sessions............................................................................... |
117 |
Managing instant messaging features..................................................................................................................................... |
118 |
Prevent users from sending specific file types to instant messaging contacts using the BlackBerry Client for IBM |
|
Lotus Sametime....................................................................................................................................................................... |
118 |
Specifying the maximum size of file types that users can send using the BlackBerry Client for IBM Lotus Sametime |
|
.................................................................................................................................................................................................... |
118 |
Prevent users from sending instant messaging conversations in email messages...................................................... |
118 |
Prevent users from saving instant messaging conversations........................................................................................... |
119 |
Manage the icon that appears on the BlackBerry device for mobile contacts.............................................................. |
119 |
Make additional contact information and phone numbers available for the BlackBerry Client for IBM Lotus |
|
Sametime users........................................................................................................................................................................ |
119 |
Troubleshooting: Instant messaging........................................................................................................................................ |
120 |
Users cannot view phone numbers for contacts in the BlackBerry Client for IBM Lotus Sametime.......................... |
121 |
Optimizing how the BlackBerry Attachment Service converts attachments..................................................................... |
122 |
Optimize how the BlackBerry Attachment Service converts attachments.................................................................... |
122 |
BlackBerry Attachment Service optimization settings...................................................................................................... |
123 |
Change the maximum file size for attachments that users can receive......................................................................... |
124 |
Suggested file sizes for attachments................................................................................................................................... |
124 |
Change the maximum dimensions for image attachments that users can view........................................................... |
125 |
Optimizing how the BlackBerry Messaging Agent reconciles attachments to the messaging server........................... |
125 |
Change the maximum file size for attachments that users can send............................................................................. |
126 |
Prevent users from sending large attachments.................................................................................................................. |
126 |
Change the maximum file size of attachments that users can download...................................................................... |
126 |
Turn off support for an attachment file format....................................................................................................................... |
127 |
Add support for additional attachment file formats.............................................................................................................. |
127 |
18 Managing BlackBerry MDS Runtime Applications....................................................................................................... |
129 |
Upgrade a BlackBerry MDS Runtime Application on BlackBerry devices.......................................................................... |
129 |
Remove a trusted certificate from the BlackBerry MDS Integration Service..................................................................... |
130 |
Making installed BlackBerry MDS Runtime Applications unavailable on BlackBerry devices........................................ |
130 |
Make an installed BlackBerry MDS Runtime Application unavailable on BlackBerry devices................................... |
130 |
Make an installed BlackBerry MDS Runtime Application available on BlackBerry devices again............................. |
130 |
Removing BlackBerry MDS Runtime Applications................................................................................................................. |
131 |
Make a BlackBerry MDS Runtime Application unavailable for installation................................................................... |
131 |
Remove an installed BlackBerry MDS Runtime Application from BlackBerry devices................................................. |
131 |
Remove an installed BlackBerry MDS Runtime Application from a specific BlackBerry device................................. |
132 |
Configuring a new connection between a BlackBerry MDS Integration Service and a BlackBerry MDS Connection |
|
Service........................................................................................................................................................................................... |
132 |
Make a BlackBerry MDS Connection Service available to a BlackBerry MDS Integration Service............................ |
133 |
Make a BlackBerry MDS Connection Service unavailable to a BlackBerry MDS Integration Service....................... |
133 |
19 Managing how users access enterprise applications and web content................................................................... |
135 |
Restricting user access to content on web servers................................................................................................................ |
135 |
Restrict requests for content on web servers from BlackBerry devices.......................................................................... |
135 |
Specify web address patterns................................................................................................................................................ |
135 |
Create a pull rule..................................................................................................................................................................... |
136 |
Restrict or allow web address patterns using a pull rule.................................................................................................. |
136 |
Assign a pull rule to a user group......................................................................................................................................... |
137 |
Assign a pull rule to a specific user...................................................................................................................................... |
137 |
Restricting user access to media content in the BlackBerry Browser................................................................................. |
137 |
Prevent users from accessing specific media types........................................................................................................... |
138 |
Configure a maximum file size for media types.................................................................................................................. |
138 |
Restricting the push application content that users can receive........................................................................................ |
138 |
Restrict push applications from sending data to BlackBerry devices............................................................................. |
139 |
Create push initiators for push applications....................................................................................................................... |
139 |
Turn on push authorization.................................................................................................................................................... |
140 |
Create a push rule................................................................................................................................................................... |
140 |
Assign push initiators to a push rule.................................................................................................................................... |
141 |
Assign a push rule to a user group....................................................................................................................................... |
141 |
Assign a push rule to a specific user.................................................................................................................................... |
141 |
Encrypt push requests that push applications send to BlackBerry devices................................................................... |
142 |
Associate a push initiator with the BlackBerry MDS Integration Service...................................................................... |
142 |
Managing push application requests....................................................................................................................................... |
143 |
Specify device ports for application-reliable push requests............................................................................................ |
143 |
Store push application requests in the BlackBerry Configuration Database................................................................ |
144 |
Configure the settings for storing push requests in the BlackBerry Configuration Database................................... |
144 |
Configure the maximum number of active connections that the BlackBerry MDS Connection Service can process |
|
.................................................................................................................................................................................................... |
144 |
Configure the maximum number of queued connections that the BlackBerry MDS Connection Service can process |
|
.................................................................................................................................................................................................... |
145 |
Delete requests from the push request queue manually.................................................................................................. |
145 |
20 Monitoring a BlackBerry Domain.................................................................................................................................... |
147 |
How the BlackBerry Controller monitors the BlackBerry Enterprise Server components............................................... |
147 |
Changing how the BlackBerry Controller monitors the BlackBerry Enterprise Server components and restarts |
|
services.......................................................................................................................................................................................... |
147 |
Change how the BlackBerry Controller restarts the BlackBerry Messaging Agent...................................................... |
147 |
Change how the BlackBerry Controller restarts the BlackBerry Enterprise Server services....................................... |
150 |
Monitoring the BlackBerry MDS Integration Service notification messages..................................................................... |
152 |
Set up monitoring of the BlackBerry MDS Integration Service notification messages for a BlackBerry device...... |
152 |
Monitor the BlackBerry MDS Integration Service notification messages for a BlackBerry device............................ |
153 |
Filter the BlackBerry MDS Integration Service notification messages by date and time............................................ |
153 |
Block notification messages from a web services host...................................................................................................... |
153 |
Remove all notification messages for the BlackBerry MDS Integration Service........................................................... |
154 |
Monitoring PIN messages, SMS text messages, and calls.................................................................................................... |
154 |
Change the default location for the PIN message, SMS text message, and phone log files....................................... |
154 |
Monitor PIN messages........................................................................................................................................................... |
154 |
Monitor SMS text messages.................................................................................................................................................. |
155 |
Turn off call logging................................................................................................................................................................ |
156 |
Log files for the BlackBerry Enterprise Server components.................................................................................................. |
156 |
Changing where the BlackBerry Enterprise Server components write log files................................................................ |
156 |
Change the location where the BlackBerry Enterprise Server components write log files......................................... |
156 |
Store all of the BlackBerry Enterprise Server component log files in one folder.......................................................... |
157 |
Changing how the BlackBerry Enterprise Server components create log files................................................................. |
157 |
Add a prefix to the file names of all the BlackBerry Enterprise Server component log files....................................... |
157 |
Configure the maximum size for a BlackBerry Enterprise Server component log file.................................................. |
157 |
Change the logging level for a BlackBerry Enterprise Server component..................................................................... |
158 |
Create a new BlackBerry Enterprise Server component log file when the current log file reaches the maximum |
|
size............................................................................................................................................................................................. |
158 |
Change the identifier for a BlackBerry Enterprise Server component log file.............................................................. |
159 |
Prevent a BlackBerry Enterprise Server component from creating a daily log file....................................................... |
159 |
Configure when to delete BlackBerry Enterprise Server component log files............................................................... |
159 |
Changing how the BlackBerry MDS Connection Service creates a log file....................................................................... |
160 |
Change the logging level for the BlackBerry MDS Connection Service......................................................................... |
160 |
Change the location where the BlackBerry MDS Connection Service writes log files................................................. |
160 |
Change the interval at which the BlackBerry MDS Connection Service writes information to the log file.............. |
161 |
Change the logging level for the UDP log file.................................................................................................................... |
161 |
Change the port number that the BlackBerry MDS Connection Service connects to when sending UDP log file |
|
messages.................................................................................................................................................................................. |
161 |
Change the logging level for the TCP log file..................................................................................................................... |
162 |
Change the port number that the BlackBerry MDS Connection Service connects to when sending TCP log file |
|
messages.................................................................................................................................................................................. |
162 |
Change the logging level for the Event log file.................................................................................................................. |
162 |
Change which BlackBerry MDS Connection Service activities are written to the log file............................................... |
162 |
Change which BlackBerry Collaboration Service activities are written to the log file..................................................... |
164 |
21 Managing a BlackBerry Domain...................................................................................................................................... |
165 |
Managing multiple BlackBerry Domain instances................................................................................................................. |
165 |
Connect the BlackBerry Manager to a different BlackBerry Domain............................................................................. |
165 |
Managing CAL keys..................................................................................................................................................................... |
165 |
Add or delete a CAL key......................................................................................................................................................... |
165 |
Copy a license key to a text file............................................................................................................................................. |
166 |
22 Glossary................................................................................................................................................................................ |
167 |
23 Legal notice.......................................................................................................................................................................... |
171 |
Administration Guide |
Creating administrator accounts |
Creating administrator accounts |
1 |
The BlackBerry® Enterprise Server uses predefined roles, which correspond to common administrative roles in organizations, to control who can perform specific tasks and limit who can access sensitive data in your organization.
You assign each BlackBerry Enterprise Server administrator to an administrative role. If you already manage your organization using Windows® groups, assign those groups to the administrative roles so that you can manage role membership through the group.
When an administrator starts the BlackBerry Manager, the BlackBerry Manager checks the authentication credentials, determines the administrative role, and displays a list of the tasks that the administrator can perform.
Role |
Description |
|
|
|
|
security administrator (rim_db_admin_security) |
These administrators can perform all tasks. They are the |
|
|
only administrators who can manage role membership and |
|
|
change sensitive security properties, such as licenses and |
|
|
encryption keys. |
|
|
The administrator account that you created during the |
|
|
installation process is assigned the security administrator |
|
|
role automatically. |
|
enterprise administrator (rim_db_admin_enterprise) |
These administrators can perform all tasks that relate to |
|
|
user accounts, services, instances of the BlackBerry |
|
|
Enterprise Server, and global application data. |
|
|
These administrators cannot view role membership, |
|
|
licenses, or encryption keys. |
|
device administrator (rim_db_admin_handheld) |
These administrators can perform all tasks that relate to |
|
|
user accounts and BlackBerry device management, |
|
|
including: |
|
|
• |
supporting new user accounts |
|
• |
implementing BlackBerry devices |
|
• |
managing software configurations |
|
|
|
13
Administration Guide |
Creating a BlackBerry Enterprise Server administrator in a Microsoft SQL Server environment |
Role |
Description |
|
|
|
|
|
• |
managing the installation and behavior of third-party |
|
|
applications on BlackBerry devices |
senior help desk administrator |
These administrators can perform all tasks that relate to |
|
(rim_db_admin_sr_helpdesk) |
user account management, including: |
|
|
• |
adding, moving, and deleting user accounts |
|
• |
updating and sending IT policies to BlackBerry devices |
|
• |
sending IT administration commands to BlackBerry |
|
|
devices |
junior help desk administrator |
These administrators can perform tasks that relate to user |
|
(rim_db_admin_jr_helpdesk) |
account management, including: |
|
|
• |
creating and sending passwords for activating |
|
|
BlackBerry devices over the wireless network |
|
• |
resending service books or IT policies |
|
These administrators cannot add, move, or delete user |
|
|
accounts or send certain IT administration commands. |
|
auditor (rim_db_admin_audit_<role>) |
These administrators can view all tasks and properties that |
|
|
relate to the role, but they cannot perform the tasks or |
|
|
change the properties. Use this view-only role when |
|
|
training new administrators. |
|
|
|
|
Creating a BlackBerry Enterprise Server administrator in a Microsoft SQL Server environment
BlackBerry® Enterprise Server administrators are database users who can access the BlackBerry Configuration Database using the BlackBerry Manager. This access is restricted to the administrative roles that the BlackBerry Enterprise Server administrators are assigned to.
Only administrators who are assigned to the security administrator role can create other BlackBerry Enterprise Server administrators accounts. When creating administrator accounts, perform one of the following tasks:
•assign an administrative role to an existing database account
•create a new database account and assign it an administrative role
14
Administration Guide |
Configure the BlackBerry Manager to use database authentication in a Microsoft SQL Server environment |
Assign an administrative role to a new or existing Microsoft SQL Server database account
Note: Do not assign an administrative role using the Microsoft® SQL Server® consoles or assign more than one administrative role to an administrator. The BlackBerry® Configuration Database uses the most restrictive settings to determine which tasks the BlackBerry Manager displays, so an administrator who is assigned both enterprise and junior help desk roles sees only the tasks for the junior help desk role.
Before you begin:
•Verify that you have the system administrator role on the database server.
•If you are assigning an administrator to the security or enterprise administrative role, verify that the administrator has administrative permission on the Microsoft® Exchange messaging server.
•If you are creating a new database account and want to use Windows® authentication, verify that the Windows user account or group already exists.
1.In the BlackBerry Manager, in the left pane, click BlackBerry Domain.
2.On the Role Administration tab, click a role.
3.Complete one of the following actions:
•To add an administrative role to an existing Microsoft SQL Server database account, click List Administrators.
•To create a new Microsoft SQL Server database account and assign it to an administrative role, click Add Administrators.
4.Complete one of the following actions:
•To add an administrative role to an existing administrator account, click the administrator account that you want to add the role to.
•To create a database account only and add an administrative role to the account, type a user name.
•To create a database account for an existing Windows user account or group and add an administrative role to the account, type a user name preceded by a domain name (for example, DOMAIN\username).
5.If prompted, type and confirm a password.
6.Click OK.
Configure the BlackBerry Manager to use database authentication in a Microsoft SQL Server environment
During the installation process, if you choose to connect to the BlackBerry® Configuration Database using Windows® authentication, the BlackBerry Manager uses Windows authentication automatically. If you create database accounts for your administrators, you must change the type of authentication that the BlackBerry Manager uses.
1.In the BlackBerry Manager, on the Tools menu, click Options.
2.Click Database.
3.In the Authentication drop-down list, click Database Authentication.
15
Administration Guide |
Configure the BlackBerry Manager to use database authentication in a Microsoft SQL Server environment |
4.Click OK.
5.Restart the BlackBerry Manager.
16
Administration Guide |
Setting up security options |
Setting up security options |
2 |
The BlackBerry® Enterprise Solution uses a symmetric key encryption algorithm (Triple DES or AES) to protect all data that the BlackBerry® Enterprise Server and a BlackBerry device send between them.
The BlackBerry Enterprise Solution uses the symmetric key encryption algorithm to create message keys and master encryption keys, and uses those encryption keys to encrypt all data that the BlackBerry device sends or receives, while the data travels between the BlackBerry device and the BlackBerry Enterprise Server.
This data encryption process occurs automatically and is designed to verify that a message that a user sends from a BlackBerry device, which is outside the organization's firewall, remains protected on the transport layer until the BlackBerry Enterprise Server receives the message.
Standard encryption algorithms that the BlackBerry Enterprise Solution uses
Encryption type |
Description |
|
|
|
|
Triple DES |
• |
default encryption method |
|
• |
uses the Triple DES algorithm to encrypt and decrypt all data that the |
|
|
BlackBerry® Enterprise Server and all BlackBerry devices on the BlackBerry |
|
|
Enterprise Server send between them |
AES |
• |
uses the AES algorithm to encrypt and decrypt all data that the BlackBerry |
|
|
Enterprise Server and all BlackBerry devices on the BlackBerry Enterprise |
|
|
Server send between them |
|
• |
designed to use a longer encryption key to provide a better combination of |
|
|
security and performance than Triple DES |
|
• |
designed to protect user data and encryption keys from traditional attacks |
|
|
and side-channel attacks |
|
• |
requires BlackBerry® Desktop Software version 4.0 or later and BlackBerry® |
|
|
Device Software version 4.0 or later |
Triple DES and AES |
• |
permits use of either the Triple DES algorithm or AES algorithm to encrypt |
|
|
and decrypt all data that the BlackBerry Enterprise Server and all BlackBerry |
|
|
devices on the BlackBerry Enterprise Server send between them |
|
|
|
17
Administration Guide |
Options for extending messaging security |
Encryption type |
Description |
|
|
|
|
|
• |
uses Triple DES encryption on BlackBerry devices that do not support AES |
|
|
(BlackBerry devices that are running BlackBerry Device Software versions |
|
|
earlier than version 4.0) |
|
• |
by default, uses AES encryption on BlackBerry devices that support AES |
|
|
|
Change the encryption type
1.In the BlackBerry® Manager, in the left pane, click a BlackBerry® Enterprise Server.
2.On the Server Configuration tab, click Edit Properties.
3.Click General.
4.In the Security section, click Encryption Algorithm.
5.In the drop-down list, select an encryption type.
6.Click OK.
After you finish: If you changed the encryption type, you must reactivate all of the BlackBerry devices in the BlackBerry Domain so that users can send and receive messages on their BlackBerry devices.
Related topics
Assigning BlackBerry devices to user accounts, 74
Options for extending messaging security
When a user sends a message from the BlackBerry® device, by default, the BlackBerry® Enterprise Server does not encrypt the message when it forwards the message to the message recipient. To extend the messaging security that standard BlackBerry encryption provides, the user must install additional secure messaging technology on the BlackBerry device, and you must set the BlackBerry device to use that secure messaging technology.
To offer an additional layer of messaging security between the sender and recipient of an email message or PIN message, you can turn on S/MIME technology or PGP® technology for BlackBerry devices. When you use either one of these technologies, you allow sender-to-recipient authentication and confidentiality. These technologies also help to maintain the integrity and privacy of the data from the time that a BlackBerry device user sends a message from the BlackBerry device to when the message recipient decrypts and opens the message.
Protection of data using the PGP Support Package for BlackBerry devices
BlackBerry® devices that are running the PGP® Support Package for BlackBerry® devices can digitally sign, encrypt, or sign and encrypt data that they send to the BlackBerry® Enterprise Server.
18
Administration Guide |
Options for extending messaging security |
With supported versions of the PGP Support Package for BlackBerry devices installed, BlackBerry devices can receive PGP/ MIME format messages. With both the PGP Support Package for BlackBerry devices and the S/MIME Support Package for BlackBerry® devices installed and turned on, BlackBerry devices can download PGP® keys with attached S/MIME X.509 certificates from the PGP® Universal Server and use them in compliance with the PGP Universal Server secure email policy. The PGP Support Package for BlackBerry devices continues to support OpenPGP format messages.
For more information, see the PGP Support Package for BlackBerry Devices Security Technical Overview.
Prerequisites: Protecting data using the PGP Support Package for BlackBerry devices
•Set the PGP® Universal Server Address IT policy rule in the IT policy that you assign to BlackBerry® device users.
•Instruct the BlackBerry device users to install the PGP® Support Package for BlackBerry® devices on their BlackBerry devices and enroll with the PGP Universal Server so that the BlackBerry devices can process PGP messages.
•Instruct the BlackBerry device users to enroll with PGP when the BlackBerry devices prompt them to.
Prerequisites: Protecting data using the S/MIME Support Package for BlackBerry devices
•Turn on S/MIME message processing on the BlackBerry® Enterprise Server so that the BlackBerry Enterprise Server can process S/MIME messages.
•Instruct BlackBerry® device users to install the S/MIME Support Package for BlackBerry devices on their BlackBerry devices so that the BlackBerry device can process S/MIME messages.
•Instruct BlackBerry device users to add the Certificate Synchronization Manager to the BlackBerry® Desktop Manager so that the BlackBerry Desktop Manager can manage certificates for their BlackBerry devices.
Turn on support for processing S/MIME-protected messages on the BlackBerry Enterprise Server
1.In the BlackBerry® Manager, in the left pane, click Servers.
2.On the Server Configuration tab, click Edit Properties.
3.In the left pane, click Messaging.
4.In the Secure Messages section, click Enable S/MIME Message Processing.
5.In the drop-down list, click True.
6.Click OK.
How S/MIME-protected messages on BlackBerry devices discard appended disclaimers
If the S/MIME Support Package for BlackBerry® devices is installed on a BlackBerry device and turned on, the BlackBerry® Enterprise Server does not apply an appended disclaimer to S/MIME-protected messages that the user sends from the BlackBerry device. Digital signatures on S/MIME-protected messages that the BlackBerry device sends are not valid if disclaimers are appended to the messages.
19
Administration Guide |
Generating organization-specific encryption keys for PIN-to-PIN message encryption |
Define encryption options for S/MIME-protected messages
1.In the BlackBerry® Manager, in the left pane, click Servers.
2.On the Server Configuration tab, click Edit Properties.
3.In the left pane, click Messaging.
4.In the Secure Messages section, select the encryption options to include when processing S/MIME-protected messages.
5.Click OK.
Generating organization-specific encryption keys for PIN-to-PIN message encryption
By default, all BlackBerry® devices store a common peer-to-peer encryption key for protecting PIN-to-PIN messages. To limit the number of BlackBerry devices that can decrypt PIN messages that users in your organization send from their BlackBerry devices, you can generate a new peer-to-peer encryption key that is stored on and known only to BlackBerry devices in your organization. BlackBerry devices with an organization-specific peer-to-peer encryption key can send and receive PIN messages only with other BlackBerry devices that store the same peer-to-peer encryption key.
You should generate a new peer-to-peer encryption key if you know that your current organization-specific peer-to-peer encryption key is compromised.
Generate a new peer-to-peer encryption key
1.In the BlackBerry® Manager, in the left pane, click BlackBerry Domain.
2.On the Global tab, expand Service Control & Customization.
3.Click Update Peer-to-Peer Encryption Key.
4.Click Set or update the Peer-to-Peer encryption key for all devices within this organization.
5.Click Yes.
After you install the BlackBerry® MDS Integration Service, you must install a digital certificate for the BlackBerry MDS Integration Service in the key store on the same computer. This certificate allows server-authenticated communication between the BlackBerry MDS Integration Service and the BlackBerry Manager.
20
Administration Guide |
Authenticating the BlackBerry MDS Integration Service to the BlackBerry Manager and web services |
You can install a self-signed certificate for the BlackBerry MDS Integration Service, or you can get a signed root certificate from a certificate authority and install it in the key store using the Java® keytool. You can replace the self-signed certificate with a signed root certificate at any time, but you should install the certificate that you want to use immediately after you install the BlackBerry MDS Integration Service and before you allow authentication with the BlackBerry Manager or web services using that certificate.
You can also export the certificate for the BlackBerry MDS Integration Service to allow client authentication with external web services.
For more information about using the Java keytool, visit java.sun.com/javase/6/docs/technotes/tools/windows/ keytool.html.
Allow the BlackBerry MDS Integration Service to communicate with the BlackBerry Manager
When the BlackBerry® Manager connects to the BlackBerry MDS Integration Service for the first time after installation, the BlackBerry Manager prompts you to view and install the BlackBerry MDS Integration Service self-signed certificate. This certificate allows server-authenticated communication between the BlackBerry MDS Integration Service and the BlackBerry Manager.
Before you begin: Perform this task immediately after you install the BlackBerry MDS Integration Service.
1.In the BlackBerry Manager, in the left pane, click a BlackBerry MDS Integration Service.
2.In the certificate installation dialog box, click View Certificate.
3.Review the certificate information.
4.Click Install Certificate.
5.Complete the instructions on the screen. Accept the default settings.
6.When prompted, click Cancel.
Allow client authentication between the BlackBerry MDS Integration Service and web services
The self-signed certificate for the BlackBerry® MDS Integration Service allows client authentication between the BlackBerry MDS Integration Service and web services hosts. If the BlackBerry® MDS Runtime Applications in your organization's environment use HTTPS to communicate with web servers to receive application data and application updates, you must export the certificate for the BlackBerry MDS Integration Service to the web services hosts. This allows BlackBerry MDS Runtime Applications that use web services to authenticate to the web services and access them.
Before you begin:
•Contact your organization's application developers for information about the web services that the BlackBerry MDS Runtime Applications in your environment use.
•If you replaced the self-signed certificate for the BlackBerry MDS Integration Service with a signed root certificate from a certificate authority, the web services must trust the root certificate authority to authenticate to the BlackBerry MDS Integration Service.
21
Administration Guide |
Authenticating the BlackBerry MDS Integration Service to the BlackBerry Manager and web services |
1.Using Microsoft® Internet Explorer®, export the self-signed certificate for the BlackBerry MDS Integration Service from the trusted root certificate authorities area of the computer's key store.
2.Send the self-signed certificate to the web services servers that the BlackBerry MDS Runtime Applications use.
3.Verify that the certificate is installed in the trusted key store of the web services servers.
After you finish:
•If multiple BlackBerry MDS Integration Service servers are installed, export the certificate for each BlackBerry MDS Integration Service.
•Allow BlackBerry MDS Runtime Applications to access web services using HTTPS.
22
Administration Guide |
Setting up proxy servers for BlackBerry Enterprise Server components |
Setting up proxy servers for BlackBerry Enterprise Server |
3 |
components |
|
You can configure the BlackBerry® MDS Connection Service, BlackBerry MDS Integration Service, and BlackBerry Collaboration Service to use proxy servers to access web addresses on the Internet and your organization's intranet. You should use a proxy method that is consistent with how other applications and servers in your organization access web content.
Since proxy servers typically do not permit traffic between servers on the same side of the firewall, you can configure certain BlackBerry® Enterprise Server components to use a .pac file, or to access the Internet directly through a proxy server. You can also configure multiple proxy servers to manage traffic to specific web addresses, and you can specify URLs that the BlackBerry Enterprise Server components can access without using a proxy server.
The BlackBerry MDS Integration Service sends application updates and data to BlackBerry devices through the BlackBerry MDS Connection Service. The BlackBerry MDS Integration Service can only accept and respond to messages that it receives from a direct connection with the BlackBerry MDS Connection Service. If you configured the BlackBerry MDS Connection Service to use a proxy server, you must configure proxy rules to allow a direct connection between the BlackBerry MDS Connection Service and the BlackBerry MDS Integration Service. You cannot use a proxy server to exchange data between these components of the BlackBerry Enterprise Server. If you use a .pac file configuration, you can change the .pac file to allow a direct connection between the BlackBerry MDS Connection Service and the BlackBerry MDS Integration Service.
Related topics
Configuring multiple BlackBerry Enterprise Server instances to use the same BlackBerry Enterprise Server component, 27
Configure a BlackBerry Enterprise Server component to use a .pac file
You can configure the BlackBerry® MDS Connection Service, BlackBerry MDS Integration Service, or BlackBerry Collaboration Service to use a .pac file.
1.In the BlackBerry Manager, in the left pane, click a BlackBerry® Enterprise Server component.
2.On the appropriate tab for a BlackBerry Enterprise Server component, click Edit Properties.
3.In the left pane, click Proxy.
4.Double-click Proxy Mappings.
5.Click New.
6.Double-click Universal Resource Locator.
7.Type the URL regular expression that you want the proxy mapping rule to control.
8.Double-click Proxy String.
9.Click New.
23
Administration Guide |
Configuring certain BlackBerry Enterprise Server components to use proxy servers |
10.In the Proxy Type drop-down list, perform one of the following actions:
•To detect a .pac file automatically, click AUTO. Double-click the Proxy String field and delete the default values.
•To specify the location of the .pac file, click PAC. Double-click the Proxy String field and type the proxy server name, port number, and location of the .pac file (for example, http://<ProxyServer>:<Port>/<PACFilePath>/
<PACFileName>).
11.Click OK.
Configure a BlackBerry Enterprise Server component to use a proxy server
You can configure the BlackBerry® MDS Connection Service, BlackBerry MDS Integration Service, or BlackBerry Collaboration Service to access web servers through a proxy server.
You can specify more than one proxy string in a proxy mapping rule for a web address. If the BlackBerry® Enterprise Server component cannot access the web server using the first proxy string, it tries to access the web server using the subsequent proxy strings that you typed, until it accesses the web server successfully.
1.In the BlackBerry Manager, in the left pane, click a BlackBerry Enterprise Server component.
2.On the appropriate tab for a BlackBerry Enterprise Server component, click Edit Properties.
3.In the left pane, click Proxy.
4.Click New.
5.In the Universal Resource Locator field, type the regular expression for the web address that you want the proxy mapping rule to control.
6.Double-click Proxy String.
7.Click New.
8.In the Proxy Type drop-down list, perform any of the following actions:
•To configure a proxy server, click PROXY. Double-click the Proxy String field and type the proxy server name and port number.
•To exclude the web address from routing through the proxy server, click DIRECT. Double-click the Proxy String field and delete the default value.
9.Click OK.
Configure a BlackBerry Enterprise Server component to authenticate to a proxy server on behalf of BlackBerry devices
You can configure the BlackBerry® MDS Connection Service, BlackBerry MDS Integration Service, or BlackBerry Collaboration Service to authenticate to a proxy server on behalf of BlackBerry devices.
1.In the BlackBerry Manager, in the left pane, click a BlackBerry® Enterprise Server component.
2.On the appropriate tab, click Edit Properties.
3.In the left pane, click Proxy.
24
Administration Guide |
Configuring certain BlackBerry Enterprise Server components to use proxy servers |
4.Double-click Proxy Mappings.
5.Click a URL.
6.Click Properties.
7.In the User Name field, type the user name that the BlackBerry Enterprise Server component can use to connect to the proxy server that is defined for the web address.
8.In the Password field, type the password for the user name.
9.In the Password (Confirmation) field, retype the password.
10.Click OK.
25
Administration Guide |
Sharing BlackBerry Enterprise Server components |
Sharing BlackBerry Enterprise Server components |
4 |
To help make a BlackBerry® Domain more scalable, you can configure multiple BlackBerry® Enterprise Server instances to use the same BlackBerry MDS Connection Service, BlackBerry MDS Integration Service, or BlackBerry Collaboration Service. If a BlackBerry Domain contains a single BlackBerry Enterprise Server, all BlackBerry Enterprise Server components are associated with that BlackBerry Enterprise Server automatically.
Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry MDS Connection Service
You can configure multiple BlackBerry® Enterprise Server instances to use the same central push server to transfer application data from BlackBerry devices, and to manage HTTP requests from the BlackBerry® Browser.
Before you begin: You must set a BlackBerry MDS Connection Service in your BlackBerry Domain as the central push server.
1.In the BlackBerry Manager, in the left pane, click BlackBerry Domain.
2.On the Global tab, click Service Control & Customization.
3.Click MDS CS to BES Mapping.
4.In the MDS CS to BES Mappings dialog box, in the left pane, click the BlackBerry MDS Connection Service that you have set as the central push server.
5.In the right pane, click the BlackBerry Enterprise Server instances that you want to use the central push server.
6.Click OK.
Related topics
Specifying a BlackBerry MDS Connection Service as the central push server, 61
27
Administration Guide |
Configuring multiple BlackBerry Enterprise Server instances to use the same BlackBerry Enterprise Server |
|
component |
Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry MDS Integration Service
You can configure multiple instances of the BlackBerry® Enterprise Server to use the same BlackBerry MDS Integration Service to send BlackBerry MDS Runtime Applications and updates to BlackBerry devices. By associating multiple instances of the BlackBerry Enterprise Server with a single BlackBerry MDS Integration Service, you can make the BlackBerry MDS Runtime Applications that are stored in a single BlackBerry MDS Application Repository available to users on multiple BlackBerry Enterprise Server instances.
Before you begin: You must configure server authentication between the BlackBerry MDS Integration Service and the BlackBerry Manager. Complete the instructions on the screen the first time that you click the BlackBerry MDS Integration Service.
1.In the BlackBerry Manager, in the left pane, click a BlackBerry Enterprise Server.
2.On the Server Configuration tab, click Edit Properties.
3.In the left pane, click MDS Integration Service.
4.Click BlackBerry MDS Integration Service Server URL.
5.In the drop-down list, click the BlackBerry MDS Integration Service that you want to assign to the BlackBerry Enterprise Server.
6.Click OK.
After you finish: Repeat this task for each BlackBerry Enterprise Server that you want to associate with the same BlackBerry MDS Integration Service.
Related topics
Allow the BlackBerry MDS Integration Service to communicate with the BlackBerry Manager, 21
Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry Collaboration Service
You can configure multiple BlackBerry® Enterprise Server instances to use the same BlackBerry Collaboration Service to connect to your organization's instant messaging server, and to manage requests from the collaboration client that you use in your organization's BlackBerry Domain.
1.In the BlackBerry Manager, in the left pane, click BlackBerry Domain.
2.On the Global tab, click Service Control & Customization.
3.Click IM to BES Mapping.
4.In the IM to BES Mappings dialog box, in the left pane, click the BlackBerry Collaboration Service that you want multiple BlackBerry Enterprise Server instances to use.
5.In the right pane, select the BlackBerry Enterprise Server instances that you want to have use the BlackBerry Collaboration Service.
6.Click OK.
28