BlackBerry Enterprise Server for Microsoft Office 365. Version: 1.0. Administration Guide

Similar documents
BlackBerry Enterprise Server for IBM Lotus Domino Version: 5.0. Administration Guide

BlackBerry Enterprise Server for IBM Lotus Domino Version: 5.0. Feature and Technical Overview

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0. Feature and Technical Overview

BlackBerry Enterprise Server Express for Microsoft Exchange

BlackBerry Enterprise Server Express for IBM Lotus Domino

Configuration Guide. Installation and. BlackBerry Enterprise Server for Novell GroupWise. Version: 5.0 Service Pack: 4

Configuration Guide. BlackBerry UEM. Version 12.9

Administration Guide. Installation and. BlackBerry Enterprise Transporter for Microsoft Office 365. Version: 1.0

BlackBerry Enterprise Server for IBM Lotus Domino Version: 5.0 Service Pack: 1. Release Notes

Getting Started Guide

Configuration Guide. BlackBerry UEM. Version 12.7 Maintenance Release 2

BlackBerry UEM Configuration Guide

Enterprise solution comparison chart

KYOCERA Net Admin User Guide

User Manual. Admin Report Kit for Exchange Server

Sophos Mobile Control SaaS startup guide. Product version: 7

Managing External Identity Sources

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

VMware Identity Manager Administration

Sophos Mobile Control SaaS startup guide. Product version: 6.1

BlackBerry Enterprise Server for Microsoft Exchange

Sophos Mobile in Central

Sophos Mobile as a Service

MOC 20411B: Administering Windows Server Course Overview

Secure ACS for Windows v3.2 With EAP TLS Machine Authentication

BIG-IP Access Policy Manager : Portal Access. Version 12.1

DEPLOYMENT GUIDE DEPLOYING F5 WITH ORACLE ACCESS MANAGER

Configuration Guide. BlackBerry UEM Cloud

Cisco Unified Serviceability

Sophos Mobile SaaS startup guide. Product version: 7.1

Sophos Mobile Control Administrator guide. Product version: 5.1

RSA Authentication Manager 7.1 Administrator s Guide

USER GUIDE. CTERA Agent for Windows. June 2016 Version 5.5

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

KYOCERA Net Admin Installation Guide

AirWatch Mobile Device Management

VMware AirWatch Integration with RSA PKI Guide

HOL122 Lab 1: Configuring Microsoft Windows Server 2003 RPC Proxy

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Using the VMware vrealize Orchestrator Client

This course provides students with the knowledge and skills to administer Windows Server 2012.

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Top Reasons to Upgrade

Getting Started Guide

Oracle Enterprise Manager. 1 Before You Install. System Monitoring Plug-in for Oracle Unified Directory User's Guide Release 1.0

Acronis and Acronis Secure Zone are registered trademarks of Acronis International GmbH.

Read the following information carefully, before you begin an upgrade.

Using the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server

USER GUIDE Summer 2015

vrealize Operations Manager Customization and Administration Guide vrealize Operations Manager 6.4

Troubleshooting basics

DigitalPersona Pro Enterprise

Sophos Mobile. startup guide. Product Version: 8.1


VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

Legal Notes. Regarding Trademarks KYOCERA MITA Corporation


Novell GroupWise Version Comparison

ClearPass QuickConnect 2.0

Licensing Guide. BlackBerry Enterprise Service 12. Version 12.0

Aspera Connect Windows XP, 2003, Vista, 2008, 7. Document Version: 1

Sophos Mobile Control Super administrator guide. Product version: 3.5

Using ANM With Virtual Data Centers

Troubleshooting: Basics

Policy Settings for Windows Server 2003 (including SP1) and Windows XP (including SP2)

10ZiG Manager Cloud Setup Guide

Workspace ONE UEM Integration with RSA PKI. VMware Workspace ONE UEM 1810

Solution Integration Guide for Multimedia Communication Server 5100/WLAN/Blackberry Enterprise Server

ApplicationServer XG Version 11. Last updated:

VMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1

INDEX. boot failure about A-1 restoring A-2

Legal Notes. Regarding Trademarks KYOCERA MITA Corporation

Welcome Guide. SafeNet Authentication Service. MP-1 BlackBerry. SafeNet Authentication Service: Welcome Guide. MP-1 BlackBerry

Unified CCX Administration Web Interface

MB Microsoft Dynamics CRM 2016 Online Deployment.

VMware AirWatch Content Gateway for Windows. VMware Workspace ONE UEM 1811 Unified Access Gateway

Sophos Mobile Control startup guide. Product version: 7

Configure the IM and Presence Service to Integrate with the Microsoft Exchange Server

Sophos Mobile super administrator guide. Product version: 7.1

MCSA Guide to Networking with Windows Server 2016, Exam

Installation and Upgrade Guide

KYOCERA Net Viewer User Guide Supplement

SSL VPN Server Guide. Access Manager Appliance 3.2 SP2. June 2013

Sophos Mobile. super administrator guide. Product Version: 8

Vodafone Secure Device Manager Administration User Guide

Lotus Learning Management System R1

Virginia Western Community College ITN 110 Client Operating System (Windows 10)

GRS Enterprise Synchronization Tool

This primer covers the following major topics: 1. Getting Familiar with ACS. 2. ACS Databases and Additional Server Interaction

VMware Horizon 7 Administration Training

Anchor User Guide. Presented by: Last Revised: August 07, 2017

Installing and Configuring VMware vrealize Orchestrator. vrealize Orchestrator 7.5

What s New in Fireware v12.3 WatchGuard Training

Troubleshooting basics

Using the Terminal Services Gateway Lesson 10

Remote Support Security Provider Integration: RADIUS Server

Wavelink Avalanche Mobility Center Java Console User Guide. Version 5.2

Installation Guide for Pulse on Windows Server 2012

Transcription:

BlackBerry Enterprise Server for Microsoft Office 365 Version: 1.0 Administration Guide

Published: 2013-01-29 SWD-20130131125552322

Contents 1 Related resources... 18 2 About BlackBerry Enterprise Server for Microsoft Office 365... 19 3 Log in to the BlackBerry Administration Service for the first time... 20 There is a problem with this website's security certificate... 20 This connection is untrusted... 21 4 Creating administrator accounts... 22 Administrative roles and permissions... 22 Administrative roles for the BlackBerry Enterprise Server... 22 Creating roles... 28 Create a role... 29 Create a role based on an existing role... 29 Create an administrator account... 30 Add an administrator account to a group... 30 Specify an email address for the BlackBerry Administration Service... 31 Permit an administrator to log in to the BlackBerry Administration Service using a messaging server account... 31 Assign a BlackBerry device to an administrator account... 32 5 Using IT policies to manage security... 33 Using IT policy rules to manage security... 33 Preconfigured IT policies... 34 Default values for preconfigured IT policies... 34 Creating IT policies... 36 Create an IT policy... 36 Create an IT policy based on an existing IT policy... 36 Change the value for an IT policy rule... 37 Assign an IT policy to a group... 37 Assign an IT policy to a user account... 37 Resolving IT policy conflicts... 38 How conflicting IT policies are resolved... 38 Rank IT policies... 39 Preview how the BlackBerry Enterprise Server resolves IT policy conflicts... 40 View the resolved IT policy rules that are assigned to a user account... 40 Sending an IT policy over the wireless network... 41 Resend an IT policy to a device manually... 41 Export all IT policy data to a data file... 41 Delete an IT policy... 42

6 Configuring the BlackBerry Enterprise Server environment... 43 Best practice: Running the BlackBerry Enterprise Server... 43 Configuring certain BlackBerry Enterprise Server components to use proxy servers... 44 Configure a BlackBerry Enterprise Server component to use a.pac file... 44 Configure a BlackBerry Enterprise Server component to use a proxy server... 45 Configure a BlackBerry Enterprise Server component to authenticate to a proxy server on behalf of BlackBerry devices... 46 Configuring the BlackBerry Administration Service to use a proxy server... 46 Configuring proxy selection for the BlackBerry Administration Service... 47 Configuring the BlackBerry Administration Service to authenticate with a proxy server... 49 Configuring multiple BlackBerry Enterprise Server instances to use the same BlackBerry Enterprise Server component... 51 Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry MDS Connection Service... 51 Configure multiple BlackBerry Enterprise Server instances to use the same BlackBerry Collaboration Service... 52 7 Configuring user accounts... 53 Creating groups... 53 Create a group to manage similar user accounts... 53 Add user accounts to a group... 53 Adding user accounts to the BlackBerry Enterprise Server... 54 Add a user account... 54 Importing a list of user accounts to the BlackBerry Enterprise Server... 55 Export a list of user accounts... 57 8 Activating BlackBerry devices... 58 Activate a device using the BlackBerry Administration Service... 58 Activating a device over the wireless network... 59 Activation passwords... 59 Send an activation password to a user... 60 Send an activation password to multiple users... 60 Activating devices using the BlackBerry Web Desktop Manager... 61 9 Configuring BlackBerry Enterprise Server high availability... 62 Check the health of a BlackBerry Enterprise Server... 62 Availability state and failover status of the BlackBerry Enterprise Server... 62 How the BlackBerry Enterprise Server uses health parameters... 63 Defining when failover occurs... 63 Changing the promotion threshold and failover threshold... 65 Change the promotion threshold and failover threshold and the order of the health parameters... 65 Changing when automatic failover occurs by customizing the health parameters for user accounts and messaging servers... 67 Prerequisites: Configuring the BlackBerry Enterprise Server pair to fail over automatically... 69 Configure the BlackBerry Enterprise Server to fail over automatically... 69 Monitoring the BlackBerry Enterprise Server for an automatic failover event... 70

Use the BlackBerry Administration Service to find the time and reason for the last automatic failover event... 70 Fail over the BlackBerry Enterprise Server manually using the BlackBerry Administration Service... 70 Fail over the BlackBerry Enterprise Server manually using the BlackBerry Configuration Panel... 71 10 Configuring high availability for BlackBerry Enterprise Server components... 72 Creating a BlackBerry MDS Connection Service pool for high availability... 72 Create a BlackBerry MDS Connection Service pool for high availability... 72 Configure the BlackBerry BlackBerry MDS Connection Service and BlackBerry Collaboration Service to fail over automatically... 73 Create a BlackBerry Collaboration Service pool for high availability... 73 Create a BlackBerry Attachment Service pool for high availability... 74 You cannot determine the BlackBerry Attachment Connector that the BlackBerry Enterprise Server or the BlackBerry MDS Connection Service uses... 76 Create a BlackBerry Router pool for high availability... 77 Permit a BlackBerry Enterprise Server to connect to a remote BlackBerry Router... 78 Creating a BlackBerry Administration Service pool that includes the BlackBerry Web Desktop Manager using DNS round robin... 78 Configure the BlackBerry Administration Service instances in a pool to communicate across network subnets... 79 Changing the name of the BlackBerry Administration Service pool... 80 Change the name of the BlackBerry Administration Service pool... 80 Fail over the BlackBerry MDS Connection Service or BlackBerry Collaboration Service manually... 81 Monitoring the high availability status or job deployment status using the BlackBerry Administration Service... 82 Monitor the high availability status or job deployment status using the BlackBerry Administration Service... 82 Remove a BlackBerry MDS Connection Service instance from a pool... 83 Remove a BlackBerry Collaboration Service instance from a pool... 83 Remove a BlackBerry Attachment Service instance from a pool... 84 Remove a BlackBerry Router instance from a pool... 84 11 Configuring BlackBerry Configuration Database high availability... 86 Prerequisites: Configuring database mirroring or database replication of the BlackBerry Configuration Database... 86 Configuring database mirroring... 87 Stop the BlackBerry Enterprise Server instances... 87 Configure database mirroring for the BlackBerry Configuration Database... 88 Start the BlackBerry Enterprise Server instances... 88 Configure the BlackBerry Enterprise Solution to support database mirroring... 89 Resend the database mirroring parameters to BlackBerry Enterprise Server components... 90 Configuring the BlackBerry Configuration Database for one-way transactional replication in an environment that includes Microsoft SQL Server 2005 or 2008... 91 Stop the BlackBerry Enterprise Server instances... 91 Create the replicated BlackBerry Configuration Database from a backup... 91 Permit access to the BlackBerry Configuration Database instances... 92 Configure the publication for the BlackBerry Configuration Database... 92 Increase the maximum data size for transactional replication... 93

Prepare the database server that hosts the replicated BlackBerry Configuration Database and configure the subscription... 94 Start the BlackBerry Enterprise Server instances... 95 Reacting if the BlackBerry Configuration Database that you configured for transactional replication stops responding... 95 Return to the BlackBerry Configuration Database when you configured transactional replication... 96 Configuring a new mirror BlackBerry Configuration Database... 96 12 Sending software and BlackBerry Java Applications to BlackBerry devices... 97 Managing BlackBerry Java Applications and BlackBerry Device Software... 97 Developing BlackBerry Java Applications for BlackBerry devices... 98 Preparing to distribute BlackBerry Java Applications... 98 Specify a shared network folder for BlackBerry Java Applications... 99 Add a BlackBerry Java Application to the application repository... 100 Add a collaboration client to the application repository... 100 Specify keywords for a BlackBerry Java Application... 101 Configuring application control policies... 101 Standard application control policies... 101 Change a standard application control policy... 102 Create custom application control policies for a BlackBerry Java Application... 102 IT policy rules take precedence on smartphones... 104 Application control policies for unlisted applications... 104 Change the standard application control policy for unlisted applications that are optional... 104 Create an application control policy for unlisted applications... 105 Configure the priority of application control policies for unlisted applications... 105 Creating software configurations... 106 Create a software configuration... 106 Add a BlackBerry Java Application to a software configuration... 107 Assign a software configuration to a group... 108 Assign a software configuration to multiple user accounts... 108 Assign a software configuration to a user account... 109 Install BlackBerry Java Applications on a BlackBerry device at a central computer... 109 View the status of a job... 110 View the status of a task... 110 Stopping a job that is running... 118 Stop a job that is running... 119 View the users that have a BlackBerry Java Application installed on their BlackBerry devices... 119 View how the BlackBerry Administration Service resolved software configuration conflicts for a user account... 120 Reconciliation rules for conflicting settings in software configurations... 121 Reconciliation rules: BlackBerry Java Applications... 122 Reconciliation rules: BlackBerry Device Software... 124 Reconciliation rules: Standard application settings... 125

Reconciliation rules: Application control policies... 126 Reconciliation rules: Application control policies for unlisted applications... 126 13 Alternative methods for installing BlackBerry Java Applications on BlackBerry devices... 128 Installing BlackBerry Java Applications on BlackBerry devices without using the BlackBerry Administration Service... 128 Developing BlackBerry Java Applications for BlackBerry devices... 128 Methods you can use to install BlackBerry Java Applications on BlackBerry devices... 129 Installing BlackBerry Java Applications using the BlackBerry Desktop Software... 130 Prerequisites: Installing BlackBerry Java Applications using the BlackBerry Desktop Software... 130 Make the BlackBerry Java Application available to the BlackBerry Desktop Software... 131 Install the BlackBerry Java Application using the BlackBerry Desktop Software... 131 Installing BlackBerry Java Applications using the BlackBerry Application Web Loader... 132 Prerequisites: Installing BlackBerry Java Applications using the BlackBerry Application Web Loader... 132 Enable the BlackBerry Application Web Loader on a web server... 133 Install the BlackBerry Java Application using the BlackBerry Application Web Loader... 134 Installing BlackBerry Java Applications using the standalone application loader tool... 134 Prerequisites: Installing BlackBerry Java Applications using the standalone application loader tool... 135 Add BlackBerry Java Application files to a shared network folder... 136 Share the Research In Motion folder that contains the BlackBerry Java Application... 136 Configure the standalone application loader tool to install the BlackBerry Java Application in automated mode... 137 Install the BlackBerry Java Application using the standalone application loader tool... 137 Installing BlackBerry Java Applications using a web browser on BlackBerry devices... 138 Prerequisites: Installing BlackBerry Java Applications using a web browser on BlackBerry devices... 138 Install the BlackBerry Java Application on a web server... 139 Install the BlackBerry Java Application using a web browser on the BlackBerry device... 139 14 Configuring how users access enterprise applications and web content... 140 Specifying a BlackBerry MDS Connection Service as a central push server... 140 Specify a BlackBerry MDS Connection Service as a central push server... 140 Configuring how BlackBerry devices authenticate to content servers... 141 Configure how BlackBerry devices authenticate to content servers... 141 Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that use NTLM... 142 Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that use Kerberos... 142 Configure the BlackBerry MDS Connection Service to authenticate BlackBerry devices to content servers that use LTPA... 143 Configuring the BlackBerry MDS Connection Service to authenticate devices to the RSA Authentication Manager... 143 Configuring how the BlackBerry MDS Connection Service manages requests for web content... 145 Configure the BlackBerry MDS Connection Service to manage HTTP cookie storage... 146 Configure the timeout limit for HTTP connections with BlackBerry devices... 146 Configure the timeout limit for HTTP connections with web servers... 147 Configure the maximum number of times that the BlackBerry Browser accepts HTTP redirections... 147

Permitting push applications to make trusted connections to a BlackBerry MDS Connection Service... 148 Create a key store to store certificates for use with HTTPS connections... 148 Add a certificate for the BlackBerry MDS Connection Service... 149 Export the BlackBerry MDS Connection Service certificate to make it available to push applications... 149 Import the BlackBerry MDS Connection Service certificate to the key store of a push application... 150 Permit push applications to select the transport protocol for PAP requests... 150 Configuring a BlackBerry MDS Connection Service to trust web servers... 151 Specify whether the BlackBerry MDS Connection Service requires trusted HTTPS connections from web servers... 151 Specify whether the BlackBerry MDS Connection Service requires trusted TLS connections from web servers... 152 Configuring certificate server information for the BlackBerry MDS Connection Service... 152 Add a retrieved certificate for a web server to the key store... 158 Permitting users to access intranet sites on BlackBerry devices using global login information... 159 Configure global login information for intranet site access... 159 Configuring how the BlackBerry MDS Connection Service connects to devices... 160 Specify the maximum amount of data that a BlackBerry MDS Connection Service can send to BlackBerry devices... 160 Specify the pending content timeout limit for a BlackBerry MDS Connection Service... 160 Permit Java applications to use scalable socket connections with a BlackBerry MDS Connection Service... 161 Specify the thread pool size of a BlackBerry MDS Connection Service... 161 Specify the maximum number of scalable socket connections... 162 Prevent the BlackBerry MDS Connection Service from using scalable HTTP... 162 Specify the port number that the web server listens on for push application requests... 163 Specify how often a BlackBerry MDS Connection Service polls for configuration information... 163 15 Setting up the messaging environment... 165 Creating email message filters... 165 Create an email message filter that applies to all user accounts on a BlackBerry Enterprise Server... 165 Turn on an email message filter that applies to all user accounts on a BlackBerry Enterprise Server... 166 Create an email message filter that applies to a specific user account... 166 Turn on an email message filter that applies to a specific user account... 167 Copying existing email message filters to another BlackBerry Enterprise Server... 168 Export email message filters for a BlackBerry Enterprise Server... 168 Import email message filters for a BlackBerry Enterprise Server... 168 Copying existing email message filters to user accounts... 169 Export email message filters for a user account... 169 Import email message filters for a user account... 169 Extension plug-ins for processing messages... 170 Install an extension plug-in application... 170 Add an extension plug-in to a BlackBerry Messaging Agent... 171 Mapping contact information fields for synchronization and contact lookups... 172 Map a contact information field in an email application to contact list fields on BlackBerry devices... 172 Map a contact list field in an email application to a contact list field on a BlackBerry device... 172

Map a contact information field in an email application to contact list fields on BlackBerry devices... 173 Map a contact list field in an email application to a contact list field on a BlackBerry device... 173 16 Configuring BlackBerry devices to enroll certificates over the wireless network... 175 Configure the certificate information using IT policies... 175 Configure the BlackBerry MDS Connection Service to connect to the certificate authority... 176 Add communication information to a BlackBerry MDS Connection Service configuration set... 177 Assign a BlackBerry MDS Connection Service configuration set to a BlackBerry MDS Connection Service instance... 178 Add certificate information to a Wi-Fi profile... 179 Managing an enrolled certificate... 179 Change the polling interval, logging, and pool size for the BlackBerry MDS Connection Service connection to the certificate authority... 180 Properties in the rimpublic.properties file... 181 17 Making the BlackBerry Web Desktop Manager available to users... 182 Installing the client components of the BlackBerry Web Desktop Manager on users' computers... 182 Publish the client files for the BlackBerry Web Desktop Manager in a Windows GPO for Windows XP... 183 Publish the client files for the BlackBerry Web Desktop Manager in a Windows GPO for Windows Vista... 184 Configure the Microsoft ActiveX Installer on Windows Vista... 185 Configure users' computers to install the client file for the BlackBerry Web Desktop Manager automatically... 185 Make the BlackBerry Web Desktop Manager available to users... 187 18 Configuring the BlackBerry Web Desktop Manager... 188 Permit users to perform administrative tasks using the BlackBerry Web Desktop Manager... 188 Permit users to activate devices using the BlackBerry Web Desktop Manager... 189 Permit users to back up and restore data using the BlackBerry Web Desktop Manager... 189 Configure the domains for backing up data using the BlackBerry Web Desktop Manager... 190 Change the text colors in the BlackBerry Web Desktop Manager... 190 BlackBerry Web Desktop Manager text colors... 191 Display a custom image in the BlackBerry Web Desktop Manager... 192 19 Creating and configuring Wi-Fi profiles and VPN profiles... 193 Creating and configuring Wi-Fi profiles... 193 Prerequisites: Creating Wi-Fi profiles and VPN profiles... 193 Create a Wi-Fi profile... 194 Create a Wi-Fi profile based on an existing Wi-Fi profile... 194 Configure a Wi-Fi profile... 195 Assign a Wi-Fi profile to a group... 195 Assign a Wi-Fi profile to a user account... 196 Delete a Wi-Fi profile... 196 Creating and configuring VPN profiles... 196 Create a VPN profile... 197 Create a VPN profile based on an existing VPN profile... 197 Configure a VPN profile... 197

Assign a VPN profile to a group... 198 Assign a VPN profile to a user account... 198 Associate a VPN profile with a Wi-Fi profile... 199 Delete a VPN profile... 199 Importing profile information from a.csv file... 200 Best practices: Creating a.csv file that contains profile information that you want to import... 200 Create a.csv file that contains profile information that you want to import... 200 Import profile information from a.csv file... 202 20 Configuring encryption and authentication methods for Wi-Fi enabled devices... 204 Configuring WEP encryption... 204 Configure WEP keys for devices using a Wi-Fi profile... 204 Configuring PSK encryption... 205 Configure PSK encryption data for devices using a Wi-Fi profile... 205 Configuring LEAP authentication... 206 Configure LEAP authentication data for devices using a Wi-Fi profile... 206 Configuring PEAP authentication... 207 Configure PEAP authentication data for devices using a Wi-Fi profile... 207 Prerequisites: Distributing a certificate using the BlackBerry Desktop Software... 208 Distribute a certificate using the BlackBerry Desktop Software... 208 Configure PEAP configuration settings in the Wi-Fi profile on a device... 209 Configuring EAP-TLS authentication... 210 Configure EAP-TLS authentication data for devices using a Wi-Fi profile... 211 Configure EAP-TLS configuration settings in the Wi-Fi profile on a device... 211 Configuring EAP-TTLS authentication... 212 Configure EAP-TTLS authentication data for BlackBerry devices using a Wi-Fi profile... 213 Configure EAP-TTLS configuration settings in the Wi-Fi profile on a device... 213 Configuring EAP-FAST authentication... 214 Configure EAP-FAST authentication... 215 Send EAP-FAST authentication data to a device using a Wi-Fi profile... 215 Configure EAP-FAST configuration settings in the Wi-Fi profile on devices... 216 21 Configuring software tokens for devices... 217 Prerequisites: Configuring devices for RSA authentication... 217 Configure devices for RSA authentication... 218 Configure RSA authentication over a Wi-Fi network using a software token... 218 Configure RSA authentication over a VPN network using a software token... 219 Assign software tokens to a user account... 219 22 Changing the security settings of the BlackBerry Administration Service and BlackBerry Web Desktop Manager... 221 Import a new SSL certificate for the BlackBerry Administration Service and BlackBerry Web Desktop Manager... 221

Configuring single sign-on authentication for the BlackBerry Administration Service and BlackBerry Web Desktop Manager... 222 Configure constrained delegation for the Microsoft Active Directory account to support single sign-on authentication... 223 Turn on single sign-on authentication for the BlackBerry Administration Service... 223 BlackBerry Administration Service web addresses and BlackBerry Web Desktop Manager web addresses that support BlackBerry Administration Service single sign-on... 224 Changing password settings for BlackBerry Administration Service authentication... 225 Change password settings for BlackBerry Administration Service authentication... 225 Regenerate the system credentials for the BlackBerry Administration Service... 226 23 Protecting and redistributing devices... 227 Using IT administration commands to protect a lost or stolen device... 227 Protect a lost or stolen device by locking it... 228 Protect a lost or stolen device by deleting all data... 228 Protect a lost device that a user might recover... 229 Preparing a device for redistribution to a new user... 230 Delete user data and assign a device to a new user... 230 Delete user data and device data and assign a device to a new user... 231 24 Managing administrator accounts... 232 Change role permissions... 232 Change the roles for an administrator account... 232 Delete a role... 233 Delete an administrator account... 233 25 Managing groups and user accounts... 234 Managing groups... 234 Using default groups to manage user accounts and administrator accounts... 234 Remove a user account from a group... 235 Change the properties of a group... 236 Rename a group... 236 Delete a group... 236 Managing user accounts... 237 Move a user account to a different group... 237 Move a user account from one BlackBerry Enterprise Server to another... 237 Delete a user account from the BlackBerry Enterprise Server... 238 Update a user account manually... 239 Add an administrator role to a user account... 239 Resend service books to a BlackBerry device... 239 26 Managing the delivery of BlackBerry Java Applications, BlackBerry Device Software, and device settings to BlackBerry devices... 240 Managing the default distribution settings for jobs... 240

Change default settings for a job schedule... 240 Change how IT policies are sent to BlackBerry devices... 241 Change how to install, update, or remove BlackBerry Java Applications... 242 Change how to install or update the BlackBerry Device Software... 244 Change how the BlackBerry Enterprise Server sends standard application settings to BlackBerry... 245 Managing the distribution settings for a specific job... 246 Specify the start time and priority for a job... 247 Change how a job sends IT policies to BlackBerry devices... 247 Change how a job sends BlackBerry Java Applications to BlackBerry devices... 248 Change how a job sends the BlackBerry Device Software to BlackBerry devices... 250 Change how a job sends standard application settings to BlackBerry devices... 251 Managing BlackBerry Java Applications on BlackBerry devices... 252 Make a BlackBerry Java Application unavailable for installation... 252 Remove a BlackBerry Java Application from BlackBerry devices over the wireless network... 253 Managing software configurations... 254 Remove a software configuration from a group... 254 Remove a software configuration from multiple user accounts... 254 Remove a software configuration from a user account... 255 Delete a software configuration... 255 27 Managing how users access enterprise applications and web content... 256 Restricting user access to content on web servers... 256 Restrict requests for content on web servers from BlackBerry devices... 256 Specify web address patterns... 257 Create a pull rule... 257 Restrict or permit web addresses and Intranet addresses using a pull rule... 258 Assign a pull rule to a group... 259 Assign a pull rule to user accounts... 259 Restricting user access to media content in the BlackBerry Browser... 260 Prevent users from accessing specific media types... 260 Configure download limits for media content types... 260 Default download limits for media content types... 261 Configuring Integrated Windows authentication so that users can access resources on your organization's network... 262 Configuring the Microsoft Active Directory account to delegate access... 263 Turn on Integrated Windows authentication so that users can access resources on your organization's network... 265 Restricting the push application content that users can receive... 267 Restrict push applications from sending data to BlackBerry devices... 267 Create push initiators for push applications... 267 Turn on push authorization... 268 Create a push rule... 269 Assign push initiators to a push rule... 269

Assign a push rule to the members of a group... 269 Assign a push rule to a group... 270 Assign a push rule to user accounts... 270 Encrypt push requests that push applications send to BlackBerry devices... 271 Managing push application requests... 271 Specify device ports for application-reliable push requests... 271 Store push application requests in the BlackBerry Configuration Database... 272 Configure the settings for storing push requests in the BlackBerry Configuration Database... 273 Configure the maximum number of active connections that a BlackBerry MDS Connection Service can process... 273 Configure the maximum number of queued connections that a BlackBerry MDS Connection Service can process... 274 28 Managing organizer data synchronization... 275 Managing the wireless backup and recovery of organizer data... 275 Turn off the wireless backup of organizer data for a user account... 275 Delete a user's organizer data from the BlackBerry Enterprise Server... 276 Delete organizer data for members of a user group from the BlackBerry Enterprise Server... 276 Changing how organizer data synchronizes... 276 Turn off organizer data synchronization for a user account... 277 Change the direction of organizer data synchronization for a user account... 277 Change how the BlackBerry Administration Service resolves conflicts for a specific user account during organizer data synchronization... 278 Synchronizing contact pictures... 278 Turn off synchronization of contact pictures for a user account... 279 Synchronizing calendars... 279 Start corrective calendar synchronization manually for a user account... 279 29 Managing your organization's messaging environment and attachment support... 280 Managing message forwarding... 280 Forward email messages to a BlackBerry device when no filter rules apply... 280 Do not deliver email messages to a BlackBerry device when no filter rules apply... 281 Forward email messages from inbox subfolders to a BlackBerry device... 281 Turn off email message forwarding to user accounts in a group... 282 Turn off email message forwarding to a user account... 282 Turn off synchronization for email messages sent from a BlackBerry device... 283 Turn off email message forwarding when a user connects a BlackBerry device to a computer... 283 Managing the incoming message queue... 284 Delete email messages for user accounts from the incoming message queue... 284 Managing wireless message reconciliation... 285 Turn off wireless message reconciliation for a BlackBerry Enterprise Server... 285 Turn on reconciliation for email messages that are hard deleted... 285 Managing access to remote message data... 286 Prevent a user from checking the availability of meeting participants on the BlackBerry device... 286

Prevent a user from searching for remote email messages using a device... 287 Managing email messages that contain HTML and rich content... 288 View whether a user turned on support for email messages that contain HTML and rich content for a BlackBerry device... 288 Turn off support for rich text formatting and inline images in email messages for users on a BlackBerry Enterprise Server... 288 Turn off support for rich text formatting and inline images in email messages using an IT policy rule Turn off support for rich text formatting in email messages using an IT policy rule... 289 Synchronizing folders on the BlackBerry device... 290 Control which published public contact folders a user can synchronize to a BlackBerry device... 290 Control which personal contact subfolders a user can synchronize to a BlackBerry device... 291 Control which personal mail folders a user can synchronize with a BlackBerry device... 291 Configuring access to documents on remote file systems... 292 Configure the BlackBerry MDS Connection Service to communicate with a remote file system... 292 Add communication information to a BlackBerry MDS Connection Service configuration set... 293 Assign a BlackBerry MDS Connection Service configuration set to a BlackBerry MDS Connection Service instance... 294 Managing signatures and disclaimers in email messages... 295 Add a signature to email messages that a user sends from a BlackBerry device... 295 Add a disclaimer to email messages that users send from BlackBerry devices... 296 Add a disclaimer to email messages that a user sends from a BlackBerry device... 296 Specify conflict rules for disclaimers... 297 Turn off disclaimers for email messages... 297 Monitor email messages that users send from BlackBerry devices... 298 Sending notification messages to users... 299 Send a notification message to all users in a BlackBerry Domain... 299 Send a notification message to all users on a BlackBerry Enterprise Server... 299 Send a notification message to group members... 300 Send a notification message to a user... 300 How the BlackBerry Attachment Connector communicates with BlackBerry Attachment Service instances... 300 Change how a BlackBerry Attachment Connector retries sending requests to a BlackBerry Attachment Service... 301 Change how a BlackBerry Attachment Connector restores a lost connection to a BlackBerry Attachment Service... 302 Attachment file formats that the BlackBerry Attachment Service supports... 302 Limitations for supported attachment file formats... 303 Changing how a BlackBerry Attachment Service converts attachments... 304 Change how a BlackBerry Attachment Service converts attachments... 305 Change the maximum file size for attachments that users can receive... 307 Turn off support for an attachment file format for a BlackBerry Attachment Service... 308 Add support for an additional attachment file format to a BlackBerry Attachment Service... 308 Changing how the BlackBerry Messaging Agent reconciles attachments to the messaging server... 309 Change the maximum file size for attachments that users can send... 310 Prevent users from sending large attachments... 310

Change the maximum file size of attachments that users can download... 311 30 Managing calendars... 312 Correcting calendar synchronization errors on devices... 312 Configuration levels using the BlackBerry Enterprise Trait Tool... 312 Turn off corrective calendar synchronization... 313 View the current settings for corrective calendar synchronization... 314 Turn off automatic error correction in corrective calendar synchronization... 314 Configure the range of days to check for calendar synchronization errors... 315 Configure when corrective calendar synchronization runs... 316 Logging information for corrective calendar synchronization... 317 Delete a setting for corrective calendar synchronization... 318 Start corrective calendar synchronization manually for a user account... 319 31 Managing instant messaging... 320 Installing a collaboration client on BlackBerry devices... 320 Change the instant messaging server or pool that a BlackBerry Collaboration Service connects to... 321 Change the transport protocol for a Microsoft instant messaging environment... 321 Specify the Windows domain name for users who log in to a collaboration client... 322 Managing instant messaging sessions... 323 Specify the maximum number of instant messaging sessions that can be open at the same time... 323 Specify the inactivity timeout limit for instant messaging sessions... 323 Managing instant messaging features... 324 Prevent users from sending specific file types to instant messaging contacts using the BlackBerry Client for IBM Sametime... 324 Specifying the maximum size of file types that users can send using the BlackBerry Client for IBM Sametime... 324 Prevent users from sending instant messaging conversations in email messages... 325 Prevent users from saving instant messaging conversations... 325 Hide the icon that appears on BlackBerry devices for mobile contacts... 325 Make additional contact information and phone numbers available for the BlackBerry Client for IBM Sametime... 326 32 Managing a BlackBerry Domain... 328 Restarting BlackBerry Enterprise Server components... 328 Restart a BlackBerry Enterprise Server component using the BlackBerry Administration Service... 329 Restart a BlackBerry Enterprise Server component using Windows Services... 329 Best practice: Restarting more than one BlackBerry Administration Service... 330 Using the BlackBerry Enterprise Trait Tool... 330 Use the BlackBerry Enterprise Trait Tool... 330 BlackBerry Enterprise Trait Tool traits... 331 Managing BlackBerry CAL keys... 338 Add or delete a BlackBerry CAL key... 339 Copy a BlackBerry CAL key to a text file... 339 Configuring BlackBerry Policy Service throttling... 340

View the current settings for BlackBerry Policy Service... 340 Configuring BlackBerry Policy Service throttling for IT policies and service books... 340 Configuring BlackBerry Policy Service throttling for PIN encryption keys... 342 Configuring BlackBerry Policy Service throttling for application polling... 343 Delete a BlackBerry Policy Service throttling setting... 343 Change the port number that BlackBerry Enterprise Server components use to connect to the BlackBerry Configuration Database... 344 Change the port number that the syslog tools use to monitor BlackBerry Enterprise Server events... 345 33 BlackBerry Controller and BlackBerry Enterprise Server Component Monitoring... 346 How the BlackBerry Controller monitors the BlackBerry Enterprise Server components... 346 Change how the BlackBerry Controller restarts a BlackBerry Enterprise Server service... 346 BlackBerry Enterprise Server Alert Tool... 351 Configuring notifications using the BlackBerry Enterprise Server Alert Tool... 351 34 BlackBerry Enterprise Server log files... 353 Monitoring PIN messages, SMS text messages, and calls... 353 Change the default location for the log files for PIN messages, SMS text messages, and calls... 353 Log files for BlackBerry Enterprise Server components... 355 Changing the location where BlackBerry Enterprise Server components save log files... 355 Changing how BlackBerry Enterprise Server components create log files... 356 Component identifiers for log files... 360 BlackBerry MDS Connection Service Service log files... 361 Changing how the BlackBerry MDS Connection Service creates a log file... 361 Using BlackBerry MDS Connection Service log files to view information for proxied connections to BlackBerry devices... 365 BlackBerry Collaboration Service log files... 366 Change which activities the BlackBerry Collaboration Service writes to a log file... 366 35 BlackBerry Enterprise Solution connection types and port numbers... 367 BlackBerry Administration Service connection types and port numbers... 367 BlackBerry Attachment Service connection types and port numbers... 369 BlackBerry Collaboration Service connection types and port numbers... 370 BlackBerry Configuration Database connection types and port numbers... 372 BlackBerry Controller connection types and port numbers... 373 BlackBerry Dispatcher connection types and port numbers... 374 BlackBerry Messaging Agent connection types and port numbers... 376 BlackBerry MDS Connection Service connection types and port numbers... 379 BlackBerry Policy Service connection types and port numbers... 380 BlackBerry Router connection types and port numbers... 381 BlackBerry Synchronization Service connection types and port numbers... 384 IBM Sametime connection type and port number... 385 Microsoft Office 365 connection types and port numbers... 385

Microsoft Office Live Communications Server 2005 connection types and port numbers... 386 BlackBerry Client for use with Microsoft Office Live Communications Server 2005 connection types and port numbers... 386 Novell GroupWise Messenger connection type and port number... 387 SNMP agent connection types and port numbers... 387 Syslog connection type and port number... 388 36 Troubleshooting... 389 Troubleshooting: Connecting to the BlackBerry Administration Service... 389 The web browser displays an HTTP 404 or HTTP 504 error message when it tries to connect to a BlackBerry Administration Service... 389 Troubleshooting: BlackBerry Enterprise Server Performance... 390 Microsoft SQL Server uses a considerable amount of disk space... 390 It takes a long time to look up data in the BlackBerry Configuration Database... 390 Troubleshooting: Setting up user accounts... 391 You cannot create a user account in the BlackBerry Administration Service... 391 You cannot find a new user account in the directory using the BlackBerry Administration Service... 391 Troubleshooting: Messaging... 392 Messages are not delivered to BlackBerry devices... 392 Troubleshooting: Instant messaging... 392 Users cannot view phone numbers for contacts in the BlackBerry Client for IBM Sametime... 392 A user did not accept a notification about an instant message on a computer and the notification disappeared... 394 A user receives a 301 error when the user logs in to an instant messaging application on a BlackBerry device... 394 Troubleshooting: BlackBerry Web Desktop Manager... 395 Troubleshooting: Users cannot log in to the BlackBerry Web Desktop Manager... 395 Troubleshooting: Connections to the Wi-Fi network... 396 A BlackBerry device cannot connect to a Wi-Fi network... 396 A BlackBerry device cannot open a VPN connection... 405 A BlackBerry device cannot connect to the mobile network using UMA or GAN... 406 Verify whether a BlackBerry device can resolve an IP address... 407 Look up a computer name to resolve an IP address... 407 Troubleshooting: BlackBerry Administration Service pools... 408 BlackBerry Administration Service instances located in different network segments are not connecting to each other... 408 Troubleshooting: IT policies... 409 I cannot find an IT policy rule in the BlackBerry Administration Service... 409 37 Glossary... 410 38 Legal notice... 415

Related resources Related resources 1 To read the following guides or additional related material, visit www.blackberry.com/go/serverdocs. Resource BlackBerry Enterprise Server for Microsoft Office 365 Release Notes BlackBerry Enterprise Server for Microsoft Office 365 Installation Guide Information Descriptions of known issues and potential workarounds System requirements Installation instructions BlackBerry Enterprise Server for Microsoft Office 365 Feature and Technical Overview BlackBerry Enterprise Server for Microsoft Office 365 Policy Reference Guide BlackBerry Enterprise Transporter for Microsoft Office 365 Installation and Administration Guide Architecture diagram Description of features and components Data flows Understanding BlackBerry Enterprise Server for Microsoft Office 365 IT policy rules and application control policy rules Using IT policies and application control policies Microsoft Office 365 Installation and configuration instructions Instructions for migrating existing users to the BlackBerry Enterprise Server for Microsoft Office 365 18

About BlackBerry Enterprise Server for Microsoft Office 365 About BlackBerry Enterprise Server for Microsoft Office 365 2 BlackBerry Enterprise Server for Microsoft Office 365 is designed to be a secure link between your organization's cloud messaging services and BlackBerry devices. BlackBerry Enterprise Server can provide mobile access to the email accounts and organizer data that are part of your organization's resources. BlackBerry Enterprise Server supports AES encryption to help protect wireless data that is transmitted between BlackBerry Enterprise Server and BlackBerry devices. You can select from more than 500 IT policy rules that you can configure to control the features of the devices that are used in your organization's environment. You can configure BlackBerry Enterprise Server and BlackBerry Enterprise Server components to support high availability to enhance the consistency and reliability of your organization's environment. 19

Log in to the BlackBerry Administration Service for the first time Log in to the BlackBerry Administration Service for the first time 3 To open the BlackBerry Administration Service, you can use a browser on any computer that has access to the computer that hosts the BlackBerry Administration Service. Before you begin: To manage a BlackBerry device using the BlackBerry Administration Service while the BlackBerry device is connected to the computer, the browser must permit Microsoft ActiveX controls. 1. In the browser, type https://<server_name>/webconsole/app, where <server_name> is the name of the computer that hosts the BlackBerry Administration Service. 2. In the User name field, type admin. 3. In the Password field, type the password that you created during the installation process. 4. In the Log in using drop-down list, click BlackBerry Administration Service or Active Directory Authentication. 5. Click Log in. There is a problem with this website's security certificate Description The browser displays this error message when you try to navigate to the BlackBerry Administration Service using Windows Internet Explorer version 7 or later. Possible solution Add the web address for the BlackBerry Administration Service to the list of trusted web sites in Windows Internet Explorer, and install the certificate for the BlackBerry Administration Service in the certificate store of your computer. 1. In Windows Internet Explorer, navigate to the BlackBerry Administration Service console. 20

Log in to the BlackBerry Administration Service for the first time 2. Click Continue to this website (not recommended). 3. On the Tools menu, click Internet Options. 4. On the Security tab, click Local Intranet. 5. Click Sites. 6. Click Add to add the console to the list of trusted web sites. 7. Click Close. 8. Click OK. 9. In the browser window, on the toolbar, click Certificate Error. 10. Click View certificates. 11. Click Install certificate. The Certificate Import Wizard opens. 12. Complete the instructions in the Certificate Import Wizard. If you are trying to log in to the BlackBerry Administration Service using a computer that runs Windows Vista, perform the following actions in the Certificate Import Wizard. a b c d In the Certificate Store dialog box, click Place all certificates in the following store. Click Browse. Click Trusted Root Certification Authorities. Click OK. 13. Close and reopen the browser. This connection is untrusted Description This message appears when you try to navigate to the BlackBerry Administration Service using Mozilla Firefox 3.6. Possible solution Install the certificate for the BlackBerry Administration Service in the certificate store of your computer. 1. In Firefox, navigate to the BlackBerry Administration Service console. 2. Click I Understand the Risks. 3. Click Add Exception. 4. Click Confirm Security Exception. 5. Close and reopen the browser. 21

Creating administrator accounts Creating administrator accounts 4 Administrative roles and permissions You create roles for administrator accounts or assign preconfigured roles to administrator accounts so that you can specify what tasks an administrator can perform on the BlackBerry Enterprise Server. You can specify the actions that administrators can perform by changing the permission that you assign to administrative roles. Permissions specify the information that administrators can view and the tasks that they can perform using the BlackBerry Administration Service. Each action that you perform in the BlackBerry Administration Service is associated with a specific permission. You can specify the actions that administrators can perform by changing the permission that you assign to administrative roles. Roles do not apply to tasks that an administrator can perform using the BlackBerry Configuration Panel. You can assign multiple roles to administrator accounts. If you assign multiple roles to an administrator account, the administrator is assigned all the permissions that are turned on for each of the roles. You can also assign roles to groups and add administrator accounts to groups. This allows you to specify administrative role permissions at a group level instead of at an individual level. If the group contains BlackBerry device users, the roles are also assigned to the users and the users become administrators. Administrative roles for the BlackBerry Enterprise Server The BlackBerry Enterprise Server includes preconfigured administrative roles that you can assign to administrator accounts. Each role is designed for a different type of administrator, and grants different permissions to manage and make changes to the BlackBerry Enterprise Server, user accounts, and BlackBerry devices. The table below details the permissions that are associated with each role. To meet the needs of your organization's environment, you can change the permissions that are associated with the preconfigured roles, or you can create custom roles. For more information about how to change or create roles, visit www.blackberry.com/go/serverdocs to read the BlackBerry Enterprise Server for Microsoft Office 365 Administration Guide. 22

Creating administrator accounts Permission name Security role Enterprise Admin role Senior Helpdesk role Junior Helpdes k role Server only role User only role User and device group Create a group X X X X Delete a group X X X View a group X X X X X Edit a group X X X X X Create a user X X X X Delete a user X X X X View a user X X X X X Edit a user X X X X X View a device X X X X X Edit a device X X X X X View device activation settings Edit device activation settings X X X X X X Create an IT policy X X X Delete an IT policy X X X View an IT policy X X X X X Edit an IT policy X X X Import an IT policy X X X Export an IT policy X X X Create a user-defined IT policy template Delete a user-defined IT policy template X X X X X X 23

Creating administrator accounts Permission name Security role Enterprise Admin role Senior Helpdesk role Junior Helpdes k role Server only role User only role Resend data to devices X X X X Edit a user-defined IT policy template Import an IT policy template Create a software configuration View a software configuration Edit a software configuration Delete a software configuration X X X X X X X X X X X X X X X X X X X X Create an application X X X View an application X X X X X Edit an application X X X Delete an application X X X Create an administrator user Add or remove to user configuration Export asset summary data X X X X X X X X Import or export users X X X X Export statistics X X X Import user updates X X X Assign the current device to a user X X X X X 24

Creating administrator accounts Permission name Security role Enterprise Admin role Senior Helpdesk role Junior Helpdes k role Server only role User only role Delete all device data and remove device Delete only the organization data and remove device View associated BlackBerry Enterprise Server Override associated BlackBerry Enterprise Server X X X X X X X X X X X X X X X X X View a directory source X X Edit a directory source X X View user authentication Edit user authentication Specify an activation password Turn off and on external services Generate an activation email Clear synchronization backup data X X X X X X X X X X X X X X X X X X X X Clear user statistics X X X X X Reset user field mapping X X X X Turn on redirection X X X X Turn off redirection X X X X Import new users X X X 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback