|
|
|
03-07-2007, 04:44 AM
|
#1
|
BlackBerry Extraordinaire
Join Date: Feb 2005
Location: Port 3101.org
Model: .
Carrier: .
Posts: 2,491
|
BBAdmin's BES Prerequisites Thread
Please Login to Remove!
One of the painful elements of implementing BES is the way in which RIM write the checklists. I often come across people who are not quite sure what they need to do in terms of prerequisites . The problem I think is not so much the complexity, but the way in which the checklist element of BES is laid out. RIM also make this worse by segregating the checklist on the basis you may want to install various BES components on different machines, and most of us don't need this. To try and make the process as simple as possible I have decided to write up a checklist which, although largely taken from RIM's documentation, I have added my own experiences and ways of explaining each element in the hope that if you need it, you will find my documentation simplier to follow!!!
Now, a couple of footnotes; We know you can fudge a BlackBerry Server to work on an Exchange box, and we know you can get away with installing it on a machine with perhaps lower than recommended specs (depending on the size of the user base), but my theory behind the below is on the fact that most people want a BES server which they can get support on from RIM, therefore my checklist ensures a supported configuration. Also please note my checklist is based on an implementation for Exchange 2003.
To prevent this thread getting cluttered please only post your thanks, or your recommendations (or corrections on the basis I may have gotten something wrong). I don't want to hear "you can install it on the Exchange Server"!!! Post your corrections and I will ammend this post so we always have the most up to date information at the top of the thread!!
BES Prerequisites for Exchange 2003
Hardware Requirements
RIMxxx8217;s minimum recommendations for the hardware on which you want to run BES are:
Intel Pentium IV processor (2GHz or higher)
1.5GB RAM
1GB of free disk space
Your BES should also be located near your Exchange Server to avoid issues with latency
Network Environment & Firewall Configuration
Do not put the BES in a DMZ
Configure your firewall to initiate a bi-directional TCP/IP connection to an external server on port 3101
Verify that the firewall can resolve Internet addresses using DNS
If using a proxying firewall, ensure that the proxy is transparent
SPAM & Anti Virus Systems
You must allow .DAT file attachments to pass through to users mailboxes for Enterprise Activation
You must ensure your Anti SPAM software does not prevent activation messages reaching usersxxx8217; mailboxes. The best way to configure this is to allow all emails from *.blackberry.net
BES Software Requirements
Your BES server will need to run Microsoft Windows 2000 (Server or Advanced Server editions) or Microsoft Windows Server 2003 SP1
You will need to install Microsoft Exchange 2003 System Manager ONLY (do not install a full Exchange Server on the BES computer)
Microsoft Internet Explorer version 6.0 or later
Adobe Acrobat Reader 3.0 or later (to read the user guides)
You must install MSDE 2000 Release A or SQL 2000 on the same computer as the BlackBerry Enterprise Server. You can also utilise a remote SQL server if required.
Microsoft Exchange Infrastructure
Microsoft Exchange 2003 native environment
Any Microsoft Exchange service packs that are installed on your mail server must also be installed on the BES computer
Do not install Microsoft Outlook on the computer on which you intend to install BES
Install and register the cdo.dll hot fix in C:\Program Files\Exchsrvr\BIN\ on the BES computer to obtain the correct Messaging API (MAPI) version. The version number on the BES computer must be the same or higher than the CDO.dll on your Exchange Server
Verify that the BES is in the same Microsoft Exchange domain as your messaging server
Configuration Database
If you intend to install your database on the same computer as BES, install one of the following database programs:
1. Microsoft SQL Server 2000 Desktop Engine (MSDE 2000)
2. Microsoft SQL Server 2000 Service Pack 3a
3. Microsoft SQL Server 2005 (Professional or Enterprise)
If your configuration database is on a remote server, you must enable network protocols to make a connection
Microsoft SQL Server must not be installed with case-sensitive collation settings. Use the default case-insensitive collation settings.
Install one of the following Microsoft Data Access Component (MDAC) versions on the computer where you plan to install the BlackBerry Enterprise Server:
1. MDAC 2.8 with Security Patch MS04-003 (version 2000.85.1025.00)
2. MDAC 2.8 Service Pack 2 (version 2000.86.1830.00)
If you are using Microsoft SQL Server, download and install the appropriate Java Database Connectivity (JDBC) driver.
Microsoft SQL Server 2000 driver for JDBC Service Pack 3: Visit
Downloads for Microsoft SQL Server 2000 for more information
Microsoft SQL Server 2005 driver for JDBC: Visit
Downloads for SQL Server 2005 for more information
Database Permissions
If creating the configuration database on the BES computer, assign System Administrator permission
If creating the configuration database on a remote database server during the BES installation, assign Server Administrator and Database Creator permissions
BESAdmin Permissions
Create a Windows 2000 Domain User to act as your BES service account and create an Exchange mailbox for the newly created user.
Initialize the mailbox by sending a test message to the newly created service account mailbox
The service account requires a minimum of the following Windows 2000 permissions:- Log on locally with local permissions
- Log on as a service
- Local administrator
The service account requires a minimum of the following Microsoft Exchange 2003 permissions:- View Only Administrator. This permission should be set to enable (at minimum) access at the Administrative Groups level in Microsoft Exchange 2003 to be able to read from the Active Directory.
- Administrator Information store, Send as, and Receive as. These permissions should be set at the Microsoft Exchange server level.
You must ensure your Group Policy does not conflict and override the permissions set for the BESAdmin
Terminal Services
Windows Server 2000: If installed, select Remote Administration mode
Windows Server 2003: Do not install; select Remote Desktop mode on the System Properties Remote tab
Multiple Languages
You can enable additional languages to support Unicode in the BlackBerry Manager using the Windows regional options
Download the Microsoft Internet Explorer Multilanguage support pack and adjust the encoding to view Chinese Simplified [GB2312] and, or Chinese Traditional [Big5]
USB Hub
If you are running a USB hub, verify that the driver supports USB 1.1 compliant hubs
As a final point, when it comes to actually installing your BES server, make sure you are logged on as the BESAdmin account!!
Happy installing.
Last edited by BBAdmin; 03-08-2007 at 08:05 AM..
|
Offline
|
|
03-26-2007, 06:32 PM
|
#2
|
Talking BlackBerry Encyclopedia
Join Date: Feb 2007
Model: 8310
Carrier: ALL
Posts: 262
|
Nice work, from what I can tell (considering the lack of sleep last night) its spot on, been meaning to write up a simplified version myself.
Now just need one for Domino and GroupWise
|
Offline
|
|
03-27-2007, 03:19 AM
|
#3
|
BlackBerry Extraordinaire
Join Date: Feb 2005
Location: Port 3101.org
Model: .
Carrier: .
Posts: 2,491
|
Quote:
Now just need one for Domino and GroupWise
|
Feel free....I'm a bit of an Exchange monkey and hate everything else!!
|
Offline
|
|
03-27-2007, 02:54 PM
|
#4
|
Thumbs Must Hurt
Join Date: Mar 2006
Model: 8703e
Carrier: Sprint
Posts: 156
|
Looks good. Can you create one for 2007 as well
__________________
Your BlackBerry Did What!!
Outlook 2010
BES 5
|
Offline
|
|
03-27-2007, 04:40 PM
|
#5
|
BlackBerry Extraordinaire
Join Date: Feb 2005
Location: Port 3101.org
Model: .
Carrier: .
Posts: 2,491
|
Exchange 2007 isn't supported yet, and I never fudge my BlackBerry servers with unsupported configurations...when RIM are up for it, so am I and you'll see a prerequisites thread for it then my friend!!
|
Offline
|
|
03-28-2007, 02:33 AM
|
#6
|
CrackBerry Addict
Join Date: Aug 2005
Location: London, UK
Model: 9700
Carrier: O2
Posts: 961
|
Quote:
Originally Posted by BBAdmin
Exchange 2007 isn't supported yet, and I never fudge my BlackBerry servers with unsupported configurations...when RIM are up for it, so am I and you'll see a prerequisites thread for it then my friend!!
|
Indeed.
Last edited by BBAdmin; 03-28-2007 at 02:58 AM..
|
Offline
|
|
03-29-2007, 09:05 PM
|
#7
|
Talking BlackBerry Encyclopedia
Join Date: Feb 2007
Model: 8310
Carrier: ALL
Posts: 262
|
Quote:
Originally Posted by BBAdmin
Feel free....I'm a bit of an Exchange monkey and hate everything else!!
|
Same, Hence why I'm in need of the other ones
Two things I would add for server preperation is installng IIS and Active Directory Management Tools (IIS more so than the later)
|
Offline
|
|
03-30-2007, 04:50 PM
|
#8
|
Knows Where the Search Button Is
Join Date: Mar 2007
Model: BES
Posts: 15
|
Thanks for the simplified list, i am going through it now and will give you my results as soon as i get through it all. GOOD WORK it does help.
randy
|
Offline
|
|
03-30-2007, 06:57 PM
|
#9
|
BlackBerry Extraordinaire
Join Date: Feb 2005
Location: Port 3101.org
Model: .
Carrier: .
Posts: 2,491
|
Cool, although I'm slightly worried from your user name that you perform all of you administration naked!!!!!
|
Offline
|
|
04-02-2007, 04:54 PM
|
#10
|
Knows Where the Search Button Is
Join Date: Mar 2007
Model: BES
Posts: 15
|
privately yes, not publicly or within a business. It would be easy for me to do.
|
Offline
|
|
04-03-2007, 08:24 AM
|
#11
|
Talking BlackBerry Encyclopedia
Join Date: Mar 2005
Location: Washington DC
Model: all
Carrier: All carrier's
Posts: 315
|
wow, how do you get to be a "super moderator?"
the guide is nice and simple. Any chances that you have written up a device troubleshooting guide?
I have to write one of those up for my helpdesk. Our Gov't. Agency (GA) is under the gun for documentation, which I have to update.
Can I borrow your simple guide?
|
Offline
|
|
04-03-2007, 08:26 AM
|
#12
|
BlackBerry Extraordinaire
Join Date: Feb 2005
Location: Port 3101.org
Model: .
Carrier: .
Posts: 2,491
|
Quote:
Can I borrow your simple guide?
|
Help yourself, it's here for the community!!
|
Offline
|
|
04-11-2007, 02:51 PM
|
#13
|
Knows Where the Search Button Is
Join Date: Mar 2007
Model: BES
Posts: 15
|
i love your guide and it was and is quite helpful. i have a few items i think would be helpful through my own experience that may help those starting this installation for the first time. when i get past the database issue and the mixed mode problem and figure that one out i will be near finish i think.
i am not quite ready to share my ideas yet. Thanks for the guide.
|
Offline
|
|
04-19-2007, 12:42 PM
|
#14
|
New Member
Join Date: Apr 2007
Model: 8703e
PIN: N/A
Carrier: Verizon
Posts: 13
|
Greate guide... but regarding this part:
Quote:
The service account requires a minimum of the following Microsoft Exchange 2003 permissions:
* View Only Administrator. This permission should be set to enable (at minimum) access at the Administrative Groups level in Microsoft Exchange 2003 to be able to read from the Active Directory.
* Administrator Information store, Send as, and Receive as. These permissions should be set at the Microsoft Exchange server level.
|
Where do you set these permissions specifically?
|
Offline
|
|
04-19-2007, 06:21 PM
|
#15
|
BBF Moderator
Join Date: Aug 2004
Location: Germany
Model: 9700
PIN: not configured
Carrier: T-Mobile
Posts: 1,528
|
Quote:
Originally Posted by bculler2
Greate guide... but regarding this part:
Where do you set these permissions specifically?
|
You need to use Exchange System Manager to set these permissions.
|
Offline
|
|
04-23-2007, 08:51 AM
|
#16
|
New Member
Join Date: Apr 2007
Model: 8703e
PIN: N/A
Carrier: Verizon
Posts: 13
|
Anyway to get this thread stickied? This has been a great help.
|
Offline
|
|
05-15-2007, 03:58 PM
|
#17
|
Thumbs Must Hurt
Join Date: Apr 2005
Location: SF
Model: 8100
Carrier: TMO
Posts: 138
|
One question,
Can BES reside on a Domain Controller?
__________________
Robert Liebsch
Systems Psychologist, Network Sociologist, User Therapist.
|
Offline
|
|
05-26-2007, 08:55 AM
|
#18
|
Talking BlackBerry Encyclopedia
Join Date: May 2007
Location: Toronto, Canada
Model: 9700
OS: 5.0.0.423
PIN: 21B694E3
Carrier: Virgin Mobile Canada
Posts: 396
|
I read that BES can run on SBS 2003 server so a lot of what you have posted here doesn't really fit in the server configuration. Does anyone have suggests on how to do everything from start to finish?
Thanks
Andrew
|
Offline
|
|
05-26-2007, 01:40 PM
|
#19
|
Talking BlackBerry Encyclopedia
Join Date: May 2007
Location: Toronto, Canada
Model: 9700
OS: 5.0.0.423
PIN: 21B694E3
Carrier: Virgin Mobile Canada
Posts: 396
|
What the heck does this mean in English? Microsoft doesn't write crap like this without giving detail instructions how to properly configure something!! (sigh) I think RIM needs to have a lession or two in properly documenting stuff.
----snip----
The service account requires a minimum of the following Microsoft Exchange 2003 permissions:
View Only Administrator. This permission should be set to enable (at minimum) access at the Administrative Groups level in Microsoft Exchange 2003 to be able to read from the Active Directory.
Administrator Information store, Send as, and Receive as. These permissions should be set at the Microsoft Exchange server level.
You must ensure your Group Policy does not conflict and override the permissions set for the BESAdmin
----snip----
Andrew
|
Offline
|
|
06-05-2007, 03:02 AM
|
#20
|
BlackBerry Extraordinaire
Join Date: Feb 2005
Location: Port 3101.org
Model: .
Carrier: .
Posts: 2,491
|
Quote:
Microsoft doesn't write crap like this
|
You're correct, Microsoft doesn't write crap like this.....they write crap that's so complicated you'll have no idea what you're supposed to do!! It's not RIM's job to teach people how to set permissions in Windows/Exchange click by click, and if you can't perform those basic admin tasks then you shouldn't be setting up stuff like this, so I have to say I entirely disagree with your point.
|
Offline
|
|
|
|