SBS/Exchange and Blackberry Enterprise Server

Dear Newsgroup,
on a Small Business Server 2003-machine with installed Blackberry Enterprise 
Server (and three Blackberries) I have got the following problem.

Since a few days, no Blackberry is able to send E-Mails. E-Mail-receiving, 
Synchronizing calendar/contacts/tasks and incoming E-Mail works perfectly. I 
have been set the security policies of the related users, the server however 
"forgets" these settings within half an hour.

The settings made by me are the following:
1. User x/y/z --> security, add BESAdmin, full access
2. User BESAdmin --> security, add x/y/z, full access

Within the minute these settings are added, the E-Mail-sending-funktion 
works perfectly. However, I have no idea why these are gone after I have set 
them.

Hopefully, someone out here can help me. Thank you all in advance for any 
tip and/or solution.
Jonas 


0
Jonas
1/18/2010 10:28:29 AM
windows.server.sbs 1975 articles. 0 followers. Follow

2 Replies
909 Views

Similar Articles

[PageSpeed] 8

Hi Jonas,

X-Posting leaves you lonely

> on a Small Business Server 2003-machine with installed Blackberry 
> Enterprise Server (and three Blackberries) I have got the following 
> problem.
>
> Since a few days, no Blackberry is able to send E-Mails. E-Mail-receiving, 
> Synchronizing calendar/contacts/tasks and incoming E-Mail works perfectly. 
> I have been set the security policies of the related users, the server 
> however "forgets" these settings within half an hour.
>
> The settings made by me are the following:
> 1. User x/y/z --> security, add BESAdmin, full access
> 2. User BESAdmin --> security, add x/y/z, full access
>
> Within the minute these settings are added, the E-Mail-sending-funktion 
> works perfectly. However, I have no idea why these are gone after I have 
> set them.
>
> Hopefully, someone out here can help me. Thank you all in advance for any 
> tip and/or solution.

See:

The "Send As" right is removed from a user object after you configure the
"Send As" right in the Active Directory Users and Computers snap-in in
Exchange Server
http://support.microsoft.com/kb/907434/en-us

Topic: "Proteced Groups"

+ Administrators
+ Account Operators
+ Server Operators
+ Print Operators
+ Backup Operators
+ Domain Admins
+ Schema Admins
+ Enterprise Admins
+ Cert Publishers

So: Why are your users having more rights than they ought to have?

-- 
Tobias Redelberger
StarNET Services (HomeOffice)
Frankfurter Allee 193
D-10365 Berlin
Tel:       +49 (30) 86 87 02 678
Mobil:   +49 (163) 84 74 421
Email:   T.Redelberger@starnet-services.net
Web: http://www.starnet-services.net


0
Tobias
1/18/2010 1:02:24 PM
"Tobias Redelberger [MVP - SBS]" <T.Redelberger@starnet-services.net> wrote 
in message news:OoAb95DmKHA.3972@TK2MSFTNGP04.phx.gbl...
> Hi Jonas,
>
> X-Posting leaves you lonely
>
>> on a Small Business Server 2003-machine with installed Blackberry 
>> Enterprise Server (and three Blackberries) I have got the following 
>> problem.
>>
>> Since a few days, no Blackberry is able to send E-Mails. 
>> E-Mail-receiving, Synchronizing calendar/contacts/tasks and incoming 
>> E-Mail works perfectly. I have been set the security policies of the 
>> related users, the server however "forgets" these settings within half an 
>> hour.
>>
>> The settings made by me are the following:
>> 1. User x/y/z --> security, add BESAdmin, full access
>> 2. User BESAdmin --> security, add x/y/z, full access
>>
>> Within the minute these settings are added, the E-Mail-sending-funktion 
>> works perfectly. However, I have no idea why these are gone after I have 
>> set them.
>>
>> Hopefully, someone out here can help me. Thank you all in advance for any 
>> tip and/or solution.
>
> See:
>
> The "Send As" right is removed from a user object after you configure the
> "Send As" right in the Active Directory Users and Computers snap-in in
> Exchange Server
> http://support.microsoft.com/kb/907434/en-us
>
> Topic: "Proteced Groups"
>
> + Administrators
> + Account Operators
> + Server Operators
> + Print Operators
> + Backup Operators
> + Domain Admins
> + Schema Admins
> + Enterprise Admins
> + Cert Publishers
>
> So: Why are your users having more rights than they ought to have?
>
> -- 
> Tobias Redelberger
> StarNET Services (HomeOffice)
> Frankfurter Allee 193
> D-10365 Berlin
> Tel:       +49 (30) 86 87 02 678
> Mobil:   +49 (163) 84 74 421
> Email:   T.Redelberger@starnet-services.net
> Web: http://www.starnet-services.net
>
>


Tobias,

I agree. It may be possible that in Jonas' description for users x/y/z and 
BESAdmin are actually Domain Admins, which I can see why the system is 
reverting them based on the AdminSDHolder function. My feeling is that no 
email user should be a Domain Admin. which should be left to administer the 
domain. And unless I'm misreading what's going on here, I don't see why the 
BESAdmin account is a domain admin, either. The following outlines the 
permissions it requires.

Assigning permissions for a BlackBerry Enterprise Server service account. 
(It also states: "Important: The BlackBerry Enterprise Server service 
account should have the Domain User role, not the Domain Administrator role 
or be a member of any other Protected Groups. Please see article BB KB04557 
for more information."
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB02276&sliceId=SAL_Public&dialogID=178932898&stateId=0%200%2087258522

-- 
Ace

This posting is provided "AS-IS" with no warranties or guarantees and 
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among 
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & 
MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please 
contact Microsoft PSS directly. Please check http://support.microsoft.com 
for regional support phone numbers.


0
Ace
1/18/2010 8:18:48 PM
Reply:

Similar Artilces:

Access OWA during exchange offline
Dear All AS we know, we can access Our inbox (via Ms Outlook) during exhange server down or offline. My concern is, can wee access our inbox or calendar during exchange server is offline? thank you.. In news:%23YTtmu97FHA.2036@TK2MSFTNGP14.phx.gbl, Muhamad Taufik Khasim <Taufik@uniten.edu.my> typed: > Dear All > > AS we know, we can access Our inbox (via Ms Outlook) during exhange > server down or offline. > My concern is, can wee access our inbox or calendar during exchange > server is offline? > > thank you.. No.....only when your mailbox is accessibl...

Exchange 2003 Question #3
Dear all, I have upgraded from Exchange 5.5 and notice that I miss the feature where I can clean/delete mail based on certain criteria from users mailbox via the System Manager. Is this feature still available in Exchange 2003, If so, where is it? Thanks. Regards, Kueh. You can use ExMerge to remove emails based on certain criteria (ie. attachment name, subject, etc). http://www.msexchange.org/tutorials/MF013.html "KA Kueh" wrote: > Dear all, > > I have upgraded from Exchange 5.5 and notice that I miss the feature where I > can clean/delete mail based on ...

Front End Exchange 2003 OWA for a Back end 2000
Hey everybody, At the minute we're in the process of upgrading our 30 odd servers to Windows Server 2003. The Domain Controllers are still running Windows 2000. My question is : Can I install an Exchange 2003 OWA on a Windows Server 2003 to connect to an Exchange 2000 Server in a Windows 2000 Domain (Native Mode) Do I have to upgrade the whole domain first ? What about notions of Front End / Back End ? We would like to do this to benefit from the new OWA (As it's sooooo cool :)) Thanks for your replies, Mike You can use an E2K3 FE to connecto to an E2K BE, but you only get OW...

Rejected by Server
When sending mail, I get an error with "rejected by server". The e-mail is still sent, but I get this error message every time. You are hiding some of the details. The reject error would show some status error number, like 550, and an error code, like 0x.....CE. Are you sending e-mails using your ISP's SMTP (outbound) mail server? Or are you connected to their network but trying to relay SMTP requests across their network to an SMTP server on someone else's network? That's a no-no since many ISP's will not let you relay SMTP traffic across their network (except,...

Outlook2003 : keeping a copy of PST on server
I can't seem find the place to make the change on the client's outlook to keep a copy of the pst file on exchange server. When I configured outlook I got the message to go into tools and select the option to keep a copy on server. I couldn't find that option and all mail was delivered to the client. When you go through owa all you will see is the new mail not delivered to the client. I'm going to hack at it and when I find something I will post my findings. But if someone already knows where to look I would appreciate that Thanks Norm found this article http://www...

can servers be moved between administrative groups?
Below is an extract from the 70-284 MS training kit. I am totaly confused i have been told in this newsgroup by an MVP that you can not move a server once installed to a different administrative group and have also read elsewhere that you cannot but Microsoft below say you can in both modes. Subsequent Exchange servers are added to routing groups during the installation process,and if necessary, you can move servers between routing groups using Exchange System Manager. The only caveat is that in mixed mode, you cannot move servers between routing groups that belong to different administrative...

Installed Second Exchange 2007SP1
I have ABC domain with two Sites STL and GVL. I had my exchange server 2007SP1 installed in STL. Now GVL installed a Exchange 2007SP1 server. All looks good but I get the following error message from time to time in the EMC on my Server in STL. There is a Firewall between us should there be some ports open for them to communicate. Thanks for your help! -------------------------------------------------------- Microsoft Exchange Error -------------------------------------------------------- The following error(s) were reported while loading topology information: Get-ActiveSync...

Default Exchange Receive Connector
Hi all, I just installed Exchange 2007. There were two receive connectors already setup during install, I have a question on the "Default Exchange Receive Connector." If I want public mail servers to be able to send mail to my exchange server, do I need to enable "Anonymous Users" on the "Permissions Group Tab" of that connector? Robert Exchange Server 2007: internet email without Edge servers http://exchangepedia.com/blog/2006/07/exchange-server-2007-internet-email.html -- Bharat Suneja MVP - Exchange www.zenprise.com NEW blog location: exchangepedia....

Exchange 2003 on a Domain Controller.
Hi All, I have a WinNT/Ex5.5 to AD 2000/03 and Ex2k3 migration to do. The client is a small company with only about 15 users. The are a network solutions company that needs flexibility so SBS is out of the question. My initial thought was to have 2 Win2k domain controllers/file servers and one Win2k3 member server running Ex2k3. They only have 2 Win2k server licenses and 1 Win2k3 server license. The problem is that they want to be able to use RPC over HTTPs. I understand that requires a 2003 Global Catalogue server. So, my plan of the 2000 DCs doesn't work. My question is:...

Is anybody using Symantec Enterprise Vault?
Hi, A vendor has recommended this solution to us, I have looked at the datasheet for the product and it speaks the right language but I was wondering if anybody on here uses it in a live environment and what their opinion of it is. Cheers Sean ...

Exchange database folder
Hi! I have just installed Exchange 2003 on windows 2003 server and all files (database, mailboxes....) are installed on drive "c:". How could move all on drive "e:" ? Thanks Antonio Grasso Hi Open ESM, navigate to the server -> Mailbox Store -> Properties -> -> Database TAB Click "Brows" for Exchange Database file and brows to the new location Do the same fore the Exchange streaming file Click Apply, after move process finished you notify for it It is highly recommended that you move the Transaction Log to another location then The operatio...

Out of office replies and exchange 2003
I am a bit new to exchange 2003. Can anyone point me in the right direction for out of office replies, meaning, can I set certain addresses to not send them to, like email lists or discussion groups? if so how? thanks Out of office replies to the internet are disabled by default. You can allow them to specific domains under Global Settings. On Wed, 29 Sep 2004 08:50:44 -0700, "tester" <tester@testthis.net> wrote: >I am a bit new to exchange 2003. Can anyone point me in the right direction >for out of office replies, meaning, can I set certain addresses to not ...

iPhone Email to Entourage Using Exchange
Version: 2008 Operating System: Mac OS X 10.5 (Leopard) Processor: Intel When I answer an email on my iPhone, it does not register it in Entourage as answered. This function worked fine until the business I work for put everyone on Exchange. Is there a setting for this that I can change? <br><br>Thanks! ...

Changing Interface OWA (exchange 2003)
Not sure if you all remember but back in the Exchange 5.5 days we use to be able to go onto a site and put in the username of the person mailbox you want to access, then a windows pop up would come up asking you for your credentials. I was wondering if that is still possible to do that in Exchange 2003? If so how can that be done? Configure Forms-Based Authentication (FBA). -- Ed Crowley MVP - Exchange "Protecting the world from PSTs and brick backups!" "John" <nospam@comcast.net> wrote in message news:evIllMndHHA.596@TK2MSFTNGP06.phx.gbl... > Not sure...

Exchange 2003...Queues...Find Messages...icons?
I regularily view messages that have been in the queue on Exchange 2003. If I select one of the domains of the messages in the queue and do a find messages I get a window with the various messages. The messages will have an icon beside them that varies. I am unable to find any documentation to describe the significance of the various icons under sender. Here are a few that I have seen: 1) A normal envelope 2) An envelope with a red circle around a red square in the lower right corner 3) no icon Anyone now where I can find a description of these and there significance? TIA R...

How to remove the exchange public folder?
Hi, We have exchange 5.5 running in our organization. We remove one site from the current organization and would like to know, how can we remove the public folders which replicated when it was on the organization with other sites. Thanks >-----Original Message----- >Hi, > >We have exchange 5.5 running in our organization. We >remove one site from the current organization and would >like to know, how can we remove the public folders which >replicated when it was on the organization with other >sites. > >Thanks >. >you need to open exchange in raw ...

Server being used to send out viruses
Problem: When I select "Clients can only submit if homed on this server" in the CONNECTIONS tab in the IMC, my remote POP3 users cannot send email through the server. The email just sits in their Outbox. These POP3 clients do have mailboxes (email accounts) on the server so this should work. When I set my server to ACCEPT CONNECTIONS FROM ANY HOST, my server becomes a target for others (as known as evil people) to use my email server to send out viruses. Any ideas? Thanks, everyone who contributes to this forum. This is great! David Hi, If you are using Exchange, w...

Cannot reinstall Exchange 5.5 on Small Business Server 4.5
Our Small Business Server 4.5 crashed yesterday and could only be started by doing a repair of Windows NT. Unfortunately, this left the Small Business Server programs partially installed. Now, Exchange will not start. It has the message "A connection could not be made to the Microsoft Exchange Server". I tried to reinstall Exchange, but get the message "This component is already installed and cannot be modified". Microsoft Exchange does not appear under Add/Remove Programs, so I cannot uninstall it either. Any suggestions would be greatly appreciated. Deborah obxgi...

gp10 change clients pointing to different server
In version GP 10 I have clients pointed to a test server. When production server is ready what do i do to point the clients to the production server e.g. GPServer. Would I change the odbc connection? Or Rerun the client installs? Any help is appriciated. Thank YOu As long as your production server has THE SAME level service pack as your clients and THE SAME third party products all you need to do is repoint your ODBC to the production server. Best regards, -- MG.- Mariano Gomez, MIS, MCP, PMP Maximum Global Business, LLC http://www.maximumglobalbusiness.com "2020" wro...

How do I view all Global Catalog Servers in Active Directory
Guys, Is there a way to view and confirm all the Global Catalog Servers in Active Directory? I'll appreciate your help.Regards. -- Buchi On Sat, 6 Aug 2005 08:21:01 -0700, "Buchi" <Buchi@discussions.microsoft.com> wrote: >Guys, >Is there a way to view and confirm all the Global Catalog Servers in Active >Directory? I'll appreciate your help.Regards. You could in the DNS (dnsmgmt.msc) under the _msdcs folder for your AD domain. or nslookup (ls -t SRV ADdomain.com) or look via Sites and Services or use repadmin: (repadmin /showreps YourDC). The result wi...

SPA vs POP over SSL (SSL for Exchange)
Exchange 5.5 sp4, W2K serve I have a few roaming clients using Outlook with POP to our internal Exchange server. My question is what are the advantages between using SPA Secure Password Authentication vs. POP over SSL I am thinking SPA uses a challenge and response for the password but does not encrypt anything. POP over SSL encrypts everything including password and mail data. So SPA only protects your password from spying eyes. Right? In order to force my users to use SPA, what can I set on my Exchange 5.5 server What do I have to open on my firewall for SPA Also, a while back, I tried ...

Does a 'grace period' exist for Server CALs??
I am presently planning a new Win2k8 R2 DC/TS/AD/DNS server install. I know the TS/RDS CALs have a "grace period" which allows me time to obtain however many additional CALs we need. Does a similar "grace period" exist for the Server CALs per se?? If I don't have enough Server CALs (device) at the time of setting up the server and people's computers connecting to it via Terminal Services/Citrix, what will happen?? I haven't found anything searching the Internet... Thank you, Tom Hello tom12010, See here about the grace periods depending ...

SP2 Exchange default disclaimer
Hello: I am currently using free GFI tool to provide a default disclaimer on outgoing SMTP email. I was wondering if SP2 will provide this feature on Standard Exchange 2003 server. Thanks, Cindy I'm running the CTP of Exchange 2003 SP2 and haven't seen that as a feature. "Cindy" <Cindy@discussions.microsoft.com> wrote in message news:A2D2E367-BEB9-49BF-98D3-5C1AE2D08B03@microsoft.com... > Hello: > I am currently using free GFI tool to provide a default disclaimer on > outgoing SMTP email. I was wondering if SP2 will provide this feature on > Standar...

How many Server-side rules can you put on one mailbox?
I am using Exchange Server 2003 and want to setup 52 rules on one of the mailboxes, is this possible? the hardcoded limit on space for rules is 32K...i doubt you'll be able to get 52 rules on one mailbox... -- Susan Conkey [MVP] "jmareel" <jmareel@discussions.microsoft.com> wrote in message news:6ADDDCD7-948C-415F-B194-1944C9936BC2@microsoft.com... > I am using Exchange Server 2003 and want to setup 52 rules on one of the > mailboxes, is this possible? http://support.microsoft.com/default.aspx?scid=kb;en-us;147298 -- Bharat Suneja MVP - Exchange www.zenpris...

Store limit in Exchange
I'm currently researching the migration of my organization's mail system to Exchange and see that the standard edition of Exchange has a data store limit of 16GB. If we were to do a front end, back end setup with two server and the back end server that has the data store were to reach the 16GB limit would adding another back end server resolve this? I read in another post that this would double the space. But doing this the users that are currently create would have to be split up and some moved to the new data store server correct? Also since the Enterprise edition allows m...