Blackberry Exchange Mailbox Database 访问权限问题

楚德辉
2023-12-01
Exchange 2010 and Blackberry Enterprise Server Express 5.0.1
Tags:

Technorati Tags:


http://blogs.catapultsystems.com/IT/archive/2010/03/04/exchange-2010-and-blackberry-enterprise-server-express-5-0-1.aspx



In my blog series covering the transition from Exchange 2007 to Exchange 2010, I mentioned here that Blackberry Enterprise is fully supported, and that RIM announced a free version on February 16th called BES Express. BES Express was first made available for download on March 2nd. On March 3rd, RIM announced that each BES Express download qualifies for one free support incident. There is a comparison chart available here that compares the version differences between Express and the Full version.

This blog will discuss the details of migrating from an older version of BES 4.x to 5.0.1. This also assumes that Exchange 2010 Maintenance Release 1 is installed.

In our case we had a very small number of users so we elected not to migrate the database. Instead, the steps we followed were:

1) Uninstall BES 4.x

2) Uninstall CDO Messaging API and Collaboration Data Objects

3) Install CDO MAPI 6.5.8153

4) Install BES 5.0.1 Express. During installation I selected a different configuration database, ex: BESCFG5.

5) Create permissions on Exchange 2010 according to Blackberry KB 02276. This is necessary because the BESAdmin account needs permissions on the Exchange 2010 server and the new mailbox databases. Because there are no longer storage groups in Exchange 2010, you need to slightly modify the syntax in Task 5 because it references:

get-mailboxserver <Exchange2007> | add-adpermission -user <BESAdmin> -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

get-mailboxdatabase '<Exchange2007>\First Storage Group\Mailbox Database' | add-adpermission -user <BESAdmin> -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

So for 2010, I ran this instead:

Get-mailboxserver | add-adpermission -user besadmin -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

Get-MailboxDatabase | Add-ADPermission -User "BESAdmin" -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin



6) Verify that the BESADMIN Account has permissions with the IEMSTest.exe utility.

Select the “BlackBerryServer’ profile and click OK.



Find your blackberry service account and click OK.



You want to interpret the results very carefully. If ALL tests below are successful, then you’re in good shape.



However, if you have any tests fail, then you need to go back and make sure permissions are setup correctly. For example, if you have the message OpenMsgStore failed (8004011d) then you need to make sure that you have run these two commands on the Exchange 2010 server:

Get-mailboxserver | add-adpermission -user besadmin -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

Get-MailboxDatabase | Add-ADPermission -User "BESAdmin" -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin

7) By default, Microsoft® Exchange 2010 limits the maximum number of connections from the BlackBerry® Enterprise Server to the Address Book service to 50. To permit the BlackBerry Enterprise Server to run, you must increase the number of permitted connections to a large value (for example, 100,000).

On the computer that hosts the Microsoft Exchange CAS server, in <drive>:\Program Files\Microsoft\Exchange Server\V14\Bin, in a text editor, open the microsoft.exchange.addressbook.service.exe.config file.
Change the value of the MaxSessionsPerUser key to 100000.
Save and close the file.
Restart the Address Book service.



See Reference.

8) If you want the BlackBerry® Enterprise Server to use Microsoft® Exchange Web Services to manage calendars on BlackBerry devices, you must configure a management role for Microsoft Exchange Web Services in Microsoft Exchange 2010.

For more information about configuring the BlackBerry Enterprise Server to use Microsoft Exchange Web Services, see the BlackBerry Enterprise Server Administration Guide.

On a computer that hosts the Microsoft Exchange Management Shell, open the Microsoft Exchange Management Shell.
Type New-ManagementRoleAssignment -Name "BES Admin EWS" -Role ApplicationImpersonation -User "BESAdmin".



See Reference.

9) If you do not have public folders in Exchange 2010, you need to modify the registry on the BES Server

If you are running a 32-bit version of Windows®, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Messaging Subsystem\CDO.
If you are running a 64-bit version of Windows, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows Messaging Subsystem.
If the CDO registry key does not exist, create a registry key that you name CDO.
In the CDO registry key, if the DWORD value does not exist, create a DWORD value that you name Ignore No PF.
Change the DWORD value to 1.

See Reference

10) “By default, Microsoft® Exchange 2010 uses client throttling policies to track the bandwidth that each Microsoft Exchange user consumes and enforce bandwidth limits, as necessary. The policies affect the performance of the BlackBerry® Enterprise Server negatively, so you should turn off client throttling.

Note: If you want to turn off client throttling for only the Windows® account that has a Microsoft Exchange mailbox, you can configure a throttling policy for the Windows account and turn off client throttling for the policy.” [Note: It would be nice if RIM would provide syntax examples for these scenarios.]

On a computer that hosts the Microsoft Exchange Management Shell, open the Microsoft Exchange Management Shell.
Type Get-ThrottlingPolicy | where {$_.IsDefault -eq $true} | Set-ThrottlingPolicy -RCAMaxConcurrency $null. [Note: On the Blackberry reference below, they are missing the $ sign in front of the underscore _, so I had to add it to get this to run, otherwise it returned the error “Where-Object : The term '_.IsDefault' is not recognized as the name of a cmdlet,”)



The previous value of RCAMaxConcurrency was 20.

See Reference

11) Create users and generate activation emails.

Posted by Joe Stocker on 3/4/2010
4 Comments | Trackback Url | 0 Links to this post | Bookmark this post with:

Links to this post

Pingback from New-MailboxImportExport request error couldn’t connect to target mailbox : Servus on 1/17/2012 10:45 PM

Comments

Gary Cutri commented on Tuesday, March 16, 2010 11:36 PM
re: OpenMsgStore failed (8004011d)

If you followed the BES install guide and ran the "New-ThrottlingPolicy BESPolicy" and "Set-Mailbox "BESAdmin" -ThrottlingPolicy BESPolicy" commands to fix the "OpenMsgStore failed (8004011d)" error follow these steps:

1. Just run the following command via the Shell:

Get-ThrottlingPolicy | where {$_.IsDefault -eq $true} | Set-ThrottlingPolicy -RCAMaxConcurrency $null

2. Now show a list of all you Throttling Policies

Get-ThrottlingPolicy

3. From the "Get-ThrottlingPolicy" output locate the "DefaultThrottlingPolicy" name.

Example: "DefaultThrottlingPolicy_a1f84187-7a42-4ece-9276-06c704be21e7"

4. Now type the following but change it to your DefaultThrottlingPolicy name.

Set-Mailbox "BESAdmin" -ThrottlingPolicy DefaultThrottlingPolicy_a1f84187-7a42-4ece-9276-06c704

5. Now we need to remove the incorrect policy.

Remove-ThrottlingPolicy BESPolicy

More Info: http://www.blackberryforums.com.au/forums/microsoft-exchange/8554-exchange-2010-bes-5-0-x-install-guide.html 
 类似资料: