Troubleshooting BlackBerry Enterprise Server Integration

I thought I’d compile a list of issues that I’ve seen and fixed with regard to BlackBerry Enterprise Server (BES) integration with Exchange and Active Directory. Most of these issues don’t seem to be really well documented on Google but BES will break in strange ways when it hits them. I specifically have seen half-duplex calendaring (e.g. users get their appointments on the device but can’t make updates) with a bunch of these.


Exchange 2010 Address Book Service (DoMT) max connections set to default. This one is documented in BES’ Exchange 2010 guide. You need to tweak MaxSessionsPerUser in the microsoft.exchange.addressbook.service.exe.config file in your Exchange bin folder on your CAS servers. I set mine to 20,000 – a somewhat arbitrary number. You’ll need to bounce the service after this change to have it take effect.


Exchange 2010 Client Throttling set to default. This one is also documented (poorly) in BES’ Exchange 2010 guide. Review my steps here to resolve.


Windows Server 2008+ Domain Controller NSPI throttle set to default. This is a new feature in Windows Server 2008 Active Directory which limits a given user to a total of fifty (50) concurrent NSPI sessions per domain controller. This KB article (949469) documents the steps to resolve (as well as diagnose) this. I set a value of 2,000, again fairly arbitrary. You’ll need to restart the NTDS service for this to be effective.


Exchange 2010 Client Access Array RPC Encryption Required. I haven’t seen this one documented. I haven’t figured out a way to get BES to use RPC Encryption when it makes a connection to the CAS array. If you check the Address Book Service logs on the CAS array, you’ll see something like this if you’re hitting this where 10.10.13.53 is your BES server:


2010-04-24T00:00:08.032Z,84439,0,,,10.10.13.63,CAS02,ncacn_ip_tcp,Bind,80040102,0,,EncryptionRequired,Ntlm

You’ll have to disable the RPC Encryption requirement on the CAS servers to solve this. If I find a workaround for this I’ll update the post. Reference the Set-RpcClientAccess cmdlet to do this.
 


Old Version of the MAPI/CDO DLLs on the BES server. Grab the latest and greatest here.


Exchange 2010 missing RU1. Make sure you’re on RU1 or better for Exchange 2010 RTM.


BES Server missing SP1 MR1 or better. Grab the latest Service Pack and Maintenance Release from RIM. At the time of this writing, MR2 was current which had a whole bunch of Exchange 2010 related fixes for BES around basic functionality. 


Seen other issues? Post them here so others can benefit.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>