266 | Blackberry SWD-20120924140022907 instruction

Administration Guide	Changing the security settings of the BlackBerry Administration Service and BlackBerry Web Desktop
	Manager

Changing the security settings
Changing the security settings	22
of the BlackBerry
of the BlackBerry
Administration Service and

BlackBerry Web Desktop

Manager

Import a new SSL certificate for the BlackBerry Administration Service and BlackBerry Web Desktop Manager

When you install the BlackBerry Administration Service and BlackBerry Web Desktop Manager, the setup application generates an SSL certificate to protect the HTTPS connection. You can import a self-signed SSL certificate or a trusted certificate that a certification authority signs after the installation process completes. If you configure a BlackBerry Administration Service pool, you must generate an SSL certificate that uses the name of the BlackBerry Administration Service pool.

For more information about using the keytool, visit java.sun.com/javase/6/docs/technotes/tools/windows/keytool.html.

Before you begin: If you want to use a trusted certificate, copy the root certificate of the certification authority to the computer that hosts the BlackBerry Administration Service.

1.On a computer that hosts a BlackBerry Administration Service instance, in <drive>:\Program Files\Research In Motion\BlackBerry Enterprise Server\BAS\bin\web.keystore , back up the web.keystore file.

2.Using the keytool in <drive>:\Program Files\Java\<JRE_version>\bin , delete the default SSL certificate that the setup application generated (for example, keytool -delete -alias httpssl -keystore "<drive>:\Program Files\Research In Motion\BlackBerry Enterprise Server\BAS\bin\web.keystore").

3.Using the keytool and the SSL password that you specified when you installed the BlackBerry Administration Service, generate a new entry and private key in the web.keystore file (for example, keytool -genkey -alias httpssl -keypass <password> -keystore "<drive>:\Program Files\Research In Motion\BlackBerry Enterprise Server\BAS\bin

266

Image 266

Blackberry SWD-20120924140022907 manual 266

Contents

Administration Guide Published 2012-09-24 SWD-20120924140022907 Contents Configuring security options 101 111 136 168 206 217 247 266 292 328 337 369 392 423 493 498 Date Description Overview BlackBerry Enterprise ServerDocument revision history Device before assigning the device to a new user User account Troubleshooting IT policiesTask Chapter Create administrator accounts On BlackBerry devices Task Chapter Task Chapter Optional tasks Task Chapter Server Components and for the BlackBerry ConfigurationDatabase Files Related information There is a problem with this websites security certificateClick Log Click Trusted Root Certification Authorities. d Click OK This connection is untrustedClick View certificates Close and reopen the browser Close and reopen the browser Preconfigured administrative roles Creating administrator AccountsAdministrative roles and permissions Administration GuideCreating administrator accounts Administration GuideCreating administrator accounts Administration GuideCreating administrator accounts Administration GuideCreating administrator accounts Creating roles Create a role Create an administrator account Create a role based on an existing role Click Manage users Add an administrator account to a groupClick Create an administrator user Click Edit user Create a group to manage similar user accounts Assign a BlackBerry device to an administrator account Administration Guide Preconfigured IT policies Preconfigured IT policy Description Advanced Security Default values for preconfigured IT policiesFrom downloading third-party applications Requires devices to encrypt external file systems RIM Value-Added Applications policy group Password policy groupMaximum Password History Security policy group Disable Address Yes Book Transfer Discoverable Mode Allow Other Yes Calendar Services MessageBluetooth policy group Create an IT policy Wireless Software Upgrades policy groupCreating and importing IT policies Click Create an IT policy Click Edit IT policy Create an IT policy based on an existing IT policyImport IT policy data Click Manage IT policies Click Add all IT policies Related information Change the value for an IT policy ruleImport IT policy rules from an IT policy pack Click Manage groups Assign an IT policy to a groupAssign an IT policy to a user account Click Save all Related information Resend an IT policy to a BlackBerry device automatically Sending an IT policy over the wireless networkResend an IT policy to a BlackBerry device manually Click Edit instance Assigning IT policies and resolving IT policy conflictsExpand BlackBerry Domain Component view Method Description Option 1 Applying one IT policy to each user account Scenario Rule Click Manage IT policies Click Set priority of IT policies Option 2 Applying multiple IT policies to each user accountRank IT policies You add a new user account to a Highest in the BlackBerry Administration ServiceYes setting is applied for this rule Groups that the user account belongs Default value of Yes. You assign To No. You ranked IT policy a higher Click Manage IT policies Click Preview resolved IT policies Select two or more IT policies Click Preview Create an IT policy rule for a third-party application Click Create an IT policy rule Click Export Export all IT policy data to a data fileClick Manage IT policy rules Click Download file Delete an IT policy List of IT policies, click an IT policy Configuring security options Managing device access to the BlackBerry Enterprise Server Click BlackBerry Enterprise Server Click Edit component Turn on the Enterprise Service PolicyConfigure the Enterprise Service Policy Extending messaging security to a BlackBerry device Permit a user to override the Enterprise Service PolicyExtending messaging security using PGP encryption Extending messaging security using S/MIME encryption Configure encryption options for S/MIME-protected messages Click Restart instance Related information Enforcing secure messaging using classifications Create a message classification Order message classifications Click BlackBerry Domain Delete a message classificationGenerate a PIN encryption key External services turned on drop-down list, click No Restart the BlackBerry Enterprise Server Administration Guide Has elapsed To the desired time for example, 10 minutes Remove decrypted content from BlackBerry deviceScenario Recommendation Best practice Description Configuring the BlackBerry Enterprise Server environmentBest practice Running the BlackBerry Enterprise Server Click Edit instance Click Save all Click Save all Related information Administration Guide Turn off Web Proxy Autodiscovery Protocol Before you begin Address field, type the URL for the PAC file Click OK Type traittool -global -trait BASProxyBasicAuthUID -erase Delete credentials for Http basic authenticationTask Steps Type traittool -BASServer name -trait BASProxyBasicAuthUID Click Save all Related information Type regedit Configuring support for Unicode languagesConfigure support for Unicode languages Click OK Perform one of the following actions Restarting BlackBerry Enterprise Server components Related information Type regedit Create a group to manage similar user accounts Configuring user accountsCreating user groups Add user accounts to a group Add a user account Add to user configuration list, click Add groupAdding a user account to the BlackBerry Enterprise Server Click Create a user Click Create a user without activation password Click Create a user with activation passwordClick Create a user with generated activation password Option Step Export a list of user accounts Save the .csv file Fields in a .csv file that contain user account information Field Description Import multiple user accounts from a .csv file Elapses Click Continue Assigning BlackBerry devices To users Preparing to distribute a BlackBerry device Method BlackBerry Administration ServiceAssigning BlackBerry devices to user accounts Wi-Fi network Click Associate user Click Assign current device Save bandwidth by synchronizing organizer data over the LAN Wireless activationClick Default Intended user Activation passwordsPassword expire earlier than the default value of 48 hours Cannot reuse it to activate another BlackBerry device Customize the activation message Customize the activation passwordSend an activation password to a user Option 3 Activating BlackBerry devices over the LAN Send an activation password to multiple usersClick Specify an activation password Administration Guide Administration Guide 100 Activate a Wi-Fi enabled BlackBerry deviceClick Enterprise Activation Click High availablity summary Configuring BlackBerry Enterprise Server high AvailabilityCheck the health of a BlackBerry Enterprise Server 101 Defining when failover occurs How the BlackBerry Enterprise Server uses health parameters Administration Guide Changing the promotion threshold and failover threshold Click Edit Automatic Failover settings Health parameter Description This health parameter Provide services for attachment viewingAttachment viewing Threshold so that they are below this health parameter 107 108 Administration Guide Verify that the failover event occured Click Manual FailoverClick Yes Failover to standby instance 111 Click Turn on automatic connections failover 112 113 Click Edit instance Click Save all Create a BlackBerry Router pool for high availability Related information 118 Restart the BlackBerry Administration Service instances 119 Related information Availability state for the instances changes automatically 122 Remove a BlackBerry Attachment Service instance from a pool 124 Remove a BlackBerry Router instance from a poolClick Edit instance or Edit host instance Verify that the DNS server is running 125 Configuring database mirroring Stop the BlackBerry Enterprise Server instances Start the BlackBerry Enterprise Server instances 128 Click Resend database mirroring parameters 129 Stop the BlackBerry Enterprise Server instances 131 Select Overwrite the existing databaseClick Replication Select By impersonating the process account Accept or change the default schedule. Click NextRight-clickLocal Publications. Click New Publication Click OK. Click Next Right-click the server. Click Properties Click Finish 133 Start the BlackBerry Enterprise Server instances Configuring a new mirror BlackBerry Configuration Database 135 136 Preparing to distribute BlackBerry Java Applications 137 Click BlackBerry Administration Service Click Edit component 138 Click Add application Click Add or update applicationsAdd a collaboration client to the application repository Click Publish application Standard application control policies Configuring application control policiesSpecify keywords for a BlackBerry Java Application Click Manage applications Application control policy Description Click Manage default application control policiesChange a standard application control policy Click Edit application control policy For required BlackBerry Java Control policy Applications Perform any of the following tasksCreate an application control policy Policy Application control policies for unlisted applications IT policy rules take precedence on smartphones Click the application control policy that you created 144 Creating software configurations 145 Click Manage software configurations Create a software configurationClick Create a software configuration Click a group Assign a software configuration to a groupClick Add to software configuration Click Save all 147 148 Assign a software configuration to multiple user accountsAssign a software configuration to a user account Complete the instructions on the screen 149 View the status of a task Error messages BlackBerry Java Application tasksView the status of a job Click Manage deployment jobs QueueModule failed, processing stopped Device timed out waiting for module Incomplete ACK data for Appd request Device reported insufficient memory to install moduleDevice reported insufficient privileges to install module 152 Error messages BlackBerry Device Software tasks Available upgrade rejected Upgrade rejected Available upgrade deferred by userUpgrade prompt deferred Upgrade failed, rollback complete Failed to backup data to database Error messages Standard application settings tasksRestore failed -- error getting value Failed to set properties for item Error messages IT policy tasks Stopping a job that is running Reject Security Violation Reject Authentication FailedInvalid password Set Password Failed 158 Stop a job that is running Click View users with application Administration Guide Reconciliation rules BlackBerry Java Applications On the BlackBerry device Scenario Rule Reconciliation rules BlackBerry Device Software Reconciliation rules Standard application settings Reconciliation rules Application control policies Scenario As disallowed is assigned to a user account. a software You ranked highest in the BlackBerry AdministrationIf unlisted applications are defined as disallowed in a Unlisted applications are not permitted on the BlackBerry 168 Loader tool LoaderDevice to the computer Desktop Software BlackBerry device 170 BlackBerry Java Application BlackBerry APIs and Java ME standard on BlackBerry devicesUser’s computer 171 Windows 2000 or later, Windows XP, or Windows Vista 172 Enable the BlackBerry Application Web Loader on a web server Web server Administration Guide 175 Before you begin Administration Guide BlackBerry device 179 Install the BlackBerry Java Application on a web serverClick Download 180 Click Save all After you finish 181 Click Save all 183 Administration Guide Related information Click Save all Related information 187 Administration Guide Add a certificate for the BlackBerry MDS Connection Service Task Steps Administration Guide Click MDS Connection Service Click Edit component 193 194 Click MDS Connection ServiceClick the Edit icon beside the Ldap server Base Query Default base query for some Ldap serversService URL Each query Change a configuration for an Use to authenticate with the Dsml certificate serverAuthenticate with the Dsml certificate server Click Save all Type the CRL server name and the web address for the server 199 200 201 Configure global login information for intranet site accessOn the Http tab, click Edit component Click Edit instance Specify the maximum number of scalable socket connections 203 204 205 Setting up the messaging Environment Creating email message filters Click Save all Click Continue to user information edit Click Save all 209 Enabled drop-down list, click YesSave the .xml file Import email message filters for a user account Copying existing email message filters to user accountsExport email message filters for a user account Click Import email message filters Click Save all Click OK Perform one of the following actions 211 Install an extension plug-in applicationExtension plug-ins for processing messages Add an extension plug-in to a BlackBerry Messaging Agent 212 213 Search for a user account 214 215 216 Configure the certificate information using IT policies Click an IT policy 218 Click Save all After you finish Click Save all After you finish Click the name of the Wi-Fi profile that you want to change Add certificate information to a Wi-Fi profileClick Manage Wi-Fi profiles Managing an enrolled certificate 222 Properties in the rimpublic.properties file Property Description Making the BlackBerry Web Desktop Manager available to Users 224 Click OK 225 Deploy Software window, click AdvancedClick Include OLE class and product information Click Create a GPO in this domain, and link it here Click Add Click OKExpand Group Policy Management Forest Domains 226 Each dialogue box, click OK Configure the Microsoft ActiveX Installer on Windows VistaEnter the value of the item to be added field, type 2,2,1,0 Name the file EnableActiveXInstallFromAD.adm and save it 228 Click Enabled Click OK Make the BlackBerry Web Desktop Manager available to users Configuring the BlackBerry Web Desktop Manager 230 231 Change the text colors in the BlackBerry Web Desktop Manager Parameter Description Default BlackBerry Web Desktop Manager text colors Display a custom image in the BlackBerry Web Desktop Manager 234 Prerequisites Creating Wi-Fi profiles and VPN profiles Creating and configuring Wi-Fi 19 profiles and VPN profilesCreating and configuring Wi-Fi profiles Connection types and port numbers for a Wi-Fi network Port assignments might vary by mobile network provider 236 Connection type Default port number Where to configure Create a Wi-Fi profileCreate a Wi-Fi profile based on an existing Wi-Fi profile Click Create Wi-Fi profile Assign a Wi-Fi profile to a user account Configure a Wi-Fi profile on a BlackBerry deviceAssign a Wi-Fi profile to a group Click Set Up Wi-Fi Network Click the name of a Wi-Fi profile Creating and configuring VPN profilesConfigure a Wi-Fi profile Click Edit profile Create a VPN profile based on an existing VPN profile Configure a VPN profileCreate a VPN profile Click Create VPN profile On the VPN profiles tab, click Edit group Assign a VPN profile to a groupAssign a VPN profile to a user account Click the name of the Wi-Fi profile Delete a Wi-Fi profileAssociate a VPN profile with a Wi-Fi profile Click Delete profile Click Yes Delete the profile Click the name of a VPN profile Delete a VPN profileImporting profile information from a .csv file Example Adding profile information to user accounts 244 Fields in the .csv file that contains profile information Example Removing profile information from user accounts Import profile information from a .csv file Enterprise Wi-Fi network or VPN, if a user name is requiredQuotation marks in the password Configuring WEP encryption BlackBerry devices do not support a WEP passphrase Configuring PSK encryption Configuring Leap authentication Configuring Peap authentication 251 Click Place all certificates in the following store Possible cause Select the Inner link security type Configuring EAP-TLS authentication 255 Configuring EAP-TTLS authentication 257 258 Security Type list, select EAP-TTLSInner link security type list, select EAP-MS-CHAPv2 259 Configuring EAP-FAST authenticationConfigure EAP-FAST authentication Click Manage Wi-Fi profiles Security Type list, select EAP-FAST Configuring software tokens for 21 BlackBerry devices Configure BlackBerry devices for RSA authentication Click the name of the VPN profile that you want to change Assign software tokens to a user account 265 266 267 Before you begin 269 270 Click Save all 272 273 274 Protecting and redistributing DevicesPreparing a device for redistribution to a new user On the Devices menu, click Attached devices Device software Deleting only work data from a deviceClick Associate user 275 Device permanently deletes the following work data Are deleted when you delete work dataDeleted when you delete work data Call logs Delete only work data from a device 277 Delete only the organization data IT administration command DescriptionProtection, you cannot use this command Application data Protect a stolen deviceProtect a lost device Protect a lost device that a user might not recover Click Specify new device password and lock device 281 Change role permissions Managing administrator AccountsChange the roles for an administrator account Click Delete role Click Yes Delete the role Delete an administrator accountDelete a role 284 Status list, click Delete userClick Yes Delete the user 285 Managing groups and user AccountsManaging groups Click Remove from group membership Default group Description of the default groupRemove a user account from a group Delete a group Change the properties of a groupRename a group Click Edit group 288 Managing user accountsMove a user account to a different group Delete a user account from the BlackBerry Enterprise Server Update the contact list manually Update a user account manuallyAdd an administrator role to a user account Click Back to search Click Refresh available user list from company directory Resend service books to a BlackBerry deviceCommunications list, click Resend service books to a device 291 292 Managing the default distribution settings for jobsChange default settings for a job schedule Necessary, set the start time and end time Change how IT policies are sent to BlackBerry devicesStart time drop-down list, click the appropriate option. If 293 Default value is Perform any of the following tasks 294 295 296 BlackBerry Device SoftwareRecurrence days cannot overlap If necessary, change the start time and end time 297 Managing the distribution settings for a specific job Click Edit job Specify the start time and priority for a jobChange how a job sends IT policies to BlackBerry devices Scheduled deployment days drop-down list, click 301 302 303 Managing BlackBerry Java Applications on BlackBerry devices 304 Click Add applications to software configuration Click a software configurationClick Edit software configuration 305 Remove a software configuration from multiple user accounts Managing software configurationsRemove a software configuration from a group 307 Remove a software configuration from a user accountDelete a software configuration Restricting user access to content on web servers Specify web address patterns Create a pull rule Control type drop-down list, click Pull Click the Add icon Click Manage users Click View more criteria Assign a pull rule to the members of a groupAssign a pull rule to user accounts Search for a group Click Add Click Save Prevent users from accessing specific media typesConfigure download limits for media content types 313 Default download limits for media content typesMime type Maximum number of bytes per connection KB Configure download limits for media content types Administration Guide After you finish 317 318 319 Click a BlackBerry MDS Connection Service instancePull Authorization drop-down list, click Yes Create push initiators for push applications 320 321 Turn on push authorizationAfter you finish Create a push rule After you finish Assign push initiators to the push rule Create a push ruleAssign push initiators to a push rule 322 Assign a push rule to the members of a group Assign a push rule to user accounts Managing push application requests Specify device ports for application-reliable push requests Click Save all Click Restart instance Related information 325 326 327 328 Managing the wireless backup and recovery of organizer dataManaging organizer data Synchronization Turning off organizer data synchronization 329 330 Changing how organizer data synchronizes 331 Click Continue to user information edit Click Save all Synchronizing contact pictures 333 334 Managing message forwarding 335 Click Continue to user information edit Click Save all Turn off email message forwarding to a user account 337 338 Managing the incoming message queue 339 Managing wireless message reconciliation Managing access to remote message data Click Edit instance Managing email messages that contain Html and rich content 343 Click Save All 345 Resend the updated IT policy to the BlackBerry devicesClick the name of the IT policy that you want to change Synchronizing folders on the BlackBerry device 346 Click Continue to user information edit Click Save all Configuring access to documents on remote file systems 348 Click Save all Examples for step Click the instance that you want to change 350 Managing signatures and disclaimers in email messages 351 Click Edit instance 353 Specify conflict rules for disclaimersTurn off disclaimers for email messages 354 Sending notification messages to usersClick Select from mail address list Click Send message Send a notification message to group membersType the message that you want to send Click Send message to users in group Click Send message to user Change the size of the message state databaseSend a notification message to a user 356 Related information 358 Format and extension Limitations Limitations for supported attachment file formatsFormat Extension OpenOffice Format version 1.1 .odp Table of contentsConnector shape route that connects to shapes Files IBM Lotus Symphony only Headers and footers ChartsStyle effects for cells shadow, borders Drawing objects and Fontwork objects BlackBerry Attachment Service optimization settings Setting Description Range Default value is Server busy time ZIP archives Less than 2000 KB Suggested file sizes for attachmentsFile format Suggested size 365 Administration Guide Prevent users from sending large attachments 368 Managing calendars 369 Type New-ThrottlingPolicy BESPolicy Type the following commandTurn off client throttling in Microsoft Exchange 370 After you finish Example 372 373 Administration Guide Setting that you specify applies to a specific user Correcting calendar synchronization errors on devicesGlobal Setting that you specify applies to all users Level Description Example Turning off the process for a specific user Turn off corrective calendar synchronizationExample Turning off the process for all users Example Viewing the global calendar synchronization settings Administration Guide Configure when corrective calendar synchronization runs 379 380 Logging information for corrective calendar synchronizationEmail application 381 Delete a setting for corrective calendar synchronizationSpecifies that a calendar item is missing on the device Communications list, click Synchronize calendar Type regedit Installing a collaboration client on BlackBerry devices Managing instant messaging Click Edit instance For Microsoft Office Access serverOption Description 386 Managing instant messaging sessions 387 Managing instant messaging features 388 Prevent users from saving instant messaging conversations Back up the UserInfoConfig.xml file Save the UserInfoConfig.xml file Restarting BlackBerry Enterprise Server components Component Administration ServiceManaging a BlackBerry Domain BlackBerry Enterprise Server Administration GuideManaging a BlackBerry Domain Using the BlackBerry Enterprise Trait Tool Use the BlackBerry Enterprise Trait Tool BlackBerry Enterprise Trait Tool traits Trait Description Default value is false 0, the BlackBerry Messaging Agent For proxy authenticationCalendar contents on the device. When the amount of time If you configure the EWSServiceAccount trait SP1 EWSEnableBlackBerry Messaging Agent, all BlackBerry Messaging Agent Instances on all BlackBerry Enterprise Server instances ExchangeDisableConfirmEmailDelivery Users status using Microsoft Exchange Web Services or byUsers status using Microsoft Exchange public folders ExchangeEnableMLangConversion Mailboxes, change the value to true ExchangeSmartSyncEnableFor calendar errors on devices Might be an impact on the performance of your organizations Corrects calendar synchronization errors automatically Default value is DailyDefault value is true 1, the BlackBerry Messaging Agent Calendar synchronization errors on devices at 1200 AM Default value Default value is true 1, the BlackBerry Mail Store ServiceFunction, you can access the BlackBerry Messaging Agent Disabled on the device Services that the device can connect to, type the SRP IDs Default value is true 1, the BlackBerry Enterprise ServerService can synchronize at the same time during a full Services. Separate the SRP IDs with a comma Additional processes for IT policies or service books Change the default value of this traitPolicies and service books Books, change the value to false Processes for PIN encryption keys Uses to update the list of BlackBerry Router instancesDefault value is 75% RouterAutoDiscoveryMethod Environment UserHealthPercentageBlackBerry Dispatcher uses this trait to change the User 407 Managing BlackBerry CAL keysAdd or delete a BlackBerry CAL key Copy a BlackBerry CAL key to a text file 408 Configuring a Hosted BlackBerry services environment 409 Related information 411 Before you begin Configuring a Hosted BlackBerry services environment Restarting BlackBerry Enterprise Server components Before you begin Configuring BlackBerry Policy Service throttling Type traittool -global -list 417 Administration Guide Trait PolicyThrottlingP2PKeyRate -set Delete a BlackBerry Policy Service throttling setting 420 421 422 Administration Guide Click Controller MaxUserDumpPerDay value field to Click BBAttachServer Click BlackBerry Collaboration ServiceChange how the BlackBerry Click MailStore Click BlackBerry Mobile Data ServerClick BlackBerryRouter Click PolicyServer Click SyncServer Change the default event monitoring levelBlackBerry Enterprise Server Alert Tool Define a notification recipient 430 Monitor PIN messages BlackBerry Enterprise Server Log filesMonitoring PIN messages, SMS text messages, and calls List of IT policies, click the appropriate IT policy Monitor SMS text messagesTurn off call logging 432 Log files for BlackBerry Enterprise Server components 433 434 On the Logging details tab, click Edit instance Each section, in the Log auto-rolldrop-down list, click True 437 UTF-8 UTF-16LE Click Save all 438 Component identifiers for log files Component identifier Logging component BlackBerry MDS Connection Service log files On the Logging tab, click Edit instance Click Save all Related information On the Logging tab, click Edit instance Click Yes Logging section, perform any of the following tasksTrace how data packets travel inside the gateway BlackBerry device retrieves from the PGP server 443 BlackBerry device connections Connects using a proxy serverAttribute Description Domain that requests the BlackBerry device connection False BlackBerry Collaboration Service log filesOn the Instance information tab, click Edit instance Trace how data packets travel inside the GME network 446 On a 32-bit version Configuration Database Windows1433 Windows registry \BlackBerry 21099 BlackBerry Configuration Panel 448 Incoming data connections from, and outgoing data 2000 BlackBerry Administration Attachment Service 449 Data connections between BlackBerry AdministrationConnection Default port Type Number Connection Outgoing conversion results of large attachments to On a 64-bit version of Windows 4071 Windows registry On a 32-bit version 1433 forOutgoing syslog connections to the Snmp agent 451 \BlackBerrySNMPAgent 1433 for BlackBerry Configuration\Research In Motion\ \Parameters\UDPPort BlackBerry Controller connection types and port numbers 5096 Windows registry Agent On a 32-bit version BlackBerry Dispatcher connection types and port numbersPort number Agent That BlackBerry Messaging Provides \TcpPortDispatcher Incoming data connection from the BlackBerry database Microsoft SQL Server hosts WindowsServer\Database\Port \SOFTWARE\Research Motion 455 456 Outgoing data connections to the BlackBerry Dispatcher5096 Windows registry On a 32-bit version 4070 Windows registry On a 32-bit version 457 Incoming data connections from the BlackBerry database \UDPPortServer\Agents\UDPPort If access control for push applications is turned on 459 Database Incoming data connections from, and outgoing data 7874 BlackBerry Administration ServiceIncoming data connections for reliable pushes 3200 Connections to, the BlackBerry Dispatcher BlackBerry Policy Service connection types and port numbers55503 BlackBerry Configuration Service console Panel \BlackBerryRouter \ServicePortBlackBerry Router connection types and port numbers 462 463 \DevicePort 464 CalHelper connection type and port number Port number Agent That BlackBerry Messaging Provides 465 IBM Lotus Sametime connection type and port number Microsoft Exchange connection types and port numbers TLS Snmp agent connection types and port numbers Connections to, the BlackBerry Collaboration ServiceNovell GroupWise Messenger connection type and port number 8300 Syslog connection type and port number 470 Troubleshooting36Possible cause Possible solution Troubleshooting BlackBerry Enterprise Server Performance Press Enter 471 Troubleshooting Setting up user accounts Troubleshooting Messaging Messages are not delivered to BlackBerry devices Troubleshooting Instant messaging Text does not appear correctly in Unicode email messages 475 476 Troubleshooting BlackBerry Web Desktop Manager Does not support the version Click Wi-Fi Options Troubleshooting Connections to the Wi-Fi networkBlackBerry device cannot connect to a Wi-Fi network BlackBerry device is not assigned Click Wi-Fi Tools Wi-Fi Diagnostics Status fields for Wi-Fi connections Indicator Description To a specific access point Device is associated with the access pointStatus indicators are the following icons Connection to an access point Group ciphers have one of the following values Group CipherCipher None Status fields for VPN connections Status fields for UMA or GAN connections Status fields for BlackBerry Infrastructure connections Arfcn BlackBerry device cannot open a VPN connection Status fields for Enterprise connections Issue on the Wi-Fi network Correctly Verify that Wi-Fi Preferred is selectedBlackBerry device is connected to a Wi-Fi network Is displayed Verify whether a BlackBerry device can resolve an IP address Look up a computer name to resolve an IP address Troubleshooting BlackBerry Administration Service pools Troubleshooting BlackBerry Monitoring Service connections User cannot log in to the BlackBerry Monitoring Service Troubleshooting IT policies 492 Glossary37 Enterprise Service Content protectionDSML-enabled Device transport key IP address IT administrationCommand IPsec Principal database Messaging serverMirror database Witness Triple DESVoIP Legal notice 498 499 Administration Guide