270 | Blackberry SWD-20120924140022907 manual

Administration Guide	Changing the security settings of the BlackBerry Administration Service and BlackBerry Web Desktop
	Manager

screen and access the BlackBerry Administration Service and BlackBerry Web Desktop Manager directly. The BlackBerry Monitoring Service does not support single sign-on authentication.

Before you turn on single sign-on, you must configure constrained delegation for the Microsoft Active Directory account for the BlackBerry Administration Service.

Configure constrained delegation for the Microsoft Active Directory account to support single sign-on authentication

1.Use the Windows Server ADSI Edit tool to add the following SPNs for the BlackBerry Administration Service pool to the Microsoft Active Directory account :

•HTTP/<BAS_pool_FQDN> (for example, HTTP/BASconsole104.example.com)

•BASPLUGIN111/<BAS_pool_FQDN> (for example, BASPLUGIN111/BASconsole104.example.com)

2.If you create separate pools of BlackBerry Administration Service instances and BlackBerry Web Desktop Manager instances in the BlackBerry Administration Service pool, add the HTTP/<BAS_pool_FQDN> SPN for each pool to the Microsoft Active Directory account.

3.Configure the Microsoft Active Directory account for constrained delegation using the following settings:

•trust this user for delegation to specific services only

•use Kerberos only

4.In the Microsoft Active Directory account properties, on the Delegation tab, add BASPLUGIN111/ <BAS_pool_FQDN> to the list of services.

After you finish: For more information about configuring constrained delegation for the Microsoft Active Directory account so you can access the BlackBerry Administration Service, visit www.blackberry.com/btsc to read article KB22717.

Turn on single sign-on authentication for the BlackBerry Administration Service

1.In the BlackBerry Administration Service, on the Servers and components menu, expand BlackBerry Solution topology > BlackBerry Domain > Component view.

2.Click BlackBerry Administration Service.

3.On the Microsoft® Active Directory® authentication tab, click Edit component.

270

Image 270

Blackberry SWD-20120924140022907 manual 270

Contents

Administration Guide Published 2012-09-24 SWD-20120924140022907 Contents Configuring security options 101 111 136 168 206 217 247 266 292 328 337 369 392 423 493 498 Date Description Overview BlackBerry Enterprise ServerDocument revision history Device before assigning the device to a new user User account Troubleshooting IT policiesTask Chapter Create administrator accounts On BlackBerry devices Task Chapter Task Chapter Optional tasks Task Chapter Server Components and for the BlackBerry ConfigurationDatabase Files There is a problem with this websites security certificate Click LogRelated information Click Trusted Root Certification Authorities. d Click OK This connection is untrustedClick View certificates Close and reopen the browser Close and reopen the browser Creating administrator Accounts Administrative roles and permissionsPreconfigured administrative roles Administration GuideCreating administrator accounts Administration GuideCreating administrator accounts Administration GuideCreating administrator accounts Administration GuideCreating administrator accounts Creating roles Create a role Create an administrator account Create a role based on an existing role Click Manage users Add an administrator account to a groupClick Create an administrator user Click Edit user Create a group to manage similar user accounts Assign a BlackBerry device to an administrator account Administration Guide Preconfigured IT policies Preconfigured IT policy Description Advanced Security Default values for preconfigured IT policiesFrom downloading third-party applications Requires devices to encrypt external file systems RIM Value-Added Applications policy group Password policy groupMaximum Password History Security policy group Allow Other Yes Calendar Services Message Bluetooth policy groupDisable Address Yes Book Transfer Discoverable Mode Create an IT policy Wireless Software Upgrades policy groupCreating and importing IT policies Click Create an IT policy Click Edit IT policy Create an IT policy based on an existing IT policyImport IT policy data Click Manage IT policies Change the value for an IT policy rule Import IT policy rules from an IT policy packClick Add all IT policies Related information Click Manage groups Assign an IT policy to a groupAssign an IT policy to a user account Click Save all Related information Sending an IT policy over the wireless network Resend an IT policy to a BlackBerry device manuallyResend an IT policy to a BlackBerry device automatically Click Edit instance Assigning IT policies and resolving IT policy conflictsExpand BlackBerry Domain Component view Method Description Option 1 Applying one IT policy to each user account Scenario Rule Option 2 Applying multiple IT policies to each user account Rank IT policiesClick Manage IT policies Click Set priority of IT policies You add a new user account to a Highest in the BlackBerry Administration ServiceYes setting is applied for this rule Groups that the user account belongs Default value of Yes. You assign To No. You ranked IT policy a higher Click Manage IT policies Click Preview resolved IT policies Select two or more IT policies Click Preview Create an IT policy rule for a third-party application Click Create an IT policy rule Click Export Export all IT policy data to a data fileClick Manage IT policy rules Click Download file Delete an IT policy List of IT policies, click an IT policy Configuring security options Managing device access to the BlackBerry Enterprise Server Turn on the Enterprise Service Policy Configure the Enterprise Service PolicyClick BlackBerry Enterprise Server Click Edit component Permit a user to override the Enterprise Service Policy Extending messaging security using PGP encryptionExtending messaging security to a BlackBerry device Extending messaging security using S/MIME encryption Configure encryption options for S/MIME-protected messages Click Restart instance Related information Enforcing secure messaging using classifications Create a message classification Order message classifications Delete a message classification Generate a PIN encryption keyClick BlackBerry Domain External services turned on drop-down list, click No Restart the BlackBerry Enterprise Server Administration Guide Remove decrypted content from BlackBerry device Scenario RecommendationHas elapsed To the desired time for example, 10 minutes Configuring the BlackBerry Enterprise Server environment Best practice Running the BlackBerry Enterprise ServerBest practice Description Click Edit instance Click Save all Click Save all Related information Administration Guide Turn off Web Proxy Autodiscovery Protocol Before you begin Address field, type the URL for the PAC file Click OK Type traittool -global -trait BASProxyBasicAuthUID -erase Delete credentials for Http basic authenticationTask Steps Type traittool -BASServer name -trait BASProxyBasicAuthUID Click Save all Related information Type regedit Configuring support for Unicode languagesConfigure support for Unicode languages Click OK Perform one of the following actions Restarting BlackBerry Enterprise Server components Related information Type regedit Create a group to manage similar user accounts Configuring user accountsCreating user groups Add user accounts to a group Add a user account Add to user configuration list, click Add groupAdding a user account to the BlackBerry Enterprise Server Click Create a user Click Create a user without activation password Click Create a user with activation passwordClick Create a user with generated activation password Option Step Export a list of user accounts Save the .csv file Fields in a .csv file that contain user account information Field Description Import multiple user accounts from a .csv file Elapses Click Continue Assigning BlackBerry devices To users Preparing to distribute a BlackBerry device BlackBerry Administration Service Assigning BlackBerry devices to user accountsMethod Wi-Fi network Click Associate user Click Assign current device Wireless activation Click DefaultSave bandwidth by synchronizing organizer data over the LAN Intended user Activation passwordsPassword expire earlier than the default value of 48 hours Cannot reuse it to activate another BlackBerry device Customize the activation password Send an activation password to a userCustomize the activation message Send an activation password to multiple users Click Specify an activation passwordOption 3 Activating BlackBerry devices over the LAN Administration Guide Administration Guide Activate a Wi-Fi enabled BlackBerry device Click Enterprise Activation100 Click High availablity summary Configuring BlackBerry Enterprise Server high AvailabilityCheck the health of a BlackBerry Enterprise Server 101 Defining when failover occurs How the BlackBerry Enterprise Server uses health parameters Administration Guide Changing the promotion threshold and failover threshold Click Edit Automatic Failover settings Health parameter Description This health parameter Provide services for attachment viewingAttachment viewing Threshold so that they are below this health parameter 107 108 Administration Guide Click Manual Failover Click Yes Failover to standby instanceVerify that the failover event occured 111 Click Turn on automatic connections failover 112 113 Click Edit instance Click Save all Create a BlackBerry Router pool for high availability Related information 118 Restart the BlackBerry Administration Service instances 119 Related information Availability state for the instances changes automatically 122 Remove a BlackBerry Attachment Service instance from a pool Remove a BlackBerry Router instance from a pool Click Edit instance or Edit host instance124 Verify that the DNS server is running 125 Configuring database mirroring Stop the BlackBerry Enterprise Server instances Start the BlackBerry Enterprise Server instances 128 Click Resend database mirroring parameters 129 Stop the BlackBerry Enterprise Server instances Select Overwrite the existing database Click Replication131 Select By impersonating the process account Accept or change the default schedule. Click NextRight-clickLocal Publications. Click New Publication Click OK. Click Next Right-click the server. Click Properties Click Finish 133 Start the BlackBerry Enterprise Server instances Configuring a new mirror BlackBerry Configuration Database 135 136 Preparing to distribute BlackBerry Java Applications 137 Click BlackBerry Administration Service Click Edit component 138 Click Add application Click Add or update applicationsAdd a collaboration client to the application repository Click Publish application Standard application control policies Configuring application control policiesSpecify keywords for a BlackBerry Java Application Click Manage applications Application control policy Description Click Manage default application control policiesChange a standard application control policy Click Edit application control policy For required BlackBerry Java Control policy Applications Perform any of the following tasksCreate an application control policy Policy Application control policies for unlisted applications IT policy rules take precedence on smartphones Click the application control policy that you created 144 Creating software configurations 145 Create a software configuration Click Create a software configurationClick Manage software configurations Click a group Assign a software configuration to a groupClick Add to software configuration Click Save all 147 Assign a software configuration to multiple user accounts Assign a software configuration to a user account148 Complete the instructions on the screen 149 View the status of a task Error messages BlackBerry Java Application tasksView the status of a job Click Manage deployment jobs QueueModule failed, processing stopped Device timed out waiting for module Incomplete ACK data for Appd request Device reported insufficient memory to install moduleDevice reported insufficient privileges to install module 152 Error messages BlackBerry Device Software tasks Available upgrade rejected Upgrade rejected Available upgrade deferred by userUpgrade prompt deferred Upgrade failed, rollback complete Failed to backup data to database Error messages Standard application settings tasksRestore failed -- error getting value Failed to set properties for item Error messages IT policy tasks Stopping a job that is running Reject Security Violation Reject Authentication FailedInvalid password Set Password Failed 158 Stop a job that is running Click View users with application Administration Guide Reconciliation rules BlackBerry Java Applications On the BlackBerry device Scenario Rule Reconciliation rules BlackBerry Device Software Reconciliation rules Standard application settings Reconciliation rules Application control policies Scenario As disallowed is assigned to a user account. a software You ranked highest in the BlackBerry AdministrationIf unlisted applications are defined as disallowed in a Unlisted applications are not permitted on the BlackBerry 168 Loader tool LoaderDevice to the computer Desktop Software BlackBerry device 170 BlackBerry Java Application BlackBerry APIs and Java ME standard on BlackBerry devicesUser’s computer 171 Windows 2000 or later, Windows XP, or Windows Vista 172 Enable the BlackBerry Application Web Loader on a web server Web server Administration Guide 175 Before you begin Administration Guide BlackBerry device Install the BlackBerry Java Application on a web server Click Download179 180 Click Save all After you finish 181 Click Save all 183 Administration Guide Related information Click Save all Related information 187 Administration Guide Add a certificate for the BlackBerry MDS Connection Service Task Steps Administration Guide Click MDS Connection Service Click Edit component 193 Click MDS Connection Service Click the Edit icon beside the Ldap server194 Base Query Default base query for some Ldap serversService URL Each query Use to authenticate with the Dsml certificate server Authenticate with the Dsml certificate serverChange a configuration for an Click Save all Type the CRL server name and the web address for the server 199 200 Configure global login information for intranet site access On the Http tab, click Edit component201 Click Edit instance Specify the maximum number of scalable socket connections 203 204 205 Setting up the messaging Environment Creating email message filters Click Save all Click Continue to user information edit Click Save all Enabled drop-down list, click Yes Save the .xml file209 Import email message filters for a user account Copying existing email message filters to user accountsExport email message filters for a user account Click Import email message filters Click Save all Install an extension plug-in application Extension plug-ins for processing messagesClick OK Perform one of the following actions 211 Add an extension plug-in to a BlackBerry Messaging Agent 212 213 Search for a user account 214 215 216 Configure the certificate information using IT policies Click an IT policy 218 Click Save all After you finish Click Save all After you finish Click the name of the Wi-Fi profile that you want to change Add certificate information to a Wi-Fi profileClick Manage Wi-Fi profiles Managing an enrolled certificate 222 Properties in the rimpublic.properties file Property Description Making the BlackBerry Web Desktop Manager available to Users 224 Deploy Software window, click Advanced Click Include OLE class and product informationClick OK 225 Click Create a GPO in this domain, and link it here Click Add Click OKExpand Group Policy Management Forest Domains 226 Configure the Microsoft ActiveX Installer on Windows Vista Enter the value of the item to be added field, type 2,2,1,0Each dialogue box, click OK Name the file EnableActiveXInstallFromAD.adm and save it 228 Click Enabled Click OK Make the BlackBerry Web Desktop Manager available to users Configuring the BlackBerry Web Desktop Manager 230 231 Change the text colors in the BlackBerry Web Desktop Manager Parameter Description Default BlackBerry Web Desktop Manager text colors Display a custom image in the BlackBerry Web Desktop Manager 234 Creating and configuring Wi-Fi 19 profiles and VPN profiles Creating and configuring Wi-Fi profilesPrerequisites Creating Wi-Fi profiles and VPN profiles Connection types and port numbers for a Wi-Fi network Port assignments might vary by mobile network provider 236 Connection type Default port number Where to configure Create a Wi-Fi profileCreate a Wi-Fi profile based on an existing Wi-Fi profile Click Create Wi-Fi profile Assign a Wi-Fi profile to a user account Configure a Wi-Fi profile on a BlackBerry deviceAssign a Wi-Fi profile to a group Click Set Up Wi-Fi Network Click the name of a Wi-Fi profile Creating and configuring VPN profilesConfigure a Wi-Fi profile Click Edit profile Create a VPN profile based on an existing VPN profile Configure a VPN profileCreate a VPN profile Click Create VPN profile Assign a VPN profile to a group Assign a VPN profile to a user accountOn the VPN profiles tab, click Edit group Click the name of the Wi-Fi profile Delete a Wi-Fi profileAssociate a VPN profile with a Wi-Fi profile Click Delete profile Click Yes Delete the profile Delete a VPN profile Importing profile information from a .csv fileClick the name of a VPN profile Example Adding profile information to user accounts 244 Fields in the .csv file that contains profile information Example Removing profile information from user accounts Enterprise Wi-Fi network or VPN, if a user name is required Quotation marks in the passwordImport profile information from a .csv file Configuring WEP encryption BlackBerry devices do not support a WEP passphrase Configuring PSK encryption Configuring Leap authentication Configuring Peap authentication 251 Click Place all certificates in the following store Possible cause Select the Inner link security type Configuring EAP-TLS authentication 255 Configuring EAP-TTLS authentication 257 Security Type list, select EAP-TTLS Inner link security type list, select EAP-MS-CHAPv2258 Configuring EAP-FAST authentication Configure EAP-FAST authentication259 Click Manage Wi-Fi profiles Security Type list, select EAP-FAST Configuring software tokens for 21 BlackBerry devices Configure BlackBerry devices for RSA authentication Click the name of the VPN profile that you want to change Assign software tokens to a user account 265 266 267 Before you begin 269 270 Click Save all 272 273 Protecting and redistributing Devices Preparing a device for redistribution to a new user274 On the Devices menu, click Attached devices Device software Deleting only work data from a deviceClick Associate user 275 Device permanently deletes the following work data Are deleted when you delete work dataDeleted when you delete work data Call logs Delete only work data from a device 277 IT administration command Description Protection, you cannot use this commandDelete only the organization data Protect a stolen device Protect a lost deviceApplication data Protect a lost device that a user might not recover Click Specify new device password and lock device 281 Managing administrator Accounts Change the roles for an administrator accountChange role permissions Delete an administrator account Delete a roleClick Delete role Click Yes Delete the role Status list, click Delete user Click Yes Delete the user284 Managing groups and user Accounts Managing groups285 Default group Description of the default group Remove a user account from a groupClick Remove from group membership Delete a group Change the properties of a groupRename a group Click Edit group Managing user accounts Move a user account to a different group288 Delete a user account from the BlackBerry Enterprise Server Update the contact list manually Update a user account manuallyAdd an administrator role to a user account Click Back to search Click Refresh available user list from company directory Resend service books to a BlackBerry deviceCommunications list, click Resend service books to a device 291 Managing the default distribution settings for jobs Change default settings for a job schedule292 Necessary, set the start time and end time Change how IT policies are sent to BlackBerry devicesStart time drop-down list, click the appropriate option. If 293 Default value is Perform any of the following tasks 294 295 BlackBerry Device Software Recurrence days cannot overlap296 If necessary, change the start time and end time 297 Managing the distribution settings for a specific job Specify the start time and priority for a job Change how a job sends IT policies to BlackBerry devicesClick Edit job Scheduled deployment days drop-down list, click 301 302 303 Managing BlackBerry Java Applications on BlackBerry devices 304 Click Add applications to software configuration Click a software configurationClick Edit software configuration 305 Managing software configurations Remove a software configuration from a groupRemove a software configuration from multiple user accounts Remove a software configuration from a user account Delete a software configuration307 Restricting user access to content on web servers Specify web address patterns Create a pull rule Control type drop-down list, click Pull Click the Add icon Click Manage users Click View more criteria Assign a pull rule to the members of a groupAssign a pull rule to user accounts Search for a group Prevent users from accessing specific media types Configure download limits for media content typesClick Add Click Save Default download limits for media content types Mime type Maximum number of bytes per connection KB313 Configure download limits for media content types Administration Guide After you finish 317 318 Click a BlackBerry MDS Connection Service instance Pull Authorization drop-down list, click Yes319 Create push initiators for push applications 320 Turn on push authorization After you finish Create a push rule321 After you finish Assign push initiators to the push rule Create a push ruleAssign push initiators to a push rule 322 Assign a push rule to the members of a group Assign a push rule to user accounts Managing push application requests Specify device ports for application-reliable push requests Click Save all Click Restart instance Related information 325 326 327 Managing the wireless backup and recovery of organizer data Managing organizer data Synchronization328 Turning off organizer data synchronization 329 330 Changing how organizer data synchronizes 331 Click Continue to user information edit Click Save all Synchronizing contact pictures 333 334 Managing message forwarding 335 Click Continue to user information edit Click Save all Turn off email message forwarding to a user account 337 338 Managing the incoming message queue 339 Managing wireless message reconciliation Managing access to remote message data Click Edit instance Managing email messages that contain Html and rich content 343 Click Save All Resend the updated IT policy to the BlackBerry devices Click the name of the IT policy that you want to change345 Synchronizing folders on the BlackBerry device 346 Click Continue to user information edit Click Save all Configuring access to documents on remote file systems 348 Click Save all Examples for step Click the instance that you want to change 350 Managing signatures and disclaimers in email messages 351 Click Edit instance Specify conflict rules for disclaimers Turn off disclaimers for email messages353 Sending notification messages to users Click Select from mail address list354 Click Send message Send a notification message to group membersType the message that you want to send Click Send message to users in group Click Send message to user Change the size of the message state databaseSend a notification message to a user 356 Related information 358 Limitations for supported attachment file formats Format ExtensionFormat and extension Limitations OpenOffice Format version 1.1 .odp Table of contentsConnector shape route that connects to shapes Files IBM Lotus Symphony only Headers and footers ChartsStyle effects for cells shadow, borders Drawing objects and Fontwork objects BlackBerry Attachment Service optimization settings Setting Description Range Default value is Server busy time Suggested file sizes for attachments File format Suggested sizeZIP archives Less than 2000 KB 365 Administration Guide Prevent users from sending large attachments 368 Managing calendars 369 Type New-ThrottlingPolicy BESPolicy Type the following commandTurn off client throttling in Microsoft Exchange 370 After you finish Example 372 373 Administration Guide Setting that you specify applies to a specific user Correcting calendar synchronization errors on devicesGlobal Setting that you specify applies to all users Level Description Turn off corrective calendar synchronization Example Turning off the process for all usersExample Turning off the process for a specific user Example Viewing the global calendar synchronization settings Administration Guide Configure when corrective calendar synchronization runs 379 Logging information for corrective calendar synchronization Email application380 Delete a setting for corrective calendar synchronization Specifies that a calendar item is missing on the device381 Communications list, click Synchronize calendar Type regedit Installing a collaboration client on BlackBerry devices Managing instant messaging Click Edit instance For Microsoft Office Access serverOption Description 386 Managing instant messaging sessions 387 Managing instant messaging features 388 Prevent users from saving instant messaging conversations Back up the UserInfoConfig.xml file Save the UserInfoConfig.xml file Restarting BlackBerry Enterprise Server components Component Administration ServiceManaging a BlackBerry Domain BlackBerry Enterprise Server Administration GuideManaging a BlackBerry Domain Using the BlackBerry Enterprise Trait Tool Use the BlackBerry Enterprise Trait Tool BlackBerry Enterprise Trait Tool traits Trait Description Default value is false 0, the BlackBerry Messaging Agent For proxy authenticationCalendar contents on the device. When the amount of time If you configure the EWSServiceAccount trait SP1 EWSEnableBlackBerry Messaging Agent, all BlackBerry Messaging Agent Instances on all BlackBerry Enterprise Server instances ExchangeDisableConfirmEmailDelivery Users status using Microsoft Exchange Web Services or byUsers status using Microsoft Exchange public folders ExchangeEnableMLangConversion Mailboxes, change the value to true ExchangeSmartSyncEnableFor calendar errors on devices Might be an impact on the performance of your organizations Corrects calendar synchronization errors automatically Default value is DailyDefault value is true 1, the BlackBerry Messaging Agent Calendar synchronization errors on devices at 1200 AM Default value Default value is true 1, the BlackBerry Mail Store ServiceFunction, you can access the BlackBerry Messaging Agent Disabled on the device Services that the device can connect to, type the SRP IDs Default value is true 1, the BlackBerry Enterprise ServerService can synchronize at the same time during a full Services. Separate the SRP IDs with a comma Additional processes for IT policies or service books Change the default value of this traitPolicies and service books Books, change the value to false Processes for PIN encryption keys Uses to update the list of BlackBerry Router instancesDefault value is 75% RouterAutoDiscoveryMethod UserHealthPercentage BlackBerry Dispatcher uses this trait to change the UserEnvironment Managing BlackBerry CAL keys Add or delete a BlackBerry CAL key407 Copy a BlackBerry CAL key to a text file 408 Configuring a Hosted BlackBerry services environment 409 Related information 411 Before you begin Configuring a Hosted BlackBerry services environment Restarting BlackBerry Enterprise Server components Before you begin Configuring BlackBerry Policy Service throttling Type traittool -global -list 417 Administration Guide Trait PolicyThrottlingP2PKeyRate -set Delete a BlackBerry Policy Service throttling setting 420 421 422 Administration Guide Click Controller MaxUserDumpPerDay value field to Click BlackBerry Collaboration Service Change how the BlackBerryClick BBAttachServer Click MailStore Click BlackBerry Mobile Data ServerClick BlackBerryRouter Click PolicyServer Change the default event monitoring level BlackBerry Enterprise Server Alert ToolClick SyncServer Define a notification recipient 430 BlackBerry Enterprise Server Log files Monitoring PIN messages, SMS text messages, and callsMonitor PIN messages List of IT policies, click the appropriate IT policy Monitor SMS text messagesTurn off call logging 432 Log files for BlackBerry Enterprise Server components 433 434 On the Logging details tab, click Edit instance Each section, in the Log auto-rolldrop-down list, click True 437 UTF-8 UTF-16LE Click Save all 438 Component identifiers for log files Component identifier Logging component BlackBerry MDS Connection Service log files On the Logging tab, click Edit instance Click Save all Related information On the Logging tab, click Edit instance Click Yes Logging section, perform any of the following tasksTrace how data packets travel inside the gateway BlackBerry device retrieves from the PGP server 443 BlackBerry device connections Connects using a proxy serverAttribute Description Domain that requests the BlackBerry device connection BlackBerry Collaboration Service log files On the Instance information tab, click Edit instanceFalse Trace how data packets travel inside the GME network 446 On a 32-bit version Configuration Database Windows1433 Windows registry \BlackBerry 21099 BlackBerry Configuration Panel 448 Incoming data connections from, and outgoing data 2000 BlackBerry Administration Attachment Service 449 Data connections between BlackBerry AdministrationConnection Default port Type Number Connection Outgoing conversion results of large attachments to On a 64-bit version of Windows 4071 Windows registry On a 32-bit version 1433 forOutgoing syslog connections to the Snmp agent 451 \BlackBerrySNMPAgent 1433 for BlackBerry Configuration\Research In Motion\ \Parameters\UDPPort BlackBerry Controller connection types and port numbers 5096 Windows registry Agent On a 32-bit version BlackBerry Dispatcher connection types and port numbersPort number Agent That BlackBerry Messaging Provides \TcpPortDispatcher Incoming data connection from the BlackBerry database Microsoft SQL Server hosts WindowsServer\Database\Port \SOFTWARE\Research Motion 455 Outgoing data connections to the BlackBerry Dispatcher 5096 Windows registry On a 32-bit version456 4070 Windows registry On a 32-bit version 457 \UDPPort Server\Agents\UDPPortIncoming data connections from the BlackBerry database If access control for push applications is turned on 459 7874 BlackBerry Administration Service Incoming data connections for reliable pushesDatabase Incoming data connections from, and outgoing data BlackBerry Policy Service connection types and port numbers 55503 BlackBerry Configuration Service console Panel3200 Connections to, the BlackBerry Dispatcher \BlackBerryRouter \ServicePortBlackBerry Router connection types and port numbers 462 463 \DevicePort 464 CalHelper connection type and port number Port number Agent That BlackBerry Messaging Provides 465 IBM Lotus Sametime connection type and port number Microsoft Exchange connection types and port numbers TLS Snmp agent connection types and port numbers Connections to, the BlackBerry Collaboration ServiceNovell GroupWise Messenger connection type and port number 8300 Syslog connection type and port number Troubleshooting36 Possible cause Possible solution470 Troubleshooting BlackBerry Enterprise Server Performance Press Enter 471 Troubleshooting Setting up user accounts Troubleshooting Messaging Messages are not delivered to BlackBerry devices Troubleshooting Instant messaging Text does not appear correctly in Unicode email messages 475 476 Troubleshooting BlackBerry Web Desktop Manager Does not support the version Troubleshooting Connections to the Wi-Fi network BlackBerry device cannot connect to a Wi-Fi networkClick Wi-Fi Options BlackBerry device is not assigned Click Wi-Fi Tools Wi-Fi Diagnostics Status fields for Wi-Fi connections Indicator Description To a specific access point Device is associated with the access pointStatus indicators are the following icons Connection to an access point Group ciphers have one of the following values Group CipherCipher None Status fields for VPN connections Status fields for UMA or GAN connections Status fields for BlackBerry Infrastructure connections Arfcn BlackBerry device cannot open a VPN connection Status fields for Enterprise connections Issue on the Wi-Fi network Correctly Verify that Wi-Fi Preferred is selectedBlackBerry device is connected to a Wi-Fi network Is displayed Verify whether a BlackBerry device can resolve an IP address Look up a computer name to resolve an IP address Troubleshooting BlackBerry Administration Service pools Troubleshooting BlackBerry Monitoring Service connections User cannot log in to the BlackBerry Monitoring Service Troubleshooting IT policies 492 Glossary37 Enterprise Service Content protectionDSML-enabled Device transport key IP address IT administrationCommand IPsec Messaging server Mirror databasePrincipal database Triple DES VoIPWitness Legal notice 498 499 Administration Guide