Wednesday, 29 January 2014

Installing BES Express 5.0.4 on Windows 2012 with Exchange 2010

Exchange 2010 is pretty good at supporting most mobile devices with pretty good security option such as the ability to wipe the phone if it goes missing or the option to push out policies. However I still come across companies who still use Blackberry servers to manage their mobile devices, so if you are one of the dying breed of admins who still support a bes server, this guide is for you.

Once you have installed your Exchange server you can now install you BES Express server, but before you can install your Bes server, you need to setup a bes admin account.

The bes admin account needs to have local admin rights on the bes server but doesn't need domain admin rights. There are some specific rights that the account needs or you'll have problems with user rights and the bes server wont work, so this is how you setup the account.

First open AD users and computers and click on view in the menu bar and advance features.


Go back to the left column and right click on the domain and click on property.


You now need to add the besadmin account and give it the appropriate rights, click on the add button.


Type in besadmin and click check name and then ok.


Now click on the advance button and click on the besadmin account and click on the edit button as shown below in yellow.


Now make sure the type is set to allow and select descendant user object in the applies to  selection, finally click on send as in the permission section and click ok. close all the other boxes.


You now need to download the cdo file which is vital for bes to work, download the cdo file using the following link:
CDO Download


You are now ready to install Bes 5.0.4. Download the current version of BES express to your desktop and click on setup to start the install process.


Make sure that you log on to Windows as besAdmin as this is the account that needs to be used for the install process.


 On the license agreement page type the besadmin account and the name of the organisation.


You now need to install a database, the SQL Express is more than enough to handle the small user base that the express version can handle, click next.



Click next on the next page.




Review the pre-installation checklist and click next.


Install the SQL express unless you want to run big boy SQL, click next.


On the next page type in your besAdmin username and password and click next.


Check the details in the summary page and click install.



You may at this stage get an error prompting you to install .net 3.0, if this is the case mount the windows 2012 CD and install .net using the option below.


If you had to install .net, you will need to run through the install process again and up to the summary page. the next stage of the installation is the database options, keep the default settings and click next.


You will be prompted to install a database, click yes, the database will now be installed. once the DB installation has completed, click ok on the box and click next.


You now need to type in your bes key, the SRP identifier, and the SRP authentication key which you should of obtained from the blackberry site. if you haven't got one, go to this link blackberry.com


Input your details and click verify, if the details are correct, you will see the screen below. click on the next button.


Now add the name of your exchange 2010 server and the besadmin username and click check name. click next.


On the administration setting page you need to type a password for the SSL cert.


On the next page type out the AD details for the besadmin account.


On the next page, keep the default options and click next.


Next the bes services will attempt to start.


Finally if all the service start with no issues, you will come to the final page which will show the URL needed to log onto the web portal, make sure you make a note of this as its a real pain to find after.


The last task is to log onto the web portal to ensure it works.


And that's it you now have your Bes server for your blackberry's.

Thursday, 16 January 2014

Installing CU3 for Exchange 2013

Installing cumulative update 3 for exchange 2013 is a relatively simple affair, you need to ensure that you have rebooted the exchange server since the previous install of CU2  or when you try to install CU3 you will be told to restart your server first. I had to do 3 restarts of my server before it would allow me to install CU3.

The first thing that you need to do in unpack the CU3 file, do so at a location of your choice before continuing to the next stage.



Now go to the location where you unpacked the files for CU3 (Mine is called CU3) and look for setup and click on it. You will see a command box pop up briefly and then nothing for a few minutes, but dont worry, you will eventually see the welcome to CU3 box to start the install process



Next you can start the install process for CU3. The first thing you will see is the check for update box, allow the check to run and then when it doesn't find anything (which is normally the case) click next to take you to the next stage



Once the checks are completed, you will be prompted to continue with the update, click on next to continue the install.



The setup will now do a series of checks to see if the server is ready to be upgraded, if it passes the checks you will see the license agreement as below



It is at this stage that the update will prompt you to restart your server if it hasn't done so since the last CU2 update and like I stated earlier, it may prompt you to do so several times, bear with it and do what it request and it will eventually take you to the next and final part of the install.


The final stage will take some time to complete, once it has completed, don't forget to reboot your server. If you have a DAG, you need to install the update on all nodes and and CAS servers that are part of the array and don't forget to restart these too!

Friday, 10 January 2014

How to use a Sonicwall firewall with Exchange server

There are a number of ways one can connect an Exchange server to the outside world. my preference is using a firewall, a Sonicwall firewall to be precise, as they just work. And now, with the latest generation of Dell Sonicwalls, the wizards are even easier to run. Let me show you how



On the Public Server type page select mail server and chose the ports needed for your organisation, in my case it was port 25




On the server private network page, insert the name of the server and the internal address of the server



Next type the external address of the firewall



Finally you will reach the summary page, confirm the information in the summary and once you are happy, click apply and the sonicwall will auto configure the rules for you. Your exchange server will now be accessible to send and receive mail.