View Single Post
Old 08-12-2010, 12:04 AM   #1 (permalink)
scott0482
New Member
 
Join Date: Sep 2006
Model: 8310
Carrier: at&t
Posts: 13
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default How to Fix my BES install...

Please Login to Remove!

I have BES Express installed on Server 2008 32-bit.
It connects to Exchange 2007 on Server 2008 64-bit.

I can get all of the BES services to start, but I can't start the SQL service.

I ran dcpromo on the BES server (made it a domain controller).
The server restarted and the blackberry services didn't start.
I added the the "besadmin" as a local administrator on a 2008 domain controller (because that happened on another server and that's how it fixed it)
This didn't work. So then I found that I needed to assign "besadmin" to "log on as a service" in the local security policy.
I couldn't edit the damn local security policy. I connected remotely to another server I manage where BES Express is running on a 2008 domain controller, went into security policy and I could edit everything fine.
So I tried some things like raising the forest functional level, running gpupdate /force on all of the servers, etc.
Finally I figured the quickest way to get this fixed was to just run dcpromo again, remove it as a domain controller and it would go back to normal.
I did this, and restarted, the bes services wouldn't start, I fixed permissions for "besadmin" to be a local admin and have "run as a service rights" and got the services to start.
But SQL is messed up. I tried adding "network service" to "log on as a service", that doesn't work, I can't do a repair install, I can only modify.
I can't do a repair install of bes, the only option is remove.

So I am not sure what to do. At this point I would like to just backup the bes database, uninstall bes and sql, make the server a domain controller, Then reinstall bes and restore the database. But I can't get the SQL Management Studio Express to connect to the database, I can't start the service.

So how can I fix this?
I am fairly confident it is a security/credential issue where some "Local" permission got replaced by a domain permission, and then wasn't restored when I removed the server from the domain.
Offline   Reply With Quote