During the install of BES Express (just after then BBerry CAL and SRP screen) I received an error which stated:

I had already followed the steps on page 17 of the INSTALLATION AND CONFIGURATION GUIDE:

all of which were accomplished without error.

If I try to run those commands again, I get errors telling me they have already been completed like:


I have confirmed that AD shows the BESAdmin account as a MEMBER OF: VIEW-ONLY ORGANIZATION MANAGE .

After about 30 minutes of goofing with this I assumed it was an incorrect error message and told the BES Express install to continue anyway.

I can now log into the BES Admin Console without problem and create new users. However, those users do NOT receive the ACTIVATION message on their BBerry's. This is hopefully an unrelated problem I will work on tomorrow.

I checked several of the logs but not find much that worried me. Note that I don't know what I am looking for so there may be errors I missed.

Is this error something I should worry about?

We have the same situation here. any solutions for this? we cannot activate any device. etp.dat file stays in user mailbox.
BES Express and MS Exchange 2010

Assign Send As permissions to all users via Active Directory

1. Open Active Directory.
2. Select the "View" menu and ensure "Advanced Features" is checked.
3. Right mouse click on your domain name and select Properties
4. Select the Security tab
5. Press the Advanced button at the bottom on the security tab
6. Select "Add" and enter your Blackberry Service Account name (e.g. BESadmin) and select OK
7. When the permissions screen appears change "Apply onto:" to "User Objects" (or xxx8220;Descendant User Objectsxxx8221; on Server 2008)
8. In the permissions box scroll down and check the Allow box beside "Send As" and press OK
9. Press Apply and OK to exit


Also did you remove throttling and upgrade to RU1?

Thanks but already done that, also removed throttling and updated with rollup1. Error is the user account does not have the exchange view only administrator permission. anything else?

IS BESAdmin a normal user?
Did you only give the needed permissions and knot too many?

i hope this will help.
tnx.

this is for besadmin user on another BESX that is fully functional.

Hi Knottyrope;

Thanks for the detailed response.

1: I did NOT have the SEND AS permission set as you explained (even though I had run the scripts in the install manual). I have corrected that as per your documentation.

2: I did remove throttling

3: I am running the most updated build of Exchange 2010 (and Forefront 2010 for Exchange).

I am now able to attach BBerry's through the wizard on the BBerry hardware but if I CREATE A USER, the user does NOT receive an activation email.

I have whitelisted blackberry.net but again, I am not seeing the emails. I will do my own research on this later today and start a new thread if I can't figure it out. However, if you know "the answer" I would love to hear it.

Thanks for the help. It is appreciated.

After you add the person you have to send the activation email out via BAS. It does not do it automatically. The email will be ger=nerated via BES through exchange to the user.

Once the user gets it then setup up activation on the phone, then the etp.dat file will be emailed from device to RIMs NOC and to your domain.

Looks like the permissions were not set for it.

try again

Hi Knottyrope;

Again, thanks for the response. I have not read the manual on the activation process nor have I done my due dilligence researching before I post. I simply noticed the issue and thought it might be related to the original topic.

However...

After I create a NEW USER or SPECIFY AN ACTIVATION PASSWORD for an existing, the following appears:

This message not arrive on the BBerry (which makes sense) considering it doesn't know which BBerry to send it to yet and it does not show in mail (i.e. if I log into OWA, it just does not appear).

I will research this tonight and post a solution or another question if I can not figure it out.

Thanks again!

That is one that is set. Then you add in that pass onto the device and activate it. Only works with a BES plan though. If you do the generate password and emails it, it will goto users account with info on how to activate it.

In other words, creating a user, or an activation password does not send a message to the user UNTIL they start the process of activating.

BES will send a mesage to user with activation password if you select generate and email password in BAS.

Once the user goes to device and enters in enterprise activation info, the device sends it to RIM's NOC and then RIMs NOC send an email to your exchange server that BES picks up and starts the activation.

But not via the NOC, and not with an attachment (ETP.DAT). It just sends it to the user via the BESAdmin account. Only after the activation starts to happen from the device end does the message with the attachment from the NOC get sent.

I think that's what is confusing about what he's thinking is supposed to happen (and really, what the instructions are saying) and what actually does happen.

we recreate besadmin user for the second time, assigned permissions to user by rim technical documentation. but same thing happens :( you think that user have too many permissions?
Add-RoleGroupMember "View-Only Organization Management" -Member "BESAdmin".
as you can see on this picture, user besadmin is in View-Only Organization Management on MS Exchange 2010. but still get the same error "does not have the exchange view only administrator permission".

But on Microsoft TechNet i found this:
View-Only Organization Management
This role is equivalent to the Exchange View-Only Administrators role in Microsoft Exchange Server 2007
any other hint please?
tnx.

Thanks guys. From my end all is well.

I sincerely appreciate the detailed responses and clarifications. They were quite helpful.

I completed my first round of documentation on how to install BES Express on a Single Server Exchange 2010 environment. Primarily this is my cook book as I have several of these roll outs to process this summer but I thought this might help others who are reading this thread:

How to Install BES Express on Exchange 2010 Single Server | Commodore.ca | Windows

Nice one! Thank you. The tip is to ignore popup info that bes don`t have view-only permissions! and press yes!
for now all is working fine. i`ll be monitoring this BESX for some time.

[quote=calgarytech;1598644]I completed my first round of documentation on how to install BES Express on a Single Server Exchange 2010 environment. Primarily this is my cook book as I have several of these roll outs to process this summer but I thought this might help others who are reading this thread:
QUOTE]

Thank you for the informative post. Essentially there are 4 things I've identified that are wrong on the installation guide posted by Blackberry or during the install process that you have so thoughtfully included for us.
1. Send AS Permissions have to be applied using Active Directory Users and Computers sa you have shown.
2. Throttling Policy command on the Blackberry documentation is wrong and you show the correct one.
3. The SRP key, authentication key, etc. are named incorrectly on Blackberry's licensing webpage
4. Ignore the error you get about besadmin not being an exchange view only organization management user.

Thanks again for the great guide, I appreciate it. I am a former Calgarian and was there during the 1988 Olympics. I hope you enjoyed having the Olympics hosted once again in Canada and having the torch run through your city.

It appears since I have less than 10 posts I cannot post the link to Calgarytech's install guide so please refer to his post above for the link.

Harry