How to Fix my BES install...
I have BES Express installed on Server 2008 32-bit.
It connects to Exchange 2007 on Server 2008 64-bit.
I can get all of the BES services to start, but I can't start the SQL service.
I ran dcpromo on the BES server (made it a domain controller).
The server restarted and the blackberry services didn't start.
I added the the "besadmin" as a local administrator on a 2008 domain controller (because that happened on another server and that's how it fixed it)
This didn't work. So then I found that I needed to assign "besadmin" to "log on as a service" in the local security policy.
I couldn't edit the damn local security policy. I connected remotely to another server I manage where BES Express is running on a 2008 domain controller, went into security policy and I could edit everything fine.
So I tried some things like raising the forest functional level, running gpupdate /force on all of the servers, etc.
Finally I figured the quickest way to get this fixed was to just run dcpromo again, remove it as a domain controller and it would go back to normal.
I did this, and restarted, the bes services wouldn't start, I fixed permissions for "besadmin" to be a local admin and have "run as a service rights" and got the services to start.
But SQL is messed up. I tried adding "network service" to "log on as a service", that doesn't work, I can't do a repair install, I can only modify.
I can't do a repair install of bes, the only option is remove.
So I am not sure what to do. At this point I would like to just backup the bes database, uninstall bes and sql, make the server a domain controller, Then reinstall bes and restore the database. But I can't get the SQL Management Studio Express to connect to the database, I can't start the service.
So how can I fix this?
I am fairly confident it is a security/credential issue where some "Local" permission got replaced by a domain permission, and then wasn't restored when I removed the server from the domain.
I tried to do a reinstall. And got this.
The box that is half-covered says "backup the existing db before installing"
I could uncheck that, and then just copy the mdl and ldf files back later, IN THEORY. But the last time I tried that I was getting all sorts of errors, which I am sure were caused by try to go from one version of BES to another. But I still ended up having to reactivate all of the blackberries.
I changed the "log on" tab on the SQL Server (BLACKBERRY) service from "Network Service" to "Local System Account" got the service running, and it seems to be fine.
I am going to now use this as an excuse to learn what the difference between the Local Service, and Network Service is..
Once things are settled down, and I can plan for disaster a bit more I am going to try to figure out what caused me from being able to edit the Local Security Policy (secpol.msc) in that domain, when I can do it in other domains just fine. Then try to make that server a backup DC again.
|All times are GMT -5. The time now is 11:18 AM.|
Powered by vBulletin® Version 3.6.12
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.