Great suggestion!
@Jadey
I tried your suggestion first. I set the user account to the default policy, pointed the BES02 environment at BES01's database, and re-added the user. Like we saw before, email processing works! (somehow...), but unfortunately, the IT policy continued to be rejected.
Take a gander at this KB:
IT Policy Error status
I think this article confirms that even if the policy names are the same, this won't ever work because the BES signs the IT policy using the keys in the GlobalSettings table. As stated - "These keys let the device confirm that the policy key came from its database."
@rsk
I can't find the ITPolicyKeyMapping.sql script anywhere. If you google for it, the results are this thread. The BTSC has no information on it whatsoever. Also, I can't seem to find the script searching through the install files on the BES. Might you have it? I'd like to look at the script to see exactly what it's doing.
However, I was able to use a modified procedure based on your and Jadey's suggestion - and IT WORKS!
Here's the steps I took:
1) Backed up both servers databases - for good measure.
2) Record the public and private keys from BES02's database.
-select PolicyPublicKey, PolicyPrivateKey from GlobalSettings
3) Pointed BES02's database at BES01's database using the Change Database wizard in the BlackBerry Server Configuration.
4) Inserted the public and private keys from BES02 into BES01's database.
-insert into GlobalSettings (Container,PolicyPublicKey, PolicyPrivateKey) values ('site 1', <public key value>, <private key value>)
5) Added the user from BES02 back to BES02 in the BlackBerry Manager
The BES appears to have read the hidden folder for this account on exchange and this can be confirmed because shortly after adding the account, the device PIN populates in BlackBerry Manager - without doing anything on the device. Messaging continued to work and the IT policy was successfully applied.
I know RIM doesn't support making any changes to the database, but I think I'll call them and see their thoughts on this procedure.
I've noticed that the after inserting the new record into the GlobalSettings table that may parameters were automatically entered - i.e. 'NextExternalServicesPort', 'MDSPushMessageMaxAge', etc... However, some other settings inserted nulls - i.e. 'HandheldMgmtConfigProperties', 'ContentProtectionPublicKeys','ContentProtectionPr ivateKeys'.
It makes me concerned if there will be any problems with content protection - which is a mandatory requirement in our organization. Also, does it matter that there's two records in the GlobalSettings table?
If a process like this works, I'm surprised the RIM doesn't have anything formal on it - or do they? It seems to me that having the ability to consolidate databases would be a relatively common task.