Often times at IronTech, we get calls from clients who want to install a new BlackBerry Enterprise Server or Blackberry Professional Software Express (the free version of BES) at their company. Surprisingly, a lot of people run into trouble installing a BES server because of the many steps and prerequisites you have to go through. You really need to have experience installing and troubleshooting a BES extensively to have a fast successful deployment. I have written this Blackberry Server Install Guide to help anyone install a BES successfully. If you run into any issues, email us at info@irontechsolutions.com

—–

BES Install Prerequisites:

-Set aside between 45 minutes to 2 hours to allow yourself time to install all pre-reqs and then install and configure the BES server. You will need to reboot the server so make sure you have scheduled downtime on the server.

-Verify you have the correct Blackberry server software, Licenses, and SRP identifier. If not, call RIM.

-Verify that you are not blocking outbound ports in your organization. If you are, you need to make sure TCP port 3101 is allowed outbound from the server you intend to install the BES on. Your BES will communicate to RIM’s servers using this port. YOU DO NOT need to allow port 3101 inbound to your server.

-Verify that your Exchange Server has SP2 (Service Pack 2) applied.

-If you are installing BES on a member server (which is the best pratice), make sure Exchange System Manager has been installed on it.

-Make sure Outlook is not installed on the same server as the BES. A lot of small businesses with SBS 2003 install Outlook on the server. Uninstall it if you plan to install a BES on an SBS server.

-Install the latest Microsoft Data Access Components (MDAC) from Microsoft:

http://msdn2.microsoft.com/en-us/data/aa937730.aspx

-If you have already installed your SQL server, make sure the BESAdmin account has Server Administrator and Database Creator permission to the database instance.

-Make sure your spam firewall has white listed emails from *.blackberry.net. Working at IronTech, I have seen over aggressive spam firewalls blocking emails required for Enterprise Activation because of .dat attachments in the message.

-Optional: Verify TCP port 4101 is allowed to communicate outbound. This port is used by Blackberry Desktop Manager to do a serial bypass for least cost routing. It is not necessary to open this port unless you need this feature.

—–

Now onto the actual install!

1. Login to your server using a Domain Admin account and create a new user called BESAdmin (and make sure you create a mailbox when you create the account). DO NOT ever use the default Administrator account with a BES. You must create a service account.

2. Verify the BESAdmin user is part of the Domain Users group only. It is not necessary to give the account Domain Admin privileges since we are going to give the account local login access in the next steps but you can give it DA access if you want. It’s best practice to leave the account as a Domain User because you always want to give an account just enough permissions to perform it’s function. Also you have to go back and check Send As/Receive As rights if you give it DA access because they are usually set to deny.

3. Now make the BESAdmin a local admin on the server.

On a Domain Controller or SBS server – This is done in AD via the “Built-in Administrators” group
On a member server – This is done by right mouse clicking My Computer and selecting Manage. From Computer Management expand “Local Users & Groups” and select Groups. From Groups double click “Administrators” and add the BESAdmin account.

4. Now give BESAdmin local rights:

On a Domain Controller or SBS server – “Domain Controller Security Policy” and expand the “Local Policies” and “User Right Assignment”. You need to add BESAdmin to “Log on Locally” and “log on as Service”.
On a member server – “Local Security Policy” and expand the “Local Policies” and “User Right Assignment”. You need to add BESAdmin to “Log on Locally” and “Log on as Service”.

5. Open up Exchange System Manager (ESM) and right click the root “YourDomain (Exchange)”. Click on Delegate Control and add the BESAdmin account as an Exchange View Only Administrator.

6. Drill down in Exchange System Manager until you get to your server name. Right click on the server name and hit properties. Now click the Security tab. Add the BESAdmin account and the following permissions:

a. Administer information store
b. Receive As
c. Send As

7. Open up Active Directory and in the top Menu bar, select “View” and then click on “Advanced Features”. Now go to each user you want to add to the BES server and double click on them. Go to the “Security” tab and add the BESAdmin user. Give the BESAdmin account “Send As’ rights.

8. Logout of the server. Now log back in as the BESAdmin user. Now you can begin the BES server installation. You want to select the “Blackberry Enterprise Server” option. Just double-click on the executable and go through the wizard. Accept all agreements and begin the install. Half way through, it will tell you to reboot. Once the server reboots, you can log back in as the BESAdmin and the installer will automatically start back up and continue the install.

9. Once you get to the database portion of the install, make sure to leave the default name of “BESMgmt” as the database name. You may need to create a new SQL instance for the BES server if you already have other names SQL instances running. Do not put it under once of these are instances. The BES server should run under it’s own SQL instance if at all possible.

10. When you get to the screen to enter the license, just copy and paste it exactly as RIM gave you. Then copy and paste the SRP identifier and SRP authentication key and make sure to Test your connection. If you cannot connect, verify TCP port 3101 is allowed to connect outbound. A simple test is to open a command prompt and type:

telnet srp.us.blackberry.net 3101

If your command prompt goes to a black screen, then you are able to connect.

11. Once the install is done, open up Blackberry Manager. You will get an error saying no MAPI profile has been chosen. Hit okay and type in the name of your server and choose the “BESAdmin” account. Hit “Check Name” and then press OK.

12. Now Blackberry Manager will open up. On the right hand side, you should see that the SRP status is “Connected”. If it is not connected, wait a few minutes and then refresh.

13. Once you verify you have an SRP connection, you can begin adding users. I prefer to use Wireless activation for all handhelds. Just user the Add User wizard in the left hand column to add the user.

14. The user will get an email in his mailbox. Just have the user open Outlook and verify the email has been received from BESAdmin and contains an activation password. The user just needs to go to Enterprise Activation on his/her handheld and type in their email address and this password to activate their account on their handheld. It can take anywhere up to 5 minutes or more to complete an activation depending on the user’s mailbox and speed of connection to their provider’s data network.

NOTE: If the user was using BIS, you may need to wipe the handheld before doing an Enterprise Activation with your new BES server. Otherwise the BIS service books will cause activation to fail.

Always make sure that the date and time are set correctly, the time zone is set to the correct time zone (handhelds default to Casablanca usually), and that the top write corner of the handheld says “EDGE”, “GPRS”, or “3G” in call capital letters and not lowercase.

15. The handheld will tell you when Enterprise Activation is complete. On a new activation (as in this is the first time that particular phone has been added to the BES), it will pull down 14 days worth of email onto the phone. If you had previously had the phone on the BES and you removed it and are reading it, it will not pull down all your old email. Just keep this in mind when doing Enterprise Activations.

Additional Notes:

-If the user you are adding to the BES is a Domain Admin, you can get them on the BES and their handheld will work for a little while but then it will stop sending email after about an hour. I have seen this happen time and time again working at IronTech when we “inherit” a BES server at a new client. This is because your Send As permission for Domain Admins will revert on the Exchange server unless you explicitly edit the ACL to allow for it. Run the following script from a command prompt using the DsAcls tool on your server after installing Windows Server 2003 Support Tools (http://technet.microsoft.com/en-us/library/cc755938.aspx):

dsacls “cn=adminsdholder,cn=system,dc=domainname,dc=com ” /G “YourDomainName\BESAdmin:CA;Send As”

Fore more info on this, view KB 907434 from Microsoft at http://support.microsoft.com/kb/907434

-If you are having trouble activating a device wirelessly, your BES server has tools on it to help your troubleshoot. Run the following tool to test for connectivity:

C:\Program Files\Research In Motion BlackBerry Enterprise Server\Utility\BBSrpTest.exe

-By default, a user’s deletions on his/her handheld are not synched with Outlook. You either have to set the reconciliation on the handheld or you can set it for all users on the Blackberry server itself. RIM has it set this way by default so users don’t accidentally delete important emails on their handhelds. I never change the default unless the user specifically requests it and I only change it on the Blackberry server itself if the point of contact at the organization approves it.

-Blackberry Professional Software Express (aka BPS, BPSE, replacement for BES Express) does not support HTML rendering yet. Only full blown BES supports it starting with SP6 which was released last year. HTML rendering is a pretty new feature so it will eventually trickle down to Professional. Just make sure the user’s phone is running OS version 4.5 and when they release the SP, it should work just fine.

If you ever run into any issues with your Blackberry Enterprise Server and need some help, just email us at info@irontechsolutions.com.

You have created your own web site (an on line store for example)!
Customers can choose goods, pay for the goods and they will be delivered to the customer’s palce. But! Customers must know about your on line store and visit its web site, so you need advertising. How to promote an on line store? Every on line trader asks himself/herself this question sooner or later. Let’s try to overview some ways of promoting web sites.

Banner advertising.
Sometimes it seems that banners appeared at the same time with the net. Banners is the most widespread kind of advertisement in Internet. What is a banner? A banner is a graphic block of a certain size (468х60, 100х100, 125х125), that bears advertising information. Banners are mostly displayed with the help of banners nets. A banner net allow you to display your banners on the sites of other owners displaying others banners on your own web site. The banner net usually takes a commission percent. But as your site is “young” enough the amount of displaying banners on yoru site won’t be large too. That’s why you will have to buy banners displays at one of the nets.

You should also pay attention to the creation of a banner. As what is a banner on its essence? A banner is very close to a announcement in a newspaper, that’s why a banner must arrest people’s attention at once. Modern Internet technologies allow you to create “live” banners that can forward you to the necessary part of the site or to add sound to your banner. Besides the statistician says that users click more often on banners with animation than on static banners, and of course banners along with the site must be very stylish. In Internet you can find a lot of good pieces of advice how to create banners. Or you can pay money to specialists and they will create banners for your on line business.

There is one more way to promote your web site. These are mailing lists.
Mailing lists have their own advantages over banners.
The first — users sign up for a mailing list on their own will, so there is a big possibility that your mailing list will be read (this can be compared with subscriptions to newspapers)
The second — you can display hidden advertisement in a mailing list in kind of stories about new goods for example (with the link to the goods), field of view of your on line store etc.
The third — in your mailing list you can display banners of any sizes whatever you want.

You also must remember that the information is sent to a user only if the user wants to get this information (when he/she signs up to the mailing list). Do not overload the user with the information otherwise the user will refuse from your mailing lists. If your site offers a wide range of goods. allow your users to choose the category of goods he wants to get information about.

You also shouldn’t forget that many people use Internet for communication. So, visit different forums and chats and leave the address of your store there. Visit all free notice boards and display the information about your store there too.

These days the online technologies have become very popular. The web network is not only a place to entertain but also a space to make money. Whatever the reason is, to be presented in the Internet one needs a site. And it is the time when the question how to plan a website arises. Those who are searching for details on how to build a website, should refer to the Internet itself. There are lots of tutorials on how to plan a website and related topics.

In any way, it wouldn’t be wise not to avail themselves of this opportunity given to us by modern technologies. Google and other search engines, social networks and forums, blogs – all of them could assist to find information on “business plan for website” and similar topics.

So Alex is now passing through and everything seems to be ok but what if it hadn’t turned.  Would your company be ready to act and have everything failed over to your stand by site or would you be running around trying to figure out what to do.  Hurricane season in the south is always exciting for us as we try to get our clients to prepare for possible disasters.  I cant stress enough how important a disaster plan is to businesses not just for hurricane season but being prepared for any disaster.  Below is a basic outline to help let you know if you are ready.  These are the steps the government recommends when preparing this season.

Assess your current plan. Conduct a business impact assessment that prioritizes critical processes for the entire organization. For example, processes that need to resume within 24 hours to prevent serious mission impact, such as essential citizen services, could receive an “A” rating.

Take steps to protect data. Agencies should back up data frequently to ensure that data integrity and applications are not jeopardized.  Agencies should also store multiple copies of data off site, at a remote location, a long distance from the primary data center.

Review power options. Agencies should add uninterrupted power supplies (UPS) to keep the most essential applications running.  In addition, cooling systems should be supported by backup generators. Temperature spikes can cause unplanned interruptions when operations are most critical.

Identify and appoint a cross-functional preparedness team. Create a team to design and test the disaster recovery plan, as well as a recovery team, which will participate in recovery activities after any declared disaster.

Document, test and update. The disaster preparedness plan should include logistical details, including travel to backup sites, and even who has spending authority for emergency needs.  The plan should be tested in an environment that simulates an actual emergency.

Consider telecommunications alternatives. Following Hurricane Katrina, many organizations lost access to reliable telecommunications equipment for days.  Alternative communications vehicles, including wireless phones and satellite phones, should be considered.

Form tight relationships with vendors. Hardware, software, network and service vendors can help expedite recovery, can often ensure priority replacement of telecommunications equipment, personal computers, servers, and network hardware in the event of a disaster.

How IT Managed Services Can Save Small Businesses

Scary times are upon us and the economy seems to be getting worse by the day. Small Businesses make up the backbone of America and many owners are wondering how they will survive. Cutting costs in every way they can and trying to plan everything can get hard and for most helps very little. Small Business doesn’t mean the same thing that it used to; in fact many small businesses conduct their business all over the world. Communication, computer and server function and reliability, and data disaster recovery are major factors in the success of the business world today.

Let’s talk now about IT and how people use it. Let’s say we go and examine a small accounting firm to see what they would use as far as technology. Well chances are you won’t walk in and see a bunch of people with adding machines and notebooks on their desk. What you will probably see is several desktop computers, a fax machine, and a few printers right? What about what programs are on those computers, we will probably see Microsoft Office (Word, Excel, and Outlook) as well as QuickBooks and maybe some other accounting programs. What about the company’s email, do they have their own email, or are they using a web based email client? How are the company’s files backed up in case of a disaster recovery, if they are even backed up at all? Does the company get their email on their phones? Does the company have their own website? What does a company do if they have a workstation that gets a virus? What if the employee who is currently taking care of a company’s workstations and servers is unable to repair the workstation, or they have a computer failure that causes the company to loose valuable data, and the employee just can’t recover it? Who can they call for help?

So what does all this mean? Well those programs need to be supported and so does what they connect to (servers, routers, and switches). So that means that you have to have someone around to keep them running. After all, if you lose a computer or server you might lose a lot of money also. There are many companies that have a single employee that can take care of certain issues concerning the maintenance of individual computers, and even simple server problems. However, this individual is very seldom a certified IT professional, and can not provide the same level of service or information that a certified IT professional is able to. There are often times where a company is not even aware of the potential of their equipment, email, or file sharing abilities. Or even, the security issues that unqualified personnel can create unknowingly.

Well for the past 5 or so years there has been a trend growing in the United States that is really saving SMB’s money while making them more efficient. The term used it called Managed Services which really means Outsourced IT. Companies such as IronTech Solutions provide companies with professional IT management, for less money than a company hiring it’s own IT department employees.

We also have to cover the companies who have no IT support and try to do it themselves. This is very dangerous considering what was mentioned above. To give you an example of what scenarios there are for these businesses let’s say we have a small mortgage company with an email server and a server that holds records for all of the mortgages they have given out over the years. One night the weather gets bad and lightning hits a power transformer outside causing the server to crash. The owner who thought he knew enough to maintain the network had never checked the backups or even tried to back any information up. So now he calls in a company to try to recover the data on the server and get email back up, they tell him they were able to get some of the records back but all of his email is lost. Where does he go now? How much did he lose and how will he recover the data? To get to the point here he probably would have to spend about 3000 dollars to recover as much of the data as he can, plus the down time while employees couldn’t work, not to mention the data he didn’t get back and now can’t.

The point here is that IT should be left to administrators who understand what needs to be done on a daily basis. Managed service companies could have prevented this disaster by having dedicated professionals that are constantly monitoring the environment for situations like this.

IronTech Solutions has the most experienced and highly trained personnel in the industry. IronTech employs personnel that can handle any IT situation from remote care and maintenance of individual workstations and software, all the way to company network design and implementation. Whether your company has an established IT department and is in need of consulting, or if your company is in need of IT monitoring and establishment, Irontech solutions can help your company become up to date in the technology of today, and keep your company current with software and technological advances in the future.