Monday, January 19, 2009

Exchange 2007 - Blackberry Enterprise Server (BES) Setup

Here are a couple things I had to do to get the Blackberry Enterprise Server (BES) running with Exchange 2007. This stuff wasn't clear in the install guide. Especially number 1 below.

1. Give the BESAdmin account permission on my exchange databases. I had to do it on all of our databases. Here's the command for Database07

add-adpermission -user BESAdmin –identity “Database07” -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

2. Give the BESAdmin account extended rights

Add-ADPermission -Identity "BESAdmin" -User "BESAdmin" -AccessRights GenericRead,GenericWrite,ExtendedRight -extendedrights Send-As,Receive-As,Receive-As,ms-Exch-Store-Admin

3. Add the BESAdmin to the Exchange View Only Administrators Group in Active Directory.
Posted by No comments:
Labels: , , ,

Sunday, January 18, 2009

Powershell: Exchange 2007 - BES - Blackberry Enterprise Server

Here a quick little snippet from a script I run when setting up users for our BES (Blackberry Enterprise Server) environment with Exchange 2007. Essentially, the script is just giving the BESAdmin account Send-As permission on the AD Account. You could do this on your entire User OU in the domain, but for security purposes we've decided to only set the permission for the Blackberry users.

# Open the File of User Names and Put it in the Pipeline
$import = Import-Csv "NewBlackBerryAccounts.txt"
$domain = "mydomain.com"

# Loop Through the CSV File, creating accounts
$import | Foreach {
   # Set Vars
   $StrUserName = $_.Username

   $user = get-qaduser $StrUserName@$domain
   if($user) {
      $dn = $user.DN
      Add-ADPermission -Identity $dn -User 'mydomain\BESAdmin' -ExtendedRights 'Send-as'
   } else {
      write-host Username $_.Username not found
   }
}
Posted by No comments:
Labels: , , ,
Subscribe to: Posts (Atom)