Welcome to Port3101.org : Your BES Connection Mark forums read | View Forum Leaders
Port3101.org : Your BES Connection



Reply
LinkBack (1) Thread Tools Display Modes
KB17711 - Setting up Microsoft OCS 2007 with BES 4.1 SP6
 
  1 links from elsewhere to this Post. Click to view. #1 (permalink)  
Old 06-16-2009, 09:43 PM
hdawg's Avatar
Proprietor
 
Join Date: Nov 2008
Posts: 2,257
Blog Entries: 147
Default KB17711 - Setting up Microsoft OCS 2007 with BES 4.1 SP6

KB17711 - Setting up Microsoft Office Communications Server 2007 with BlackBerry Enterprise Server 4.1 SP6


Environment

  • BlackBerry® Enterprise Server version 4.1 SP6 for Microsoft® Exchange
  • Microsoft® Office Communications Server 2007



Overview

This article provides a brief overview of the actions needed to connect the Microsoft Office Communications Server 2007 and the BlackBerry Enterprise Server, it assumes that Microsoft Office Communications Server 2007 is currently installed and running with the environment and that the Microsoft® Internet Information Server has been setup to support Kerberos™ authentication.
This articles covers the following:
  1. Installing a Microsoft® Communicator Web Access 2007 Virtual Server.
  2. Configuring the MDSlogin.conf and krb5.conf files.

Installing a Microsoft Communicator Web Access 2007 Virtual Server

  1. Expand Microsoft Office Communicator Web Access Manager.
  2. Right-click the server and then select Create Virtual Web Server.
  3. In the Wizard, select the following options:
    • Internal (The BES only supports internal server types)
    • Use Built-in Authentication
    • Forms-based and integrated (NTLM/Kerberos) authentication
    • HTTP or HTTPS (select based on your preferences)
    • Machine IP and Port to use
    • Provide the virtual server a name

Configuring the MDSlogin.conf and krb5.conf files
Task 1 - Configure the MDSLogin.conf file to include your domain name
  1. On the BlackBerry Enterprise Server navigate to C:\Program Files\Research In Motion\BlackBerry Enterprise Server\BBIM\Servers\servername\config.
  2. Open the MDSLogin.conf file in a text editor.
  3. Edit the MDS_Default section by replacing COMPANY.COM with your domain name.
  4. Save and close the file.
Task 2 - Configure the krb5.conf file to include details relevant to your specific Microsoft® Active Directory® environment
  1. On the BlackBerry Enterprise Server navigate to C:\Program Files\Research In Motion\BlackBerry Enterprise Server\BBIM\Servers\servername\config.
  2. Open the krb5.conf file in a text editor.
  3. The default sections and entries contained within this file are as follows:
[libdefaults]
default_tkt_enctypes = des-cbc-md5 ; or des-cbc-crc
default_tgs_enctypes = des-cbc-md5 ; or des-cbc-crc
[realms]
# change COMPANY.COM to your Kerberos realm
# change KDC:88 to the hostnameort of KDC
COMPANY.COM = {kdc = KDC:88}
Note: At a minimum the COMPANY.COM should be replaced with your domain name.
The KDC:88 entry may need to be replaced with the fully qualified domain name (FQDN) of the KDC within your Microsoft Active Directory environment and port number (if changed from the default of 88). However, your Domain Name System (DNS) infrastructure should provide the required server details when queried.




Additional Information

Kerberos is an authentication system developed at the Massachusetts Institute of Technology (MIT). Dependent on the complexity of your Microsoft Active Directory environment, further sections and entries may be required within the krb5.conf file. For full details of what should be contained in possible sections and entries, see the MIT web site.
In large, complex Microsoft Active Directory environments, multiple realms sections may be required for your computer to be able to communicate with the KDC for each realm. The tag must be given a value in each realm subsection in the configuration file, or there must be valid DNS SRV records specifying the KDCs. However, the [libdefaults] section may require a default realm entry which identifies the default Kerberos realm for the BlackBerry Enterprise Server.
Also, the session key encryption types that are set as default in the krb5.conf file that is installed during the BlackBerry Enterprise Server installation, are contained under the [libdefaults] section:

[libdefaults]
default_tkt_enctypes = des-cbc-md5 ; or des-cbc-crc
default_tgs_enctypes = des-cbc-md5 ; or des-cbc-crc
From the MIT web site the definition of these encryption types are as follows:
des-cbc-md5 = DES cbc mode with RSA-MD5
des-cbc-crc = DES cbc mode with CRC-32
Note: The additional session key encryption key types may be required within the krb5.conf file if your environment supports or require additional key types. See the following web site for more details: JGSS Security Enhancement List
For instance starting from Java® Platform, Standard Edition (Java SE) 6, support for RC4-HMAC encryption type in Java GSS/Kerberos is available, therefore this encryption type can be added to the krb5.conf under the [libdefaults] section:
[libdefaults]
default_tkt_enctypes = des-cbc-md5 ; or des-cbc-crc; or rc4-hmac
default_tgs_enctypes = des-cbc-md5 ; or des-cbc-crc or rc4-hmac
__________________
http://blog.port3101.org/hdawg/
Reply With Quote
Sponsored Links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On


LinkBacks (?)
LinkBack to this Thread: http://www.port3101.org/featured-blackberry-kb-articles/1319-kb17711-setting-up-microsoft-ocs-2007-bes-4-1-sp6.html
Posted By For Type Date
OCS and krb5.conf file This thread Refback 05-21-2010 03:11 AM

Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting Permissions in Microsoft Exchange 2007 Si BlackBerry Server FAQ 4 07-06-2010 10:53 AM
KB13268 - How to migrate from Microsoft Exchange Server 5.5 to 2007 hdawg Featured BlackBerry KB Articles 1 09-20-2009 04:48 PM
KB16032 - Unable to log in to Microsoft OC 2007 on the BlackBerry smartphone Si Featured BlackBerry KB Articles 1 06-22-2009 08:40 PM
KB17757 - BBIM is not functional with Microsoft OCS 2007 R2 hdawg Featured BlackBerry KB Articles 0 04-21-2009 11:01 AM
BES Prerequisites Thread for Microsoft Exchange 2007 Si BlackBerry Server FAQ 6 03-21-2009 01:31 PM


All times are GMT -4. The time now is 10:35 PM.
Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2019, vBulletin Solutions, Inc.


 

SEO by vBSEO 3.3.2 PL2