[isalist] Re: Blackberry, OWA2007, and ISA2006

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Sat, 19 Jan 2008 12:06:14 -0600

Have you tried basic auth on the listener, and basic auth at the
Exchange Server, and then delegation of basic credentials?
 
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- Microsoft Firewalls (ISA)

 


________________________________

        From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan
        Sent: Friday, January 18, 2008 12:47 PM
        To: 'isalist@xxxxxxxxxxxxx'
        Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006
        
        

        Yep, we went over all the options before we agreed to let them
use the Blackberry.   We also told them that if they couldn't get it
working with OWA then they might as well cancel their service, as we
won't be spending $4000+ for another server for two-three people to use.

         

        There are some subtle changes with Exchange 2007 OWA that seem
to be confusing the Blackberry servers...   For example, with OWA 2003
it would access the mailbox with this URL:
https://owa.domain.com/exchange/username.  But, with 2007, that URL no
longer works.  I initially thought it was
https://owa.domain.com/owa/username, but that URL does not work either.
I'm thinking it might be https://owa.domain.com/owa/username@xxxxxxxxxx,
but I cannot get that working either.

         

        Like I said, their tech support claims it will simply will not
work with the ISA server involved, and they've had about a 60% success
ratio with other firewalls.

         

         

        From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jerry Young
        Sent: Friday, January 18, 2008 1:11 PM
        To: isalist@xxxxxxxxxxxxx
        Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006

         

        Dan,

         

        There are several ways to get corporate email to a BlackBerry
handheld.

         

        In the enterprise, the most common method is to purchase a
BlackBerry Enterprise Server (BES).  A user is created on the BES box,
which points to a mailbox on an Exchange server. A service account for
BES is used to access the users mailbox and send updates via TCP port
3101 (to na.srp.blackberry.net in the States) to the user's handheld.
Updates generally include complete PIM data (Inbox, Calendar, Contacts,
Notes, Tasks) - wireless synchronization.  The information is pulled via
a MAPI (a lot of them - 10/user is a good start) connection handled by
the BES service account, which needs Send As permissions to the mailbox
in addition to other Exchange permissions, and then routed to the
handheld via the carrier network after reaching the RIM box mentioned
earlier. 

         

        Another means is to use the BlackBerry Internet Service (BIS -
gets confusing, I know!) offered by the carrier.  This is just a web
page that the user can access to configure BIS to pull email from
different accounts.  To my knowledge, the only data that can be
"synched" is email; no Calendar, Contacts, Notes, or Tasks
synchronization.  This service allows several means of contacting mail
servers - POP, IMAP, and OWA (HTTP).  My guess is, based on your
description, this is what your users are using and what they probably
need to have updated to point to the correct page - this is a user
function, though, and not something an admin would do unless the user
and admin were *really, really* friendly. 

         

        A third method is to use the BlackBerry Desktop Redirector.
This is a "poor man's" version of BES.  A program sits on the user's
workstation and monitors the Outlook profile's mailbox.  Changes made to
the mailbox are then forwarded to the handheld, although, I'm not sure
if by the same destination/port.  This requires, however, that the
user's workstation is on all the time and connected to the Exchange
server at all times.  When the BlackBerry Desktop Redirector isn't
running, no magic happens. 

         

        The final method - and one I hate to try using because of the
silly browsers on BlackBerry handhelds - is to access web mail and acces
your mailbox via a web page.  This will almost always requires JScript
to be enabled on the device and as others have reported, is spotty at
best. 

         

        Honestly, I think the only thing that needs to happen is that
the users update the URL used to pull mail from OWA via their BIS
accounts.

         

        I hope this helps.  If you have any other questions about
BES/BlackBerry, let me know... I'm fairly familiar with the technology.

         

        I am an independent contractor now so ah... ;)  Yeah. :D

        On Jan 18, 2008 12:40 PM, Ball, Dan <DBall@xxxxxxxxxxx> wrote:

        Figures... We have 2 users...

         

        From: isalist-bounce@xxxxxxxxxxxxx [mailto:
isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx> ] On
Behalf Of Steve Moffat
        Sent: Friday, January 18, 2008 12:16 PM 

        
        To: ISA Mailing List
        Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006

         

        Get a bes server...you'll never go back. Free for 1 user....

         

        S

         

        From: isalist-bounce@xxxxxxxxxxxxx [mailto:
isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx> ] On
Behalf Of Ball, Dan
        Sent: Friday, January 18, 2008 1:13 PM
        To: ISA Mailing List
        Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006

         

        No, I don't have a BES.  Blackberry servers actually log into
Outlook Web Access and do all their work through there.  I had it
working with Exchange 2003 and ISA2006, but when I upgraded to Exchange
2007 it no longer works. 

         

        From: isalist-bounce@xxxxxxxxxxxxx [mailto:
isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx> ] On
Behalf Of Thor (Hammer of God)
        Sent: Friday, January 18, 2008 11:47 AM
        To: isalist@xxxxxxxxxxxxx
        Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006

         

        What do you mean "working with outlook web access 2007"  - what
exact config are you using?  You don't have BES?

         

        t

         

        From: isalist-bounce@xxxxxxxxxxxxx [mailto:
isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx> ] On
Behalf Of Ball, Dan
        Sent: Friday, January 18, 2008 8:36 AM
        To: 'isalist@xxxxxxxxxxxxx'
        Subject: [isalist] Blackberry, OWA2007, and ISA2006

         

        Has anyone gotten a Blackberry working with Outlook Web Access
2007 through ISA2006?  Blackberry tech support is claiming that it will
not work at all, and is currently not supporting that configuration.

         

         

         

        
        
        
        -- 
        Cordially yours,
        Jerry G. Young II
        Microsoft Certified Systems Engineer

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2008