[isalist] Re: Blackberry, OWA2007, and ISA2006

  • From: "Ball, Dan" <DBall@xxxxxxxxxxx>
  • To: "'isalist@xxxxxxxxxxxxx'" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 21 Jan 2008 09:51:50 -0500

Yep, tried that...

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Thomas W Shinder
Sent: Saturday, January 19, 2008 1:06 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006

Have you tried basic auth on the listener, and basic auth at the Exchange 
Server, and then delegation of basic credentials?


Thomas W Shinder, M.D.
Site: www.isaserver.org<http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)


________________________________
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Ball, Dan
Sent: Friday, January 18, 2008 12:47 PM
To: 'isalist@xxxxxxxxxxxxx'
Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006
Yep, we went over all the options before we agreed to let them use the 
Blackberry.   We also told them that if they couldn't get it working with OWA 
then they might as well cancel their service, as we won't be spending $4000+ 
for another server for two-three people to use.

There are some subtle changes with Exchange 2007 OWA that seem to be confusing 
the Blackberry servers...   For example, with OWA 2003 it would access the 
mailbox with this URL: https://owa.domain.com/exchange/username.  But, with 
2007, that URL no longer works.  I initially thought it was 
https://owa.domain.com/owa/username, but that URL does not work either.  I'm 
thinking it might be https://owa.domain.com/owa/username@xxxxxxxxxx, but I 
cannot get that working either.

Like I said, their tech support claims it will simply will not work with the 
ISA server involved, and they've had about a 60% success ratio with other 
firewalls.


From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jerry Young
Sent: Friday, January 18, 2008 1:11 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006

Dan,

There are several ways to get corporate email to a BlackBerry handheld.

In the enterprise, the most common method is to purchase a BlackBerry 
Enterprise Server (BES).  A user is created on the BES box, which points to a 
mailbox on an Exchange server. A service account for BES is used to access the 
users mailbox and send updates via TCP port 3101 (to 
na.srp.blackberry.net<http://na.srp.blackberry.net> in the States) to the 
user's handheld.  Updates generally include complete PIM data (Inbox, Calendar, 
Contacts, Notes, Tasks) - wireless synchronization.  The information is pulled 
via a MAPI (a lot of them - 10/user is a good start) connection handled by the 
BES service account, which needs Send As permissions to the mailbox in addition 
to other Exchange permissions, and then routed to the handheld via the carrier 
network after reaching the RIM box mentioned earlier.

Another means is to use the BlackBerry Internet Service (BIS - gets confusing, 
I know!) offered by the carrier.  This is just a web page that the user can 
access to configure BIS to pull email from different accounts.  To my 
knowledge, the only data that can be "synched" is email; no Calendar, Contacts, 
Notes, or Tasks synchronization.  This service allows several means of 
contacting mail servers - POP, IMAP, and OWA (HTTP).  My guess is, based on 
your description, this is what your users are using and what they probably need 
to have updated to point to the correct page - this is a user function, though, 
and not something an admin would do unless the user and admin were *really, 
really* friendly.

A third method is to use the BlackBerry Desktop Redirector.  This is a "poor 
man's" version of BES.  A program sits on the user's workstation and monitors 
the Outlook profile's mailbox.  Changes made to the mailbox are then forwarded 
to the handheld, although, I'm not sure if by the same destination/port.  This 
requires, however, that the user's workstation is on all the time and connected 
to the Exchange server at all times.  When the BlackBerry Desktop Redirector 
isn't running, no magic happens.

The final method - and one I hate to try using because of the silly browsers on 
BlackBerry handhelds - is to access web mail and acces your mailbox via a web 
page.  This will almost always requires JScript to be enabled on the device and 
as others have reported, is spotty at best.

Honestly, I think the only thing that needs to happen is that the users update 
the URL used to pull mail from OWA via their BIS accounts.

I hope this helps.  If you have any other questions about BES/BlackBerry, let 
me know... I'm fairly familiar with the technology.

I am an independent contractor now so ah... ;)  Yeah. :D
On Jan 18, 2008 12:40 PM, Ball, Dan 
<DBall@xxxxxxxxxxx<mailto:DBall@xxxxxxxxxxx>> wrote:

Figures... We have 2 users...



From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> 
[mailto: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On 
Behalf Of Steve Moffat
Sent: Friday, January 18, 2008 12:16 PM

To: ISA Mailing List
Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006



Get a bes server...you'll never go back. Free for 1 user....



S



From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> 
[mailto: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On 
Behalf Of Ball, Dan
Sent: Friday, January 18, 2008 1:13 PM
To: ISA Mailing List
Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006



No, I don't have a BES.  Blackberry servers actually log into Outlook Web 
Access and do all their work through there.  I had it working with Exchange 
2003 and ISA2006, but when I upgraded to Exchange 2007 it no longer works.



From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> 
[mailto: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On 
Behalf Of Thor (Hammer of God)
Sent: Friday, January 18, 2008 11:47 AM
To: isalist@xxxxxxxxxxxxx<mailto:isalist@xxxxxxxxxxxxx>
Subject: [isalist] Re: Blackberry, OWA2007, and ISA2006



What do you mean "working with outlook web access 2007"  - what exact config 
are you using?  You don't have BES?



t



From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> 
[mailto: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On 
Behalf Of Ball, Dan
Sent: Friday, January 18, 2008 8:36 AM
To: 'isalist@xxxxxxxxxxxxx<mailto:isalist@xxxxxxxxxxxxx>'
Subject: [isalist] Blackberry, OWA2007, and ISA2006



Has anyone gotten a Blackberry working with Outlook Web Access 2007 through 
ISA2006?  Blackberry tech support is claiming that it will not work at all, and 
is currently not supporting that configuration.









--
Cordially yours,
Jerry G. Young II
Microsoft Certified Systems Engineer

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2008