We experienced some troubles when we tried to migrate our Exchange/BES environment from Exchange 2007 with segregated GAL with BES 5.0.2 to Exchange 2010 with segregated GAL with BES 5.0.2. When you move the besadmin mailbox to Exchange 2010 the besadmin user can not see the users in your environment because the GAL for the besadmin account is empty. Hence your Blackberry server stops working and you have a bunch of angry users calling and demanding that you restore their Blackberry service.
The solution is a rather simple one. You can configure your Blackberry Server to search for the users on your AD server using the LDAP protocol. That way you can add new users to your Blackberry Server or check that everything is right with the permissions using the famous IEMSTEST tool.
Here’s instructions for x86 and x64 processor machines:
Customize the address lookup function
1. At the command prompt, type regedit.
2. In the left pane, browse to HKEY_LOCAL_MACHINESoftwareResearch In MotionBlackBerry Enterprise ServerAgents for x86, or for x64 HKEY_LOCAL_MACHINESOFTWAREWow6432NodeResearch In MotionBlackberry Enterprise ServerAgents.
3. Verify that the value of the AllowAddressLookup DWORD value is set to 1.
4. Create a DWORD value called HostedServer.
5. Set the value to 1.
6. On the computer on which the BlackBerry Enterprise Server is installed, in the Services window, restart the BlackBerry Controller service.
Use LDAP for address lookup
1. At the command prompt, type regedit.
2. In the left pane, browse to HKEY_LOCAL_MACHINESoftwareResearch In MotionBlackBerry Enterprise ServerAgents for x86, or for x64 HKEY_LOCAL_MACHINESOFTWAREWow6432NodeResearch In MotionBlackberry Enterprise ServerAgents.
3. Create a DWORD value called LDAPSearch.
4. Set the value to 1.
5. Create a DWORD value called LDAPALPSearch.
6. Set the value to 1.
7. On the computer on which the BlackBerry Enterprise Server is installed, in the Services window, restart the BlackBerry Controller service.
Create a custom field for LDAP address lookup
1. At the command prompt, type regedit.
2. In the left pane, browse to HKEY_LOCAL_MACHINESoftwareResearch In MotionBlackBerry Enterprise ServerAgents for x86, or for x64 HKEY_LOCAL_MACHINESOFTWAREWow6432NodeResearch In MotionBlackberry Enterprise ServerAgents.
3. Create a String value called LDAPCompanyField.
4. Set the value to a string that represents the LDAP field that you want to use as the company name field.
5. On the computer on which the BlackBerry Enterprise Server is installed, in the Services window, restart the BlackBerry Controller service.
You have to do all three changes so that everything works perfect on your BES.
Hope that you find this helpful.