So you created a new Exchange 2010 Mailbox Database but all mailbox users you move to or create in this database cannot send or receive mail on their Blackberry device? Permissions, permissions, permissions…
We came across this problem in our Microsoft Exchange 2010 environment. We are part way through migrating from Exchange 2003 to Exchange 2010. We created a new mailbox database to move some remaining service accounts into which included an account used for one of our “support” blackberry devices.
Permissions, permissions, permissions. We found, after running IEMSTest.exe (C:\Program Files (x86)\Research In Motion\BlackBerry Enterprise Server\Utility) – more details here) that access was denied when interrogating the users mailbox with the BES service account. As per the Blackberry KB here we needed to add permissions on the new mailbox database for our BES Admin service account.
In your Exchange 2010 environment, you can use the following powershell command to assign the correct permissions for your BES service account. In this example, we shall assume your BES service account is called “BESAdmin” and your mailbox database is called “mynewdb”
1 |
Get-MailboxDatabase -Identity "MyNewDB" | Add-ADPermission -User "BESAdmin" -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin, ms-Exch-Store-Visible |
That’s it. In the words of Justin Timberlake, mail should now start to “flow like a river”.
IEMSTest.exe is your first stop to diagnosing any mailbox access issues for a Blackberry device. This article may be useful for anyone having similar issues with other BYOD mail solutions where a proxy account is used to send and receive mail for the user.
Hope this helps.
My wife pointed out it is “cry me a river” not “flow like a river” I guess we all know our strengths and weaknesses. Lol.