Random thoughts from an unusual company

Turtle Partnership Blog

    A Mixed Bag Of BES 5.0 - Lessons From An Install

    Gabriella Davis  June 18 2009 05:52:33 PM
    So i'm late to the party on BES 5.0 but I'm afraid I have a rule to not install anything until I've read the documentation.  In the case of BES 5.0 that was 12 - count them - separate multi hundred page PDFs.  Eventually they wore me down and I felt that I had 'enough' of a handle on BES to go ahead and upgrade our small test server which only has 7 users on it.   Today I upgraded that install with 2 security patches (7th April and the replacement from 20th April) and the MR1 fixpack.

    So far a lot of not good and not a lot of good.  Firstly the hardware requirement for BES 5.0 is probably above what many companies are running their existing servers on.  The install alone requires 2.5GB of free space and the requirements for the servers are obviously heavier than for Domino standalone (although credit to RIM it's nice they have documented the hardware specs for different kinds of load in their admin guide).

    BlackBerry Enterprise Server that
    supports up to 200 users
    • Two processors, 2.0 GHz Intel® Xeon®
    • 3 GB of memory
    • 2 drives, RAID 1     		BlackBerry Enterprise Server that
    supports up to 500 users
    • Two processors, 2.8 GHz Intel Xeon
    • 3 GB of memory
    • 2 drives, RAID 1 or 4 drives, RAID 1+0     		BlackBerry Enterprise Server that
    supports up to 1000 users
    • One processors, 3.0 GHz Intel Xeon 5100 Series (Dual Core) or two processors,
    1.6 GHz Intel Xeon 5100 Series (Dual Core)
    • 4 GB of memory
    • 4 drives, RAID 1+0     		BlackBerry Enterprise Server that
    supports up to 2000 users
    • 64-bit operating system recommended
    • Single processor, 2.83 GHz Intel Xeon 5400 Series (Quad Core) or two
    processors, 3.0 GHz Intel Xeon 5100 Series (Dual Core)
    • 4 GB of memory
    • 6 or 8 drives, RAID 1+0


    Now let's look at a few things that AREN'T supported

    DMZ The BlackBerry® Enterprise Server and BlackBerry Enterprise Server components, with the exception of the BlackBerry Router, do not support installation in a DMZ.
    This was always true for Exchange due to the port mappings required but now it's documented as unsupported for Domino explicitly

    Email application The BlackBerry Enterprise Server and BlackBerry Enterprise Server components do not support the installation of email applications on the same computer.  
    So for all those SMBs who were using their Domino server for both mail and BES, you're out of luck.

    IBM® DB2® UDB The BlackBerry Enterprise Server version 5.0 and BlackBerry Enterprise Server components do not support IBM DB2 UDB. Support for IBM DB2 UDB is planned for a future release.

    BlackBerry database notification system The BlackBerry database notification system does not support installation on a computer that runs Windows Server® 2008.
    Since you can now install each of the Blackberry server components on different boxes you can install the majority of the Blackberry services on Windows 2008, just not the notification system.

    Onto the install which was reasonably painless however once installed you'll find there is longer a Blackberry Manager tool instead they have replaced it with a particularly ugly and clunky browser tool. No I misspeak.  They have replaced it with 4 ugly and clunky browser tools (see screenshot below)

    Image:A Mixed Bag Of BES 5.0 - Lessons From An Install 

    Now I understand wanting to move to a browser management interface, easier to use from more client platforms in theory.  Sadly this one is only supported by IE6 with Javascript enabled.  Fantastic for those of us on a Mac. I can only hope they are going to extend the supported browser clients to Firefox at least in the near future.   So I upgrade to BES 5.0 and all looks fine.  No errors.  All services started.  I can login via my IE6 web browser through my Windows VM (I'm going to keep finding that annoying) - but no mail.  I can see the mail attempting to route but it doesn't send to RIM.  Usually that's the fault of the Blackberry Dispatcher service not running but that looks fine.  So I check the connectivity to RIM although nothing has changed on the server since 4.1.6 and sure enough bbsrptest to both srp.eu.blackberry.net and srp.uk.blackberry.net work fine.  

    Now I'm stuck

    So I start looking around at the event log and in the Admin client.  In the event log I can see failures from the dispatcher saying "cannot connect to localhost on 127.0.0.1".  Weird.  So I start looking for anywhere that references localhost because in my installs I never use that as a setting anywhere.  Eventually I find this buried menu item (clear as a bell)

    Image:A Mixed Bag Of BES 5.0 - Lessons From An Install

    and under that a page that said "localhost" under srp address. Where it got that from I have no idea and why it decided to use that as a srp address I can't imagine but I corrected it as shown below and the Dispatcher was happy again.  Mail was now flowing and I could breathe once more.

    Image:A Mixed Bag Of BES 5.0 - Lessons From An Install

    So I now had a BES server upgraded to 5.0 that appeared to work.  Onto the clients!

    Client Desktop Manager
    RIM have replaced the Desktop Manager install with a new - you guessed it - web based desktop manager.  Now I quite like this as installing DM on client machines is a pain.  The new client interface allows the admin to let the user do their own backups, set their own activation passwords and even resend themselves service books as well as control their filters, multiple address books for syncing and email redirection settings.  It's a very nice interface to be honest, my only issue is that to login to it you have 3 options
    1. Create each user a BB account (name and login) in the BES Admin interface under their name
    2. Use LDAP to authenticate against Active Directory although this seems more appropriate for an Exchange environment since in most Domino environments the name mapping from AD to Domino name doesn't exist
    3. Turn on DIIOP on the BES or another Domino server and use that to authenticate each user into their BB account using their Domino name and HTTP password

    For some reason on 2 of the accounts which worked beautifully on the same server for pure Domino login, the DIIOP login refused to work and I had to create Blackberry login accounts in the web administration client for each of them.  That needs some testing.

    So it's a start.  I"m not impressed with the admin interface or the fact that it's IE6 only.  I'm concerned on the reliability of DIIOP for the logins and I'd like the AD option to not even be there in a Domino environment so user's aren't 'tempted to click it.  BUT I'm very excited by the screenshot below which brings us DR on the Blackberry for the first time.  More reading and experimentation to come but I"m keeping customers well away for the time being.

    Image:A Mixed Bag Of BES 5.0 - Lessons From An Install




    Comments

    1Tim Lorge  6/19/2009 4:13:08 AM  A Mixed Bag Of BES 5.0 - Lessons From An Install

    So, all in all, no compelling reason to upgrade?

    2Gab Davis  6/19/2009 11:11:22 AM  A Mixed Bag Of BES 5.0 - Lessons From An Install

    Currently I'd say no - no need to rush to upgrade. In 6 months time you will probably hear me say different, once the product has bedded in and I feel confident enough in the infrastructure to implement the DR.

    Right now I'd recommend reading up on all the BES documentation on the new admin interface and upgrade plans and preparing for upgrade in the future.

    Then again I may find something miraculous tomorrow.......but not so far.

    3Julie Lothrop  6/19/2009 11:44:26 PM  A Mixed Bag Of BES 5.0 - Lessons From An Install

    Have you played with the customizable security roles? Between the HA and the Roles, I am itching to get upgraded!!!!

    Great feedback! Thanks for taking the time to post this!

    4Craig Wiseman  6/20/2009 9:11:22 PM  A Mixed Bag Of BES 5.0 - Lessons From An Install

    Agreed - thanks for posting this!

    I have quite a few customers with the "one Domino server with BES 4" set up. Guess I need to go read the docs and see how to split that up with minimal disruption.....

    5David Schaffer  6/25/2009 5:58:20 PM  Lessons From An Install -- not for small shops

    Thank you for this.

    The requirements seem pretty steep for small installations. I have a BES serving 25 users running Domino 8.5 and BES 4.1.6 on a machine with a single P4 processor and two disks with no RAID (Windows 2003). We've never seen any lags in mail delivery or other performance issues.

    6Gab Davis  6/26/2009 9:24:31 PM  A Mixed Bag Of BES 5.0 - Lessons From An Install

    @5 - Yes installing the BES on a Domino server also serving mail etc for a SMB was pretty standard but the new 5.0 install is considerably bigger and with significantly more processes hence the increased spec.

    7Chris Hudson  6/30/2009 8:57:40 AM  A Mixed Bag Of BES 5.0 - Lessons From An Install

    Hmmm... I'm just about to start building a new BES 5.0 infrastructure [currently running 4.1.6]. And I was planning to put the router AND the attachment service on their own servers wthin the DMZ. [DSD requirements]. May have to re-examine that a little... Thanks for the heads up.

    8Chris Hudson  6/30/2009 8:59:42 AM  A Mixed Bag Of BES 5.0 - Lessons From An Install

    ... Oh and I forgot to mention... My servers are being built as virtual hosts running on ESX, so it's going to be interesting to see how the hardware reqs pan out.