|
The BlackBerry Enterprise Activation process is designed to allow a BlackBerry smartphone to be wirelessly activated on the BlackBerry Enterprise Server. With this process, you can wirelessly manage encryption keys and service book records. Pre-requisites for enterprise activationBefore setting up a BlackBerry Enterprise Activation process, you verify that the following pre-requisites are met: - The service provider has provisioned the assigned SIM card with the BlackBerry Enterprise Server service class.
- The user account is added to the BlackBerry Enterprise Server.
- The BlackBerry Enterprise Server is correctly configured to access the user's mailbox.
- An activation password is set for the BlackBerry user account.
Once the conditions listed above are met, the BlackBerry Enterprise Server monitors the mailbox for new messages, including the ETP.DAT activation message that will be sent from the BlackBerry smartphone. Smartphone Activation
The following scenario outlines the steps used to prepare for a wireless enterprise activation process: - A BlackBerry user receives a new BlackBerry smartphone, and contacts you to activate it.
- You set the Enterprise Activation password on the BlackBerry user’s account and communicate it to the user.
During this period, between the setting of the user's activation password and the user actually activating the smartphone, the account status is Initializing. Stages of the BlackBerry Enterprise Activation process THis is an overview of the four phases of the BlackBerry Enterprise Activation Process. Phase 1 - Activation - The user types their email address and activation password in the Enterprise Activation application on the BlackBerry smartphone.
- The BlackBerry smartphone creates an encrypted activation message containing an ETP.DAT file and sends it, via the wireless network, to the user's mailbox.
The ETP.DAT message contains information about the BlackBerry smartphone such as PIN Number, routing information and the BlackBerry smartphones’s public keys for activation.
- The ETP.DAT message is routed through the BlackBerry Infrastructure to the user's mailbox as a standard SMTP message with an encrypted attachment.
- When the ETP.DAT message is received, and the BlackBerry Enterprise Server retrieves it, the BlackBerry user displays a status of Activating.
Phase 2 - Encryption verification - When the ETP.DAT message arrives at the messaging server, the BlackBerry Messaging Agent checks the message contents.
- The BlackBerry Enterprise Server processes the data attached to the message, first verifying that the encrypted password matches the one that was set for the user. If it matches, the BlackBerry Messaging Agent generates a new permanent encryption key using either Triple Data Encryption Standard (Triple DES) or Advanced Encryption Standard (AES), and sends it to the BlackBerry BlackBerry smartphone.
- The BlackBerry device displays a status of Verifying Encryption.
Phase 3 - Receiving services - The BlackBerry Enterprise Server and the BlackBerry smartphone establish a master encryption key. The BlackBerry smartphone and the BlackBerry Enterprise Server verify this master encryption key with each other.
- The BlackBerry smartphone stores the new encryption key and displays the following message:
Encryption Verified. Waiting for Services.
- The BlackBerry Messaging Agent forwards a request to the BlackBerry Policy Service to generate the service books.
- The BlackBerry Policy Service receives and queues the request, and then sends the defined IT policy to the BlackBerry smartphone.
- The BlackBerry smartphone registers that the policy has been applied successfully.
- The BlackBerry Policy Service generates and sends the service books to the BlackBerry smartphone, which is now able to send/receive messages, and displays the Services Received message.
- The BlackBerry device then displays the following message:
Your email address, <
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
> is now enabled.
Synchronization service Desktop [SRP_Identifier]
Phase 4 - Synchronization - Once the [CMIME] service book has arrived, the BlackBerry smartphone will be able to reconcile messages with the user's email account. All the service books should arrive at the same time, but only the [CMIME] is required for email reconciliation.
- The BlackBerry smartphone registers the receipt of its service books to the BlackBerry Enterprise Server and the activation process completes. The message Activation Complete is shown.
- The synchronization process begins with a BlackBerry smartphone request, synchronizing data from the calendar first (using the [CICAL] service book), and then the other organizer databases.
- For wireless synchronization to occur, the Desktop [SYNC] service book is sent to the BlackBerry device.
The [SYNC] service book allows for organizer data synchronization, wireless backup and restore capability, and synchronization of email settings and filters.
The process is managed by the BlackBerry Messaging Agent for the Calendar, and the BlackBerry Synchronization Service for the remaining organizer databases.
- The appropriate service books and IT Policies are sent from the BlackBerry Enterprise Server to the BlackBerry smartphone. The user is now able to send and receive email messages on the BlackBerry smartphone.
- If the user is configured for wireless organizer data synchronization and wireless backup, the BlackBerry Enterprise Server will send the following data to the BlackBerry device:
* Calendar entries
* Address Book entries
* Tasks
* Memos
* Email messages
* Existing BlackBerry device options that were backed up through automatic wireless backup
When the enterprise activation process is complete, the BlackBerry device displays a status of Activation Complete.
For further information on the role of ETP.DAT file, please see this article .
|
