IT Policy Error Status
Saturday, 02 May 2009

IT policy keys are read from the GlobalSettings table in the configuration database each time the BlackBerry Policy Service needs to sign a policy. These keys let the BlackBerry smartphone confirm that the policy key came from its database.

The ServerConfigHistory table keeps a history of policy key changes, but it is periodically updated by a Structured Query Language (SQL) script that removes the oldest entries in the table after a specified number of days. Therefore, a query of the database does not recover a complete history of changes. Additionally, the ServerConfigHistory does not archive the previous versions of the policy key; it only records the current version.

Overview

When the BlackBerry Enterprise Server cannot access the active IT policy key, only users with the current policy key are able to receive IT Policies and applications on their BlackBerry smartphones.

Cause

During routine operations, the BlackBerry Enterprise Server references the active IT policy key in the SQL configuration database to confirm its authenticity. If it is unable to communicate with the configuration database, it generates a new policy key.

Note: This issue should occur infrequently, because when the Policy service fails to read the keys, it attempts to commit a new key to the database within a short period of time.

If running Microsoft SQL Server 2000, complete the following steps to confirm the policy key change:

  1. Open the SQL Query Analyzer.

  2. Connect to the SQL Server hosting the BESMgmt database (where BESMgmt is the default name).

  3. Select the BESMgmt database in the left pane.

  4. Type the following query in the top pane, and click Run:
    SELECT * FROM ServerConfigHistory WHERE Details='PolicyPublicKey,PolicyPrivateKey'
  5. If any entries are returned from this query, note the ChangeDateTime value for each occurrence. These values indicate when the keys were changed.

 

If you are running Microsoft SQL Server Desktop Engine (MSDE), complete the following steps to confirm the policy key change:

  1. Open a command prompt.

  2. Type:
    osql -E -d <database_name> -q "SELECT ChangeDateTime FROM ServerConfigHistory 
    WHERE Details='PolicyPublicKey,PolicyPrivateKey'"
  3. If any entries are returned from this query, note the ChangeDateTime value for each occurrence. These values indicate when the keys were changed.

 

Resolution
  • For Microsoft Exchange or IBM Lotus Domino, apply BlackBerry Enterprise Server version 4.0 Service Pack 3, Hot Fix 2.
  • For Novell GroupWise, apply BlackBerry Enterprise Server version 4.0 Service Pack 3.
 
< Prev   Next >
[ Back ]
Advertisement
© d-PIT, 2007-2010.

Site Disclaimer