BlackBerry vs Exchange 2007 - John C. Kirk
Feb. 19th, 2010
05:12 pm - BlackBerry vs Exchange 2007
Where I work, we use Exchange 2007 for our email. Some staff also have remote access to their email: they can use Outlook Web Access, or ActiveSync with a smartphone. In particular, it only takes a couple of minutes to configure an iPhone. Yesterday, someone bought a BlackBerry, and it took me all day to get it working.
The first problem is that the BlackBerry doesn't come with an ActiveSync client, presumably because they don't want to pay the licensing fees to Microsoft. So, out of the box it will only work with a BlackBerry Enterprise Server: this is an extra server which liases between the phone and an existing mail server (e.g. Exchange). If you work for a huge company, and hundreds of staff use BlackBerrys to check their email, it would make sense to set up this extra server; if you work for a small company, and only one person uses a BlackBerry, this would be completely ludicrous.
Fortunately, Orange (and possibly other phone companies) offer a BlackBerry Internet Service. The idea is that you give them the details of your Outlook Web Access account, then their server will grab your emails and pass them on to your phone. I'm not entirely keen on this plan, since the username/password for Exchange is the same one you use to log into Windows itself, so I'd prefer not to give this out to a third party. Still, it was worth investigating. However, I just got this error message:
Cannot connect to server or invalid server name:
Please verify the Outlook Web Access URL. If the error persists contact
(your email provider).
It turns out that this is because we have an ISA firewall in front of our Exchange server, as described in the BlackBerry Knowledge Base:
Unable to integrate a Microsoft Outlook Web Access or IBM Lotus Domino Web Access email account with a BlackBerry Internet Service account
Error message received when attempting to integrate a Microsoft Outlook Web Access 5.5 or 2007 account
In particular, it says: "Note: The BlackBerry Internet Service does not support a Microsoft Outlook Web Access source using a Microsoft Internet Security and Acceleration Server (ISA Server)." They discovered this problem in May 2009, but they don't have a predicted date for fixing it. They don't mention Forefront TMG (the successor to ISA), so I don't know whether that has the same problem.
After that, I downloaded a trial version of NotifySync. I had to fiddle around a bit, trying different permutations of username/domain; as I recall, it only works if the domain is blank and the username is "foobar" rather than "example\foobar" or "email@example.com". (In particular, that means that the default "Use email address as username" option doesn't work.) I also had to relax the rules on our firewall server, because this software uses extra extensions in its URLs which were being blocked. (Previously, I was using the settings from this TechNet article: Typical HTTP Policies for Web and Outlook Web Access Publishing Rules.) Anyway, this does the job, but it will be an extra cost. I think this is a serious limitation of the BlackBerry, which isn't obvious from their marketing blurb.
I also tried to connect the BlackBerry to our wireless network, which uses WPA2-PSK (Pre-Shared Key). There are two ways to specify a PSK:
1) You enter an ASCII passphrase (8-63 characters) which is combined with the SSID (the name of the wireless network), and this generates the 256 bit key.
2) You enter the key directly, in the form of 64 hexadecimal digits (i.e. each digit = 4 bits).
Unfortunately, the BlackBerry won't accept the key directly, only the passphrase. In our case, we don't have a passphrase, because I used a random generator to produce the key. I don't know of any way to reverse the algorithm (i.e. to get a passphrase from the PSK and SSID), and a new passphrase would generate a new PSK, so we'd have to reconfigure all our existing devices. None of the other laptops and phones that I've come across have this problem; in particular, the iPhone will happily accept a hex key. For now, I've just dodged the problem by leaving the BlackBerry in 3G mode, i.e. using the internet connection from the phone company.
All in all, I don't recommend the BlackBerry, and these issues are worth bearing in mind if you're thinking about buying one.