5.5 BlackBerry Module

The server log files are what Retain uses to collect the information about phone activity, and as such no software or modification needs to be made to any system phones. If the BlackBerry server has not been configured to log the data, Retain will be unable to archive the information.

For BES 5.x, instructions to modify the logging in the BlackBerry Enterprise Server can be found in the BlackBerry Enterprise Server help file. (Found under Start | Programs | BlackBerry Enterprise Server | Help | BlackBerry Manager Help)

For BES 10.x and 12.x, users must be set on EMM – Regulated mode and have the logging set to ‘yes’ for all types desired. Balanced mode users will not have logs created for them in the BES system and as a result will not be archived.

For BBM Enterprise (BBMe), TLS 1.0 or 1.2 must be configured on the web server on the Retain Server or Retain Router, depending on the endpoint you will be using for your BBMe devices. NOTE: TLS 1.0 or 1.2 is required. 1.3 will not be sufficient. See the appropriate link for configuration instructions:

IIS: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspxApache: https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html

BBMe Supported Ciphers: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA"

Installing the BlackBerry Module is incredibly simple. Essentially, the module needs to be enabled and configured with the BES log file location. Afterwards, the data is treated the same as any other data entering the Retain archive. Data is archived in the database under the user/phone it originated from and can be searched and viewed through the Search Messages interface.

To enable the BlackBerry Module, select the ‘BlackBerry Module’ from the module page and click ‘configure’.

Core Settings tab

The module needs to be enabled on this page to make it active in the Retain system.

The module can be given a name.

The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page. See that section for more information.

The BlackBerry module needs to be enabled on this page to make it active in the Retain system.

The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page. See that section for more information.

For address book caching to occur, it must be enabled on the Core Settings screen. For more information on caching, see below.

Before data can be archived, the BES Servers must be configured and a BES log file path must be provided.

If BBM Enterprise integration is to be used, no BES servers will be listed and no other configuration in the BlackBerry Module is required. However, the BBM Configuration file needs to be exported and uploaded to the BBM server. Please see the BBM setup and install checklist for specific information on how to configure the BBM server.

The module needs the location of each BES server. Click the green plus sign to add a BES server.

The log file location must be the address to the Blackberry Server log files, from the perspective of the Retain Worker. Regardless of where the worker is installed, local or remote to the Blackberry Server, it must have direct file access to the logs. This access can be accomplished through a shared folder or location, but it must be available to the Retain worker. The path must be an open and active path from the Worker to the log file location. Appropriate access through firewalls or network security must be made available if the worker is not installed on the BES system.

It is important to keep in mind that the log path needs to be the path relative to where the Retain Worker is installed. If the Retain Worker is installed on a system that is local to the log directory than a local path can be used here. If the Retain Worker is on a remote system than a UNC path must be used. If using a UNC path to a Windows share it is necessary to ensure that the Retain windows service (tomcat) be running under a user with the proper rights and permissions to read the log data being shared.

The SOAP data must also be filled-out. The SOAP connection is how the Retain Server connects to the BAS service’s SOAP interface in order to cache the address list. SOAP must be enabled on every BES listed. List every BES server which the Retain system will be archiving data from. The SOAP address or host name and port which is configured must be specified for each Server. The SOAP user name and password are the credentials to the BES admin web console.

Retain will attempt to cache the address book from each server listed if address book caching is selected. Because the Blackberry Server logs, and especially the BBM Enterprise data does not always contain user names attached to the device ID’s, Retain works to cache the address book to fill out data for messages; user name, email address, etc. Without Address Book caching, stored message data may only be identified by a device ID or phone number. Each server’s configuration has a test button to help ensure that Retain can successfully connect to the server. Selecting the ‘Test Connection’ button will initiate a connection attempt by Retain for the server. The results will be displayed after the test has been completed.

To create a new profile to archive BlackBerry data, first select the ‘add profile’ button and name the profile. Then continue configuring as desired.

Core Settings tab

The Core Settings tab holds the enabling setting, which allows jobs connected to this profile to run. This must be checked before jobs will run.

Message Settings tab

The message settings tab can be used to exclude or include specific data types for this profile. By default, all types of messages will be archived. All BlackBerry data which is selected to be archived must be logged in the BlackBerry Enterprise Server or the data will not be available for Retain to archive it.

This is the most critical tab to fill out as it sets the limits on how much to archive.

Date Range to Scan

The Date Range determines which message items are collected, depending on the date of the message.

New Items: All items that have not been archived by Retain since the last time the job ran.

All Items in Mailbox: All items in the mailbox starting from 1/1/1970, duplicates will be processed but not stored if they already exist in the Retain archive.

Number of days before job start date and newer: Only items from the relative number of days from the time the job began will be archived. E.g. messages that came into the email system 7 days ago or less.

Number of days from job start date and older: Only items previous to the relative number of days from the time the job began will be archived. E.g. messages that came into the email system 7 days ago or more.

Specify custom date range: Only items between two absolute dates will be dredged.

Specify custom date range relative to job start: Only items between two relative dates will be dredged. E.g. messages that came into the email system between 7 and 5 days ago.

If you want to be more specific as to what to dredge or not to dredge, add the criteria here. Each line will be logically AND-ed together.

Think “Dredge all items where the following is true:” Criteria A AND Criteria B AND Criteria C AND etc.

You may select based on:

Whether they are equal to, not equal to, whether they contain or do not contain the item may be specified.

This provides great flexibility and allows you to customize dredges and retention for many different groups, or even individuals.

All data collection for the Blackberry module is configured through the Blackberry job interface. The jobs here combine the Profile, the Schedule, and a Worker together to archive the specified server logs. A Job must have a Profile, Schedule, Worker, and a selected server, before it can be saved or run. To create a new job, click, ‘Add Job’, and configure and save.

The core settings tab contains the basic configuration. Select the ‘Job enabled’ option to enable archiving. Also, select a Schedule, Profile, and Worker to complete the job. If the SMTP Send is enabled, the worker will forward BES message data.

The Data Expiration is an option to place a timestamp on the data in the Retain database, which allows for ease of automation for the deletion manager. In addition, devices such as NetApp, Centera, and Hitachi HCAP may use this number to enforce hardware level protection of the stored item so that no one (including Retain) may delete the item before its expiration date.

Job Expiration is not retroactive for mail in the database, and only applies to mail archived by the job that it is active for. The base folders and criteria are specified under the custom expiration dates accessed through the ‘Add’ button at the bottom. All messages included in any specified folders will have a different date or be exempted from the standard expiration date.

To have messages with custom job or folder expiration dates properly expire, the deletion management date scope must be set to delete messages with an Expiration Date older than 1 day.

The mailboxes tab contains the target users, and BES servers to be archived by the selected job.

Under the Mailbox tab, select the BES server to be included in the Job. The list of available BES servers is configured from the Modules page. Once selected, all users associated or present on the BES server are included.

Once a job has been run, the user list will be populated and further configuration is possible. The job may also be restricted to specific users, specified on the ‘Include Users’ list, or restricted to exclude users listed on the ‘Exclude’ list. To add users, expand the User’s option box and select the users to be archived. Users may be selected through the user search interface, spawned through selecting the ‘add user’ button.

If there are users listed, then the users listed in the ‘Include Users’ box are the ONLY included users, while those listed in the ‘Exclude’ window are excluded from the jobs.

All errors, summaries, and statistics may be sent in an email notification to a desired address on job completion. If it is desired to be notified, configure the notifications under this tab. At least one of the two notification options must be selected for an email notification to be created.

On initial creation, there will be nothing of interest shown under the ‘Status’ tab, as the job is under creation or has not yet run.

However, after a job has been run, or has begun, the ‘Status’ tab becomes a monitoring tool to report on exactly how much mail and mailboxes have been archived, along with any errors encountered.

Devices are managed in Retain through the Device Management interface Device Management.

Retain supports archiving data from both BlackBerry devices and devices running the BBM Enterprise system. Devices running the BBM Enterprise system can have their communication data archived through the BBM app, obtained from BlackBerry.

The BlackBerry device page displays all devices which have been registered into the Retain system. Native BlackBerry and BBM Enterprise devices are displayed together. Retain registers BlackBerry devices through log files from the BES server or through data sent by the device running the BBM Enterprise application. If a device is not yet registered, it is either not in the BES address book or no data has been archived for the device. The device list may be filtered for any specified content desired. In addition, devices may be selected for removal.

The Delete Device button will remove the device from device management but will not remove the data.

The Generate Report button will open a new Reporting and Monitoring: Generate report window, where a report can be created.

You may now configure Schedules, Workers and Jobs.