5.5 Blackberry Module

The server log files are what Retain uses to collect the information about phone activity, and as such no software or modification needs to be made to any system phones. If the Blackberry server has not been configured to log the data, Retain will be unable to archive the information.

For BES 5.x, instructions to modify the logging in the Blackberry Enterprise Server can be found in the Blackberry Enterprise Server help file. (Found under Start | Programs | Blackberry Enterprise Server | Help | Blackberry Manager Help)

For BES 10.x and 12.x, users must be set on EMM – Regulated mode and have the logging set to ‘yes’ for all types desired. Balanced mode users will not have logs created for them in the BES system and as a result will not be archived.

For BBM Enterprise (BBMe), TLS 1.0 or 1.2 must be configured on the web server on the Retain Server or Retain Router, depending on the endpoint you will be using for your BBMe devices. NOTE: TLS 1.0 or 1.2 is required. 1.3 will not be sufficient. See the appropriate link for configuration instructions:

IIS: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspxApache: https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html

BBMe Supported Ciphers: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA"

Installing the Blackberry Module is incredibly simple. Essentially, the module needs to be enabled and configured with the BES log file location. Afterwards, the data is treated the same as any other data entering the Retain archive. Data is archived in the database under the user/phone it originated from and can be searched and viewed through the Search Messages interface.

To enable the Blackberry Module, select the ‘Blackberry Module’ from the module page and click ‘configure’.

Core Settings tab

The module needs to be enabled on this page to make it active in the Retain system.

The module can be given a name.

The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page. See that section for more information.

The Blackberry module needs to be enabled on this page to make it active in the Retain system.

The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page. See that section for more information.

For address book caching to occur, it must be enabled on the Core Settings screen. For more information on caching, see below.

Before data can be archived, the BES Servers must be configured and a BES log file path must be provided.

If BBM Enterprise integration is to be used, no BES servers will be listed and no other configuration in the Blackberry Module is required. However, the BBM Configuration file needs to be exported and uploaded to the BBM server. Please see the BBM setup and install checklist for specific information on how to configure the BBM server.

The module needs the location of each BES server. Click the green plus sign to add a BES server.

The log file location must be the address to the Blackberry Server log files, from the perspective of the Retain Worker. Regardless of where the worker is installed, local or remote to the Blackberry Server, it must have direct file access to the logs. This access can be accomplished through a shared folder or location, but it must be available to the Retain worker. The path must be an open and active path from the Worker to the log file location. Appropriate access through firewalls or network security must be made available if the worker is not installed on the BES system.

It is important to keep in mind that the log path needs to be the path relative to where the Retain Worker is installed. If the Retain Worker is installed on a system that is local to the log directory than a local path can be used here. If the Retain Worker is on a remote system than a UNC path must be used. If using a UNC path to a Windows share it is necessary to ensure that the Retain windows service (tomcat) be running under a user with the proper rights and permissions to read the log data being shared.

The SOAP data must also be filled-out to connect to the address book. The SOAP connection is how the Retain Server connects to the BAS service’s SOAP interface in order to cache the address list. SOAP must be enabled on every BES listed. List every BES server which the Retain system will be archiving data from. The SOAP address or host name and port which is configured must be specified for each Server. The SOAP user name and password are the credentials to the BES admin web console.

If you have multiple BES servers, it is a best practice to have one BES server with the master address book. This allows Retain to cache the address book quickly, eliminate the chance of data being overwritten from one BES server address book to another and increases the ease of troubleshooting.

Retain will attempt to cache the address book from each server listed if address book caching is selected. Because the Blackberry Server logs, and especially the BBM Enterprise data does not always contain user names attached to the device ID’s, Retain works to cache the address book to fill out data for messages; user name, email address, etc. Without Address Book caching, stored message data may only be identified by a device ID or phone number. Each server’s configuration has a test button to help ensure that Retain can successfully connect to the server. Selecting the ‘Test Connection’ button will initiate a connection attempt by Retain for the server. The results will be displayed after the test has been completed.

When caching the address book: Retain will receive the Display name and number, if 10, or UID, if 12, for each user, then Retain will query for the user’s email address, and then Retain will query for the PIN or phone number of the user’s associated device(s).

Devices are managed in Retain through the Device Management interface Device Management Overview.

Configure a job Blackberry Jobs.