Administration Guide

Local Navigation

Configure the BlackBerry MDS Connection Service to connect to the certificate authority

If your organization's environment includes a Microsoft® enterprise certification authority, the certification authority requires Windows® authentication, and a certification authority administrator must approve certificate requests, you must configure the BlackBerry® MDS Connection Service with the server name of the certification authority and the certification authority credentials so that the BlackBerry MDS Connection Service can send certificate requests to the certification authority.
Before you begin: Create a custom template on the certification authority that does not permit the subject name to originate from information in Microsoft® Active Directory®.
  1. In the BlackBerry Administration Service, on the Servers and components menu, expand BlackBerry Solution topology > BlackBerry Domain > Component view.
  2. Click MDS Connection Service.
  3. Click Edit component.
  4. On the HTTP tab, in the Name field, type the certificate authority name.
  5. In the Service URL field, type the URL that the BlackBerry MDS Connection Service can use to send certificate requests to the certification authority using the following format: http://<FQDN_of_CA_server>:<port_number>/* (for example, http://myca.mycompany.com:80/*). Use <port_number>/* to make sure that the BlackBerry MDS Connection Service can access all the URLs for the certification authority.
  6. In the Settings section, in the Username field, type the name of a certification authority administrator account that can approve certificate requests using one of the following formats: domain\username or domain@username.
  7. In the Password and Confirm Password fields, type the password for the certification authority administrator account.
  8. Click the Add icon.
  9. Click Save all.
After you finish:
  • Write down the URL for the certification authority that you typed in the Service URL field. You must add the <FQDN_of_CA_server> that you configured in step 5 to the Certificate Authority Host IT policy rule, and the <port_number> that you configured in step 5 to the Certificate Authority Port IT policy rule.
  • Add the certification authority information to a BlackBerry MDS Connection Service configuration set.

Add communication information to a BlackBerry MDS Connection Service configuration set

A BlackBerry® MDS Connection Service configuration set is a set of service configurations that the BlackBerry MDS Connection Service instances in your organization can use to communicate with a remote file system, an LDAP server, a DSML server, a CRL server, an OCSP server, or a certification authority. You must add the communication information that the BlackBerry MDS Connection Service requires to communicate with servers to a configuration set so that a BlackBerry MDS Connection Service instance can communicate with the servers after you assign the configuration set to the instance.
  1. In the BlackBerry Administration Service, on the Servers and components menu, expand BlackBerry Solution topology > BlackBerry Domain > Component view.
  2. Click MDS Connection Service.
  3. Click Edit component.
  4. On the Configuration Sets tab, perform one of the following actions:
    • To create a configuration set, in the Configuration set name section, type a name and description for the configuration set.
    • To change an existing configuration set, click the Edit icon.
  5. In the Priority Service group drop-down list, click the name of the service that you want to configure the communication method for.
  6. In the Service (Name : Description) drop-down list, click the name of the communication method that you want to configure.
  7. Click the Add icon.
  8. To specify the communication method that the BlackBerry MDS Connection Service should try to connect to the server with first , click the Up and Down arrows. The BlackBerry MDS Connection Service resolves conflicts by applying communication methods in the order that you specify. The order of that you specify for LDAP, DSML, or file communication applies to each communication method separately. The order permits the BlackBerry MDS Connection Service to resolve conflicts between domains if you created multiple communication methods for a specific URL.
  9. Perform one of the following actions:
    • To add a new configuration set, click the Add icon.
    • To update an existing configuration set, click the Update icon.
  10. Click Save all.
After you finish:
  • To confirm your changes, click the View icon.
  • Assign the configuration set to a BlackBerry MDS Connection Service.

Assign a BlackBerry MDS Connection Service configuration set to a BlackBerry MDS Connection Service instance

You can assign a BlackBerry® MDS Connection Service configuration set to a BlackBerry MDS Connection Service instance so that BlackBerry device users can access documents on remote file systems from devices, the BlackBerry MDS Connection Service can search for certificates and check for the status of the certificates from LDAP servers, DSML servers, CRL servers, or OCSP servers, and the BlackBerry MDS Connection Service can send certificate requests to a certificate authority.
  1. In the BlackBerry Administration Service, on the Servers and components menu, expand BlackBerry Solution topology > BlackBerry Domain > Component view.
  2. Click MDS Connection Service.
  3. Click the instance that you want to change.
  4. Click Edit instance.
  5. On the Component Configuration Sets tab, in the Available component configuration sets section, in the Service configuration sets drop-down list, click the configuration set that you want to assign to the BlackBerry MDS Connection Service instance.
  6. Click Save all.
  7. To restart the BlackBerry MDS Connection Service instance, on the Instance information tab, in the Status list, click Restart instance.
  8. To assign the BlackBerry MDS Connection Service configuration set to another BlackBerry MDS Connection Service instance, repeat steps 3 to 7.

Was this information helpful? Send us your comments.