Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Enterprise Mobility Server 3.7
  3. Configuring BlackBerry Mail
  4. BlackBerry Mail (BEMS Push Notifications service)
  5. Configure the password expiration warning message
  6. Add Read permission to the account used to authenticate to the LDAP server

Add Read permission to the account used to authenticate to the LDAP server

You can use the
Windows
 Server ADSI Edit tool to add Read permissions to the account that is used to authenticate to the LDAP server. You must have a membership in the Domain Admins group or equivalent permissions to complete this task.
  1. Start the ADSI Edit utility.
  2. Right click the
    ADSI Editor
     icon and click
    Connect to
    .
  3. In the
    Connection Settings
     screen, in the
    Connection Point
     section, select
    Select a well known Naming Context
     and from the drop-down list, select
    Default naming context
    .
  4. Click
    OK
    .
  5. Click your domain.
  6. Navigate to and expand
    CN=System
    .
  7. Right-click
    CN=Password Settings Container
     and click
    Properties
    .
  8. On the
    Security
     tab, click
    Add
     to add the account, or the user group that the account is a member of, that is used to authenticate to the LDAP server.
  9. Under
    Group or user names
    , with the added account or user group selected, select the
    Read
     checkbox in the
    Allow
     column.
  10. Click
    Apply
    .
  11. Click
    OK
    .