Configuring The Blackberry Mds Connection Service When The Messaging Server Is Located In A Remote Microsoft Active Directory Domain - Blackberry PRD-10459-003 - Enterprise Server For IBM Lotus Domino Administration Manual

Administration Guide
• If required, configure BlackBerry® MDS Connection Service to use a Microsoft Active Directory account when
the messaging server is in a remote Microsoft Active Directory domain.
• Turn on Integrated Windows authentication when users access resources on your organization's network.
Configuring the BlackBerry MDS Connection Service when the messaging
server is located in a remote Microsoft Active Directory domain
If the computer that hosts the BlackBerry® MDS Connection Service is not located in the same Microsoft® Active
Directory® domain as the global catalog server or messaging server and you want to configure support for Integrated
Windows® authentication, you must create a Microsoft Active Directory account that the BlackBerry MDS Connection
Service can use to connect to the global catalog server.
In a Microsoft® Exchange environment, you must create the Microsoft Active Directory account in the Microsoft
Active Directory domain that includes the messaging server.
In an IBM® Lotus® Domino® environment, if the messaging server is located in the same Microsoft Active Directory
domain as the global catalog server, you must create the Microsoft Active Directory account in that domain. If the
messaging server is located in a different Microsoft Active Directory domain than the global catalog server, you must
create the Microsoft Active Directory account in the Microsoft Active Directory domain that includes the global
catalog server.
You do not need to configure constrained delegation for the Microsoft Active Directory account that you create in
the Microsoft Active Directory domain that includes the messaging server or global catalog server.
Configure the BlackBerry MDS Connection Service when the messaging server is
located in a remote Microsoft Active Directory domain
Before you begin: Create a Microsoft® Active Directory® account in the Microsoft Active Directory domain that the
messaging server or global catalog server is located in.
1. On the computer that hosts the BlackBerry® MDS Connection Service, navigate to <drive>:\Program Files
\Research In Motion\BlackBerry Enterprise Server\MDS\Servers\instance\config.
2. In a text editor, open the rimpublic.properties file.
3. Perform one of the following actions:
• If the IBM® Lotus® Domino® server is installed in a Microsoft Active Directory domain with a global catalog
server, in the rimpublic.properties file, type application.handler.exchange.domain=<domain_name> where
<domain_name> is the Microsoft Active Directory domain that contains the messaging server. For example,
type application.handler.exchange.domain=domain123.example.com.
• If the Lotus Domino server is not installed in a Microsoft Active Directory domain with a global catalog server,
in the <domain_name>rimpublic.properties file, type
application.handler.exchange.domain=<domain_name> where <domain_name> is the Microsoft Active
Directory domain that contains the global catalog server. For example, type
application.handler.exchange.domain=domain123.example.com.
4. Save and close the rimpublic.properties file.
5. In the Windows® Services, restart the BlackBerry MDS Connection Service service.
Configuring Integrated Windows authentication so that users can access resources on your
organization's network
269