Setting up Zimbra BES Connector

My organization has several employees with BlackBerry devices, and as we run Zimbra for our mail server, we'd like those employees to be able to sync their BlackBerries with our mail server. To do this requires two things: BlackBerry Enterprise Server ("BES" for short) and Zimbra BES Connector ("ZBC" for shoft).

Zimbra BES Connector is designed to run on the same logical machine as BlackBerry Enterprise Server, and as it turns out, ZBC's requirements (as stated in the ZBC Admin Guide) are considerably more strict than BES. To wit:

• ZCS 5.0.7 or later
  
• Microsoft Windows Server 2003 operating system
  
• Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 (MAPI/CDO)
  
• BlackBerry Enterprise Server 4.1 or BlackBerry Express 4.1
  
• Zimbra Collaboration Suite Connector for BlackBerry Enterprise Server .msi executable file
  
• Outlook® 2007 messaging and collaboration client
  

BES's requirements:

• Minimum requirements for up to 500 users: Intel® Pentium® IV processor (2GHz or greater), 1.5 GB RAM, MSDE 2000 or higher, 20 GB disk space in addition to Windows® requirements


• Windows 2000 Server (Server or Advanced Server Editions) with Service Pack 4 or Windows Server 2003 with Service Pack 1


• Integrates with Microsoft® Exchange 5.5 (Service Pack 4 or later), Microsoft Exchange 2000 (Service Pack 2 or later) or Microsoft Exchange 2003 mail server environments (mixed mode or native installation).


• Microsoft Exchange 5.5 Administrator, Microsoft Exchange 2000 System Manager or Microsoft Exchange 2003 System Manager, Microsoft Exchange 2007 MAPI Client


• Microsoft Internet Explorer® version 6.0 or later

I'm ignoring the Exchange server requirements per the ZBC documentation, but everything else still stands.

Having recently become very fond of setting up things on virtual machines, and since this installation is still in the testing stage right now, I'll set this up on a VM with:

• Windows Server 2003


• 1.5 GB RAM


• Outlook 2007


• MAPI/CDO 1.2.1


• Internet Explorer 7


• BlackBerry Enterprise Server 4.1 for Exchange (60-day, 20-user trial version)


• 30GB HDD

Note that you must set up a separate user account (see here for details) that BES and associated services will run under. It will not work if you simply install BES as Administrator and set all the services to run as system services. I learned this the hard way. :(

Once the VM is set up, the next step is to install the Zimbra BES Connector by means of the MSI file. This is a quick matter. Now I'll create an Administrator account for BES on Zimbra using the Admin Console. If you're following along, feel free to choose a username and password to your liking; I recommend diceware.com and a bunch of D6's for password generation.

The next step is to make sure that the Zimbra server's mail port has SSL enabled. To allow both SSL and non-SSL, execute (on the mail server, as the Zimbra user) zmtlsctl both. To allow only SSL, execute zmtlsctl https.

Now I'll delete and recreate the BES mail profiles "BlackBerryServer" and "BlackBerryManager". To do this, I go to the Start Menu on the BES server, then choose Control Panel, then Mail. This brings up the BlackBerryServer Mail Setup dialog. Here, I choose "Show Profiles".

This dialog only shows the BlackBerryServer profile. No big deal - if the other profile was there, I'd delete it anyway, so this just saves me a step. After deleting the BlackBerryServer profile, I hit "Add" to create a new profile, and I get dialog titled "Add New E-mail Account". This dialog is trying to set up an email account for me automatically, but I don't want that, so I click "Manually configure server settings or additional server types" at the bottom and hit Next. From here, I select "Other", which allows me to select "Zimbra Collaboration Server" from the box below. I hit Next, and am presented with a "Zimbra Server Configuration Settings" dialog. I put in the name of my mail server and the port that the Zimbra admin service is listening on ¹, check "use secure connection", and put in the BES Administrator account credentials that I set up in the Zimbra Admin Console. After that, I hit "OK". I follow the same process to create the BlackBerryServer profile.

Now I can start the BlackBerry Controller service, which should start any other services that BES requires².

¹ZCB connects to the Zimbra administrative interface, so in addition to putting in the name of your Zimbra server, you'll have to put the port (typically 7071) in as well, e.g. "mail.example.com:7071" (source)

²The first time I did this, I got an error dialog: "Error 1069: The service did not start due to a logon Failure." Turns out this was not an error in my BES configuration, but the Windows service configuration (details). I switched the service from running as the Administrator account to the system account, and after that was able to start the service successfully.

From here, the connector is set up. I can see the users on my mail server in the Global Address List. I haven't figured out how to provision anyone in BES yet, but that's a BES issue, not a Zimbra issue.