What is the Wireless Enterprise Activation process

Article ID: KB13850

Type: Support Content

Last Modified: 11-06-2012

 

Product(s) Affected:

  • BlackBerry Enterprise Server for Microsoft Exchange
  • BlackBerry Enterprise Server for IBM Domino
  • BlackBerry Enterprise Server for Novell GroupWise
CollapseEnvironment
  • BlackBerry Device Software 4.0 to 4.7
  • BlackBerry 6 and 7
  • BlackBerry Enterprise Server 4.0 to 5.0
CollapseOverview

The Wireless Enterprise Activation process allows the administrator to activate a BlackBerry smartphone for a BlackBerry Enterprise Server. The administrator can use the wireless enterprise activation process to manage encryption and service records.

Prerequisites for the wireless enterprise activation process

Before starting the wireless enterprise activation process, verify the following:

  • The wireless service provider has activated a service for the BlackBerry smartphone with the BlackBerry Enterprise Server service class
  • The BlackBerry smartphone user account has been added to the BlackBerry Enterprise Server
  • The BlackBerry Enterprise Server has been correctly configured to access the BlackBerry smartphone user's mailbox.

For information on the BlackBerry Enterprise Server administration account permissions, see KB02276.

  • An activation password has been set for the BlackBerry smartphone user account

    Note: For instructions about how to set up a wireless enterprise activation process, please refer to the BlackBerry Enterprise Server Administration Guides found here

After the prerequisites are met, the BlackBerry Enterprise Server monitors the mailbox for new messages, including the ETP.DAT activation message that is sent from the BlackBerry smartphone.

The following scenario outlines the wireless enterprise activation process:

  1. A BlackBerry smartphone user receives a new BlackBerry smartphone and contacts the administrator to activate the BlackBerry smartphone.
  2. The administrator sets the wireless enterprise activation password on the BlackBerry smartphone user's account and communicates it to the BlackBerry smartphone user.

Note: Before the BlackBerry smartphone user activates the BlackBerry smartphone, BlackBerry Manager displays the status of Initializing.


The Wireless Enterprise Activation Process

This section provides an overview of the four phases of the wireless enterprise activation process.

Phase 1 - Activation

  1. On the BlackBerry smartphone in the Enterprise Activation screen, the BlackBerry smartphone user types the email address and activation password.
  2. The BlackBerry smartphone generates a data packet that is sent to the BlackBerry Infrastructure, which then creates an email message with the ETP.DAT attachment and sends it to the BlackBerry smartphone user's mailbox.

    Note: The ETP.DAT message contains routing information and the BlackBerry smartphone's activation public keys. The ETP.DAT message is routed through the BlackBerry Infrastructure to the BlackBerry smartphone user's mailbox as a standard message with an attachment. For information about ETP.DAT messages, see the Role of the ETP.DAT message in the wireless Enterprise Activation process section below. When the ETP.DAT message is sent, the BlackBerry smartphone displays the status of Activating.

Phase 2 - Encryption verification

  1. When the ETP.DAT message arrives at the messaging server, the BlackBerry Messaging Agent checks the content.
  2. The BlackBerry Enterprise Server processes the data that is attached to the message. It verifies that the encrypted password matches the one set for the BlackBerry smartphone user. If it matches, the BlackBerry Messaging Agent generates a new permanent encryption key using either Triple Data Encryption Standard (Triple DES) or Advanced Encryption Standard (AES), and sends it to the BlackBerry smartphone.

    Note: The BlackBerry smartphone displays the status of Verifying Encryption.

Phase 3 - Receiving services

  1. The BlackBerry Enterprise Server and the BlackBerry smartphone establish a master encryption key. The BlackBerry smartphone and the BlackBerry Enterprise Server both verify receipt of the master key.
  2. The BlackBerry smartphone implements the new encryption key and displays the following message:

    Note: The BlackBerry smartphone account status displays the status of Encryption Verified. Waiting for Services.

  3. The BlackBerry Messaging Agent forwards a request to the BlackBerry Policy Service to generate service books.
  4. The BlackBerry Policy Service receives and queues the request and sends out an IT policy update to the BlackBerry smartphone.
  5. The BlackBerry smartphone registers that the IT policy has been applied successfully.
  6. The BlackBerry Policy Service generates and sends the service books to the BlackBerry smartphone, which is now able to send messages.

    Note : The BlackBerry smartphone displays a status of Services Received.

  7. The BlackBerry smartphone then displays the following message: Your email address, mailto:user@domain.tld is now enabled. Synchronization service Desktop [<SRP_Identifier>]

Phase 4 - Slow synchronization

  1. Once the [CMIME] service book arrives on the BlackBerry smartphone, the BlackBerry smartphone is able to reconcile messages with the BlackBerry smartphone user's email account. The BlackBerry smartphone user can configure reconciliation as required. All service books should arrive at the same time, but only the [CMIME] service book is required for email message reconciliation.
  2. The BlackBerry smartphone registers the receipt of the service books to the BlackBerry Enterprise Server and the activation process is completed.

    Note: The BlackBerry smartphone displays the status of Activation Complete.

  3. The calendar data is synchronized using the [CICAL] service book before other organizer data is synchronized.
  4. The Desktop [SYNC] service book is sent to the BlackBerry smartphone. The Desktop [SYNC] service book allows for organizer data synchronization, wireless backup and restore capability, and synchronization of email settings and filters.

    Note: The BlackBerry Messaging Agent manages wireless synchronization of calendar data, and the BlackBerry Synchronization Service manages wireless synchronization of other organizer data. The BlackBerry Enterprise Server sends the appropriate service books and IT policies to the BlackBerry smartphone. The BlackBerry smartphone user is now able to send and receive email messages on the BlackBerry smartphone.

  5. If the BlackBerry smartphone is configured for wireless organizer data synchronization and wireless backup, the BlackBerry Enterprise Server sends the following data to the BlackBerry smartphone:
    • Calendar entries
    • Address book entries
    • Tasks
    • Memos
    • Messages
    • Existing BlackBerry smartphone options that were backed up through automatic wireless backup

    Note: When the wireless enterprise activation process is complete, the BlackBerry smartphone displays a status of Activation Complete.


Role of the ETP.DAT message in the wireless enterprise activation process

During the wireless enterprise activation process, the BlackBerry smartphone sends an ETP.DAT message, which contains activation information, to an activation email address stored on the BlackBerry smartphone.

After the BlackBerry smartphone user selects the Activate option on the Enterprise Activation screen on the BlackBerry smartphone, the following occurs:

  1. The ETP.DAT message is sent to the BlackBerry Infrastructure, which forwards it to the email address that was specified in the Enterprise Activation section.
  2. The BlackBerry Enterprise Server, which monitors the BlackBerry smartphone user's mailbox, picks up the ETP.DAT message. The wireless enterprise activation process begins.
  3. The BlackBerry Enterprise Server sends the acknowledgment and encryption information to the BlackBerry smartphone.
  4. The IT policy is sent to the BlackBerry smartphone.
  5. When the BlackBerry Enterprise Server verifies that the IT policy has been applied successfully, it sends the required service books to the BlackBerry smartphone.
  6. When the BlackBerry Enterprise Server sends all the required information to the BlackBerry smartphone. The following message appears on the BlackBerry smartphone.

    Your email address mailto:user@domain.tld is now enabled

  7. The slow synchronization process begins.
CollapseAdditional Information

For more information on the enterprise activation process, see the BlackBerry Wireless Enterprise Activation Technical Overview.

Disclaimer

By downloading, accessing or otherwise using the Knowledge Base documents you agree:

   (a) that the terms of use for the documents found at www.blackberry.com/legal/knowledgebase apply to your use or reference to these documents; and

   (b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.


Visit the BlackBerry Technical Solution Center at www.blackberry.com/btsc.