Recommendation on the use of administrative roles in the BlackBerry Manager

Article ID: KB16466

Type: Support

Last Modified: 12-14-2011

 

Product(s) Affected:

  • BlackBerry Enterprise Server for Novell GroupWise
  • BlackBerry Enterprise Server for Microsoft Exchange
  • BlackBerry Enterprise Server for IBM Domino
CollapseEnvironment
  • BlackBerry® Enterprise Server version 4.1.x for IBM® Lotus® Domino®
  • BlackBerry Enterprise Server version 4.1.x for Microsoft® Exchange
  • BlackBerry Enterprise Server version 4.1.x for Novell® GroupWise®
CollapseOverview
The BlackBerry Enterprise Server version 4.1.x for Microsoft Exchange, Lotus Domino, or Novell GroupWise uses predefined roles, which correspond to common corporate administrative roles, to control who can perform specific tasks. The BlackBerry Enterprise Server administrator can assign database users—either trusted Microsoft® Windows® users or groups, or SQL logins—to each role.

 
The BlackBerry Manager allows the BlackBerry Enterprise Server administrator to assign other administrators to roles that group the different types of BlackBerry Enterprise Server administration tasks. When administrators start the BlackBerry Manager, the BlackBerry Manager checks their authentication credentials, determines their administrative role, and then displays a list of tasks that that role is intended to complete.

The available roles are designed to group trusted administrators according to the scope of their administrative responsibility. These roles are: "Security administrator," "Enterprise administrator," "Device administrator," "Senior help desk administrator," "Junior help desk administrator" and their audit role counterparts, such as "Audit Security administrator."

 
See the BlackBerry Enterprise Server System Administration Guide for more information about the administrative roles included in the BlackBerry Manager.
 

Recommendation

Research In Motion (RIM) recommends that the administrative roles in the BlackBerry Manager be used only to group trusted administrators according to the scope of their administrative responsibility, not for an explicit security purpose, such as limiting access to sensitive data.
 
CollapseAdditional Information
See the BlackBerry Enterprise Solution Security Technical Overview for more information about BlackBerry® Enterprise Solution security features and an overview of the BlackBerry security architecture.
 
Visit www.blackberry.com/security for more information on BlackBerry security.

Disclaimer

By downloading, accessing or otherwise using the Knowledge Base documents you agree:

   (a) that the terms of use for the documents found at www.blackberry.com/legal/knowledgebase apply to your use or reference to these documents; and

   (b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.


Visit the BlackBerry Technical Solution Center at www.blackberry.com/btsc.