- BlackBerry Enterprise Server 5.0
- BlackBerry Enterprise Server Resource Kit 5.0
- BlackBerry Enterprise Service 10
The BlackBerry Administration Service records an audit of the majority of tasks performed by BlackBerry Administrators using the BlackBerry Administration Service, BlackBerry User Administration Service, or applications that use the BlackBerry Web Service API.
Administrators can run the applicable script below in order to generate a report of the recorded events. The audit script creates and deletes several user-defined functions in the BlackBerry configuration database. In order to run the script, the user will need to be assigned either the db_owner or db_ddladmin role.
- For BlackBerry Enterprise Server 5: BAS_Audit_SQL_Script.sql
- For BlackBerry Enterprise Service 10: BES10_BAS_Audit_SQL_Script.sql
Understanding the results
The easiest way to review the results would be to copy and paste the results of the SQL query into Microsoft Excel. When copying the results, choose from SQL Management Studio and select Copy with Headers so the column headers are preserved.
Key column headers include:
- LoginName/UserDisplayName - User who Made the Change
- ChangeDateTime - Time of Change
- Name - What component was changed, for instance BAS or Dispatcher
- Typetext - What type of setting was changed, possible entries include: Application, Application Settings, Device, Device Password, Device Activation Settings, Groups, It Policy, Master Key, Organization, Service Instance Settings, User, User Password, WLAN settings.
- Actioncode - What type of change it was, added the vale/deleted the value/created/imported
- Field Description - What field above the above type text was changed
- OldValue/NewValue - What the value changed from
Note: Actions performed using the BlackBerry User Administration Service or the BlackBerry Web Service API may be recorded as the account that the service is using to authenticate to the BlackBerry Administration Service rather than the individual that performed the actions.
If required, there are five optional variables that can be modified to further narrow down the query results. To modify these variables, open the script and search for the following variables:
- startDate - The date the search results are to start from.
- endDate - The date the search results are to end at.
- userId - The ID of the user to report on. To find the UserID, the administrator can query the BASUsers table and match the UserID column to the row of the desired user.
- typeName - The BlackBerry Administration Service plug-in identifier.
- plugInId - The number associated with that BlackBerry Administration Service plug-in identifier.
To set the variable to a desired value, simply remove the double hyphen ( --) and insert the desired value. For example, to find all actions for UserId=5, change the script from --SET @userId = 10 to SET @userId = 5 . If the userId is not defined, a report will be done on all users.
The time zone for the data returned in ChangeDateTime field is UTC, not local server time.
Additional information can also be obtained from the BlackBerry Enterprise Server Resource Kit, using the BlackBerry Domain Administration History Reporting Tool (AdminHistory.exe), however, not all administrative tasks are audited in the database tables that this tool reports on. See KB32779 for more information.
By downloading, accessing or otherwise using the Knowledge Base documents you agree:
(b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.
Visit the BlackBerry Technical Solution Center at www.blackberry.com/btsc.