[cpufixrmatt]

My company only allows company owned BlackBerrys on the BES, so I have been using my personally owned BB with the redirector function to retrieve my corporate email.

Does my unit still "show up" on the BES anywhere or is using the redirector stealth?

Could the admin disable my ability to use the redirector?

Could the admin push a policy or disable my BB?

Any insight is greatly welcomed! Thanks, Matt

[jibi]

via BES:
1 - no
2 - no
3 - no

via software asset management utilities or domain administrative rights:
1 - if they wanted to find it, they could
2 - if they wanted to do so, they could
3 - no

[BES admin]

We would like more information:

What is your full Name.

Your Email Address.

And finally, the company name and address where you work?

I think we can help here.

[d_fisher]

I think you also need to keep in mind that you are knowingly breaking company rules, rules that were set for the security of the company. You run the risk of being terminated if caught.

[BESMstr]

You can see it in the debug logs. I forget the exact syntax but it is the "Routed" statement. If you're on the BES, it's routed by the BES name, if you're using the redirector, it's routed by "yourSMTPaddress."

Maybe your BES Admins don't know that though. Cross your fingers.--Jeff

[jibi]

Quote:

Originally Posted by BESMstr

You can see it in the debug logs. I forget the exact syntax but it is the "Routed" statement. If you're on the BES, it's routed by the BES name, if you're using the redirector, it's routed by "yourSMTPaddress."

Maybe your BES Admins don't know that though. Cross your fingers.--Jeff

Why would the BES even keep up with users that aren't in its logs? It's a completely different routing path, and I don't see why it would even be flagged in the BES logs, as its not looking for those users. If the user was already on the BES and then moved to redirector (without removing themselves from the BES), then I could potentially see some errors or whatnot showing up in the BES logs.

The only method I know to see from the BES if someone is using redirector or not is to add them to the BES. It scans your mailbox, finds the 'BlackBerryHandheld' attribute database and populates your PIN within the BES. That would be purely guess-work, though.

I agree with d_fisher though - trying to skirt security policies that were put in place for a reason is not a very smart thing to do. Typically for most companies that have to fall under some sort of compliancy laws, this would be extremely frowned upon (most companies should have a decent security model concerning wireless delivery of email).

[BBTechGuy]

If your Admin wanted to find out if someone is running Desktop Redirector then all they would have to do is flag e-mails from . This would capture Desktop Redirector and Enterprise Activation traffic. From there it's easy since a particular user shouldn't be Enterprise Activating repeatedly and would therefore not generate a lot of traffic.

[BESMstr]

I didn't mean to imply that a user should try to circumvent company policy and so apologize if I gave that impression.

I'm not sure why the BES cares about users that are using Desktop Redirector, but I have seen it when troubleshooting a user complaing about not receiving wireless calendar sync on a 3.6 BES. I grepped the user's info from the debug log and noticed that their email was not being routed by the BES but instead by their email account. When i went to their desktop, i opened desktop redirector and the BES name was not present. I uninstalled desktop manager and re-installed, this time setting the account to use the BES instead of Desktop Redirector and of course, all issues were resolved.

--jeff

[jibi]

I could see that happening when a user is added to the BES already, but in the case where a user was not added to the BES, then I don't see how it would. We've had the prior issue with users who switched back to a PST or were on a PST already and plugged in their handheld with Desktop Manager open (assuming all was working after a wireless activation) - the handheld receives new service books (that overwrite the others - CMIME and CICAL only) that have their email address as their UID. However, if the user was not on the BES, then it would not know to look for them, thus no logs.

[BESMstr]

jibi--You're the man and i'm definitely not trying to argue with you. Also, what i'm talking about occurred in both instances on a 3.6 server. In the second instance, i came in after the fact and believe that the help-desk had installed and uninstalled the account on multiple occsions so the BES may definitely have had the account registered. But in the first instance in 2002, the user had never been on the BES, had always used Desktop Redirector because of her distrust of the IT staff at the firm, (prior to my arrival) and yet, her account appeared on the BES. It's also possible that her account had been on the BES prior to my arrival, who can know?

I guess the only way to clear it up, if one were so inclined would be to build a 3.6 server, create a user in the same Exchange org but using Desktop Redirector and see what happens.

Have a good weekend--jb

[BBTechGuy]

The BES will not monitor accounts that were never added to the BES. To do so would require one of two things:

a: The BES search every Exchange Mailbox it can find at some interval which in environments of 20,000+ Mailboxes would be insane.
b: When a user registers for Desktop Redirector it would notify the BES. This is not possible as there is no broadcast method for Desktop Redirector to announce itself over the network in hopes a BES is listening.

[BESMstr]

I hear what everyone is saying and like i said, it's your world i'm just living in it.

I completely agree with everyone's explanation of why it is impossible to tell if a user is on Redirector instead of using the BES.

Maybe i was having a flash-back. Let's blow this ball dead and tarry on to something more exciting.

Thanks--jb

[CanuckBB]

It's difficult, not impossible. Simply deny connections to blackberry.net on the Exchange server and see who complains.