Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® World™ Development

Reply
Developer
hasdy
Posts: 21
Registered: ‎08-12-2008
My Device: Not Specified

Mapping between Active Directory user to BES user

Hi all,

 

I have a requirement to be able to access a user's AD profile based on their device PIN.

 

All the devices are managed through BES.  So without having to add device PINs to each user's AD profile.... is there a way to map a BES user to their corresponding AD user via their device PIN?

 

Perhaps a GUID stored in BES that maps to their AD GUID?

 

Note:  Using .NET; so a DLL with an API to do this would be most convenient  :smileyhappy:

 

Any help is appreciated.

 

Thanks!

Please use plain text.
Developer
br14
Posts: 497
Registered: ‎06-24-2008
My Device: Not Specified

Re: Mapping between Active Directory user to BES user

What is the context of your app? Are you running as a web app as suggested by the .Net?

Please use plain text.
Developer
hasdy
Posts: 21
Registered: ‎08-12-2008
My Device: Not Specified

Re: Mapping between Active Directory user to BES user

Sort of.

 

I'm using the Velocity Mobile Platform (kryosvelocity.com).  which uses the http transport to retrieve xml, that is used to render the view.

 

That being said..... it is a .NET web app... that produces VelocityXML (vXML).   

 

At any rate, my problem lies with the integration of AD user to device.  What I get from the request is a device PIN.  How do I get an AD user based on that device PIN?  

 

BlackBerry Enterprise Resource Kit?

BlackBerry Administratin API?   <--- what if it's BES 5.1 or higher?

 

Thanks,
Eric

 

 

 

Please use plain text.
Developer
br14
Posts: 497
Registered: ‎06-24-2008
My Device: Not Specified

Re: Mapping between Active Directory user to BES user

You can configure the BES/MDS server to send the BlackBerry users primary email in a HTTP header. 

 

Typically that email contains the users network ID as the prefix.

 

http://supportforums.blackberry.com/t5/Testing-and-Deployment/Add-an-email-address-and-PIN-to-HTTP-r...

Please use plain text.
Developer
hasdy
Posts: 21
Registered: ‎08-12-2008
My Device: Not Specified

Re: Mapping between Active Directory user to BES user

That's a good suggestion.  I can definitely do an AD search based on the email.

 

Although how can we ensure that the primary email is assigned to the corporate email address in AD?

 

For example.... I can have abc@mycompany.com setup via BES and abc@gmail.com setup via BIS.

 

As a user, i could set abc@gmail.com as my default... right?

 

Is there a way from BES to restrict a user's default email preference so that it's always the corporate email and not some other email address?

 

Thanks!

Please use plain text.
Developer
br14
Posts: 497
Registered: ‎06-24-2008
My Device: Not Specified

Re: Mapping between Active Directory user to BES user

Pretty sure that BES works with the primary email. In general the other email addresses are aliases to the primary address.

 

On the device the primary email can be set from the Options app using Default Services (you get there different ways depending on the OS). You can set the default mail account from that option.

Please use plain text.
Developer
hasdy
Posts: 21
Registered: ‎08-12-2008
My Device: Not Specified

Re: Mapping between Active Directory user to BES user

Right.... you hit the point I was trying to make.

 

I don't want the user to be able to change their default mail account from their device.  I want it always set to their corporate email account.

 

I was looking for a strategy to disable the user's ability to change that default from their device.

 

Any ideas?

 

thanks in advance

Please use plain text.
Developer
br14
Posts: 497
Registered: ‎06-24-2008
My Device: Not Specified

Re: Mapping between Active Directory user to BES user

"I was looking for a strategy to disable the user's ability to change that default from their device."

 

If this is a corporate device, then the IT policies mandated from the BES will most likely prevent such a change.

 

I've done this before and never experienced any issues of the type you describe using email.

 

There is the odd problem when email ID's change (e.g. due to a name change of either the person or the company). In those cases, the problem is still not one your app is likely to have to deal with (except perhaps adjusting for the timing of the change) since it is just as much a problem on the BES side.

Please use plain text.
New Member
rocellmaniac
Posts: 2
Registered: ‎04-13-2011
My Device: Model
My Carrier: Blackberry

Re: Mapping between Active Directory user to BES user

Just Dial, US largest business directory and yellow pages online offers top US business search. Us.justdial.com provides complete local search guide for b2b business directory US and make your business visible online – US Just Dial.

 

Please use plain text.