Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® Enterprise Service 10

Posts: 24
Registered: ‎11-06-2009
My Device: Not Specified

Integrated Windows Authentication with BES for Domino

An old topic coming back...


I want to setup Integrated Windows Authentication so that BB users on BES for Domino use an individual account/password combination to access intranet resources without being prompted for their credentials. As far as I understand the documentation BlackBerry_MDS_Connection_Service_Integrated_Authentication-Security_Note--1156192-0615043017-001-5.0.2-US.pdf, this should be possible.


Now there seems to be a missing link. Point 5 of the process flow descriptions says "The BlackBerry MDS Connection Service performs the following actions [...] retrieves the Microsoft Active Directory user name for the user from Microsoft Active Directory".


How does this work? Where can I set the relationship between a specific Domino user (and his BlackBerry device) and the AD user account? Is this possible at all? I did not find any reference to it.


Any help is welcome!





New Contributor
Posts: 2
Registered: ‎10-08-2010
My Device: Not Specified

Re: Integrated Windows Authentication with BES for Domino

[ Edited ]

Hello Peter,


Whilst trying to get IA working I had the same log lines as your older posting from January 2011...


>>Must have a mailboxDN for exchange or else a GUID

>>client account is null

>>Unable to to determine user AD login name for impersonation

If you haven't already, you need to add AD Authentication Support to your BES by re-running setup and selecting the Active Directory Authentication check box. Once this is added you can assign your users a link to their AD credentials.