• BlackBerry® Enterprise Server version 2.1 to 5.0
• Microsoft® Exchange Server
• SDR75493
• SDR82260

When a BlackBerry smartphone user tries to send an email message, a red X appears beside the email message in the Messages list, indicating that it cannot be sent.  The Message Status field displays one of the following error messages:

• Unlisted message error
• Desktop email program unable to submit message.

Note: The Message Status field appears above the To field within the email message.

The BlackBerry Enterprise Server debug log file displays the following:

BlackBerry Enterprise Server versions 4.0 to 5.0

[40700] (12/13 15:38:10):{0xFF0} {<user_name>@<domain>} Receiving packet from device, size=111, TransactionId=-2099843783, Tag=147, content type=CMIME, cmd=0x3

[30112] (12/13 15:38:10):{0xFF0} {<user_name>@<domain>} Receiving message from device, RefId=1607656887, Tag=147, TransactionId=-2099843783

[20265] (12/13 15:38:10):{0xFF0} {<user_name>@<domain>} MAPIMailbox::Send(ppMAPIMessage) - SubmitMessage (0x80070005) failed

[20265] (12/13 15:38:10):{0xFF0} {<user_name>@<domain>} MAPIMailbox::Send(ppMAPIMessage) - SubmitMessage (0x80070005) failed

[20000] (12/13 15:38:10):{0xFF0} {<user_name>@<domain>} Send() failed: SUCCESS, Tag=147

[40277] (12/13 15:38:10):{0xFF0} {<user_name>@<domain>} Sending message error to device for message 1607656887

[40583] (12/13 15:38:10):{0xFF0} {<user_name>@<domain>} Sending packet to device, Size=46, Tag=222, TransactionId=-1012978472

BlackBerry Enterprise Server versions 2.1 to 3.6

[40700] (12/13 15:38:10):{0x7FC} {<user_name>@<domain>} Receiving packet from device, size=161, TransactionId=-1966367802, Tag=-1091853399, content type=CMIME, cmd=0x3

[30112] (12/13 15:38:10):{0x7FC} {<user_name>@<domain>} Receiving message from device, RefId=1473556709, Tag=-1091853399, TransactionId=-1966367802

[20265] (12/13 15:38:10):{0x7FC} {<user_name>@<domain>} *** MAPI *** MAPIMailbox::Send(ppMAPIMessage) - SubmitMessage (0x80070005) failed.

[20000] (12/13 15:38:10):{0x7FC} {<user_name>@<domain>} Send() failed: ERR_SUBMIT_MAIL, Tag=-1091853399

[40277] (12/13 15:38:10):{0x7FC} {<user_name>@<domain>} Sending message error to device for message 1473556709

[40583] (12/13 15:38:10):{0x7FC} {<user_name>@<domain>} Sending message to device, Size=85, Tag=6420, TransactionId=-1001413813

When applying the hotfix described in Microsoft Support Knowledge Base article 895949 to Microsoft Exchange Server 2003 SP1 or SP2, or applying the hotfix to Microsoft Exchange Server 2000 SP3, the store.exe utility revokes the Send As permission for all Microsoft Exchange Server administration accounts that have been granted Administer Information Store permission at the mailbox store level.

Note: See article KB00274 for additional causes and resolutions related to this problem.

Resolution 1

If the Microsoft hotfix described in Microsoft Support Knowledge Base article 895949 has not been installed, check the Send As permission requirements. For information on resolving the permission requirements, search for article 912918 on the Microsoft Support Knowledge Base web site.

To grant another account permission to send as the mailbox owner, complete the following steps:

1. Open Active Directory Users and Computers.
2. Click on the Users.
3. Right-click the BlackBerry smartphone user and select Properties.
4. Click the Security tab.
5. Add the account that will be granted the Send As permission.
6. Click the account added in step 5 and select Send As in the Allow column (see screenshot below).
   

   

7. Click OK.

To allow a single account the Send As permissions on all the user accounts in the Microsoft® Active Directory® domain or container, complete the following steps:

1. Open Active Directory Users and Computers.
2. In the View menu, make sure that Advanced Features is selected.
3. Right-click Users and select Properties.
4. Click the Security tab.
5. Click Advanced.
6. On the Permissions tab, click Add.
7. Enter the name of the BlackBerry Enterprise Server service account and click OK.
8. On the Object tab, from the Apply onto drop-down list, click one of the following items:
   • User objects
   • Descendant User Objects if the domain controller is running Windows 2008 Server.
9. Select the Send As permission under the Allow column.
   

   

10. Click OK.

Important: See article KB12827 for more information on applying the hotfix to Microsoft Exchange Server 2003 SP1 or SP2, or on applying the hotfix to Microsoft Exchange Server 2000 SP3.

Resolution 2

If the Microsoft hotfix described in Microsoft Support Knowledge Base article 895949 has been installed, complete the steps below for the appropriate software version of the BlackBerry Enterprise Server.

BlackBerry Enterprise Server version 4.0 to 5.0

1. Check the permission requirements. For information on resolving the permission requirements, search for article 912918 on the Microsoft Support Knowledge Base web site.
2. To clear the Microsoft Exchange Server permissions cache for the BlackBerry Enterprise Server administration account, complete the following steps:
   • Turn off the BlackBerry smartphone for 2 hours.
     
     
     OR
     
     
   • Stop and start the BlackBerry Router.

   Important: Restarting certain BlackBerry Enterprise Server services will delay email message delivery to BlackBerry smartphones. For more information, see KB04789.

To stop and start the BlackBerry Router, complete the following steps:

1. In Windows® Control Panel, open Administrative Tools > Services.
2. Right-click BlackBerry Router.
3. Click Stop, and wait for 2 hours.
4. Right-click BlackBerry Router.
5. Click Start.

   

   Note: The default time for which permissions are cached is controlled by the Mailbox Cache Age Limit registry entry. Therefore, the amount of time needed for clearing the permissions cache depends on the value that has been set for this registry entry. Two hours is the default setting on all Microsoft Exchange Servers. Microsoft recommends changing the default time of 2 hours (120 minutes) for clearing the permissions cache to 20 minutes. The value for the Mailbox Cache Age Limit registry entry may be different in other environments. Refer to this value to determine how long permissions are cached for the administration account. Make sure to wait the amount of time set in the Mailbox Cache Age Limit registry entry to allow the permissions cache to clear. For other options, search for article 912918 on the Microsoft Support Knowledge Base web site.

   For more information about the Mailbox Cache Age Limit registry entry, search for article 327378 on the Microsoft Support Knowledge Base web site or search for the Mailbox Cache Age Limit registry entry on the Microsoft TechNet web site.

BlackBerry Enterprise Server software version 3.6

1. Check the permission requirements. For information on resolving the permission requirements, search for article 912918 on the Microsoft Support Knowledge Base web site.
2. To clear the Microsoft Exchange Server permissions cache for the BlackBerry Enterprise Server administration account, open the Control Panel, then click Administrative Tools > Services.
3. Right-click each BlackBerry Enterprise Server service, then click Stop for each service.

   Important: Restarting certain BlackBerry Enterprise Server services will delay email message delivery to BlackBerry smartphones. For more information, see KB04789

4. Wait for 2 hours.
5. Right-click each BlackBerry Enterprise Server service, then click Start for each service.

   

   Note: The default time for which permissions are cached is controlled by the Mailbox Cache Age Limit registry entry. Therefore, the amount of time needed for clearing the permissions cache depends on the value that has been set for this registry entry. Two hours is the default time on Microsoft Exchange Servers. Microsoft recommends changing the default time of 2 hours (120 minutes) for clearing the permissions cache to 20 minutes. The value for the Mailbox Cache Age Limit registry entry may be different in other environments. Refer to this value to determine how long permissions are cached for the administration account. Make sure to wait the amount of time set in the Mailbox Cache Age Limit registry entry to allow the permissions cache to clear. For other options, search for article 912918 on the Microsoft Support Knowledge Base web site.

   For more information about the Mailbox Cache Age Limit registry entry, search for article 327378 on the Microsoft Support Knowledge Base web site or search for the Mailbox Cache Age Limit registry entry on the Microsoft TechNet web site.

Protected Accounts

If the Send As permission is revoked from a Microsoft Active Directory user account because that user object shares a membership with a protected account, complete the following steps:

Note: For more information and a complete list of protected accounts, search for article 907434 on the Microsoft Support Knowledge Base web site.

1. Remove the protected account membership from the Microsoft Active Directory user object.
2. Assign the Send As permission to the user object again. For instructions, search for article 912918 on the Microsoft Support Knowledge Base web site.
3. Wait for Microsoft Active Directory replication to occur, or force the replication.
4. Complete one of the following steps:
   • Remove the BlackBerry smartphone user from the BlackBerry Enterprise Server, and then wait 20 minutes. Add and activate the BlackBerry smartphone user on the BlackBerry Enterprise Server again.
   • For BlackBerry Enterprise Server versions 4.0 to 5.0, stop the BlackBerry Router service For BlackBerry Enterprise Server versions 2.1 to 3.6, stop the BlackBerry Enterprise Server service.
   • Wait 20 minutes. Start the BlackBerry Router service or the BlackBerry Enterprise Server service again.

     Important: Restarting certain BlackBerry Enterprise Server services will delay message delivery to BlackBerry smartphones. For more information, see KB04789.

Tip: To view the How to verify the Exchange ′Send As′ permissions educational online video, click here.

It is possible to modify Microsoft Active Directory permissions to allow BlackBerry smartphone users who are members of protected groups to send email messages from their BlackBerry smartphones without creating secondary email accounts.  For instructions on modifying the permissions that are associated with the AdminSDHolder Microsoft Active Directory object and have been changed by the recent Microsoft Exchange update, search for article 817433 on the Microsoft Support Knowledge Base web site.

Important: This procedure is not recommended by Microsoft or by Research In Motion.

2007 Daylight Saving Time (DST) patch and the Send As permission

With the new collaboration data object (CDO) update from Microsoft, each BlackBerry smartphone user in the Microsoft Active Directory must have the Send As permission turned on in the BlackBerry Enterprise Server administration account.  If the Send As permission is not turned on in the administration account, the BlackBerry smartphone user cannot send email messages from the BlackBerry smartphone.

When adding a new BlackBerry smartphone user to the BlackBerry Enterprise Server, administrators should make sure that the Send As permission is turned on in the BlackBerry Enterprise Server administration account within Microsoft Active Directory.  When a new BlackBerry smartphone user is added to the BlackBerry Enterprise Server, the BlackBerry smartphone user must either inherit the Send As permission from a parent object in Microsoft Active Directory (for example, through a group permission), or the BlackBerry smartphone user must have this permission set automatically by the BlackBerry Enterprise Server.  If this does not occur, use the SetSendAsPermission tool to set the permission.

To download the SetSendAsPermission tool, click here.  For instructions on using the SetSendAsPermission tool, see KB12300.

For more information on the Microsoft update concerning DST changes in 2007 for Microsoft Exchange 2003 SP2, search for article 926666 on the Microsoft Support Knowledge Base website.

For more information on the impact of DST changes in 2007 on BlackBerry solutions, go to www.blackberry.com/dst2007.