Fix: Amazon Kindle App for BlackBerry Not Working | Permissions Issue

Finally! Amazon releases the Kindle application. Thank you Amazon!

Unfortunately with the default policies enforced by a BlackBerry Enterprise Server (BES) 5.0 I was unable to open the application.

I have created directions for fixing the issue here: BlackBerry 5.0 Applications Not Working | Permissions Issues

Few other disappointing things on the Kindle application for BlackBerry:

  • Lack of support for the BlackBerry Storm 1 or 2. It will only go portrait, won’t turn to landscape view. | iPhone version has this
  • No inverted colors (white text on black), Blackberries have really bad brightness controls, trying to read a book in the dark burns your eyeballs out when the background is white and the brightness is set too high. It also wastes the battery. | iPhone version has this

Other than that it does work as advertised. Amazon if you are out there please make a revision with these two basic and simple things in it. While you are at it please add inverted colors to the desktop version too. Please?

Fix: BlackBerry 5.0 Applications Not Working | Permissions Issues

Since BlackBerry Device 5.0 OS and BlackBerry Enterprise Server (BES) 5.0 a lot of applications no longer work by default. They prompt you for the permissions that the app would like to have. However if you are on a corporate BES server you may not be able to select “allowed”, you may only have the “Prompt” and “Deny”.

If this is the case have no fear. I have already called T-Support and been told its not their problem and I should see the app vendor. Thanks RIM again for that really awesome level 1 support. However this is in fact not the case, it is a BES server issue. RIM should really have level one technical reps that at least know all the corners of the BES application or they shouldn’t be supporting it.

I was able to find the “Application Control Polices” causing the issue. To get this fixed you need to have admin rights to the BES server or get your Admin to do it for you.

Configuring “Application Control Polices”

1) Logon to the BES Server

2) Click on the “Manage Application Control Policies for unlisted Applications” under BlackBerry Solution Management -> Software (on the left had side).

3) Then click on the “Standard Unlisted Optional” link on the right had side

4) Next click the “Edit Application Control Policy” and then “Access Settings” Tab.

5) Finally change the needed permission here. Unfortunately they don’t map name for name on OS and BES so you will have to do some trial and error. Also I have found updating the policy then doing a battery pull on the device and waiting 5 minutes generally tends to get the new policy down to the device.

DISCLAIMER TIME: I have no idea how unsecure this makes your deployment. Use these directions at your own risk. I have set all to “allowed” for the purpose of this screenshot only, I do not recommend doing this unless you know what you are doing. I would love to see some comments on what you find as some of this still doesn’t make total sense to me.

What is a podcast? What are some good Podcasts to listen too?

A lot of people don’t know this, but there is some really good educational, and even entertaining content on the internet.

Podcast is a term that has outgrown its meaning. Today its just a definition for shows and content from the internet.  There are many ways to view and watch these podcasts.  

At home the easiest way is to get something like the Apple TV. For the more tech savvy people, you can hook your notebook up to the TV and watch using a web browser or a media application such as Boxee (which is how I do it). 

On the road, both iPhone and BlackBerry have solutions that will deliver this content to your phone ready for viewing at any time.  iPhones have it built into the iTunes store and anyone with a BlackBerry can use a program called PodTrapper for $10. 

Here are some of the better shows that I watch out there on the interwebs: 

So if you are tired of the same old censored TV programming, try a podcast.  I think you will find them very refreshing.

Why should I use Facebook?

I have been working in the computer industry for over 10 years and until recently I hated the idea of Facebook and other social media sites like MySpace and Twitter. 

At first I didn’t get Facebook. It looked like junky old web site pages with basic information about that person. I didn’t understand the attraction.  What I didn’t get at the time is what it evolved into. Facebook is the best way to stay in touch with other people who you know and care about. 

Is a lot of the content your friends post junk? Yes, yes it is, but the fact is when a buddy of mine from out of state posts anything, I can see it. 

This is the important part.  I wouldn’t normally talk to my out of state buddy on the phone or even via email. Why you ask? Because there just isn’t that much important stuff to talk about. However this is where Facebook becomes valuable.   

Facebook allows people to post the insignificant parts of their lives for all of their friends to see. Not everyone can see what they post, only the people they allow to be their friends.  Do I need to know my best friend is cleaning her room right now? No, probably not, but it’s nice to put a virtual marker out there. It allows me to know she’s ok and also allows me to share in her daily life, and vice versa. 

Here’s a good example. I was once on my way from South Florida to Tampa on a business trip. While in the car, I posted to Facebook that I was “On my way to Tampa for another business trip.” Well a friend of mine who I didn’t know had even moved to Tampa shot me a message and we ended up having dinner together and catching up. I would have never thought to call her, but since she was scanning Facebook at the time we were able to connect. 

Basically, Facebook is a passive way to stay in much greater contact with the people you wouldn’t normally bother actively calling or emailing. It allows everyone to be just a little bit closer in this era of overly busy multitasking we all find ourselves in. 

If you haven’t tried it yet, go ahead and give it a shot. You don’t have to post a thing.  Find your friends (and trust me they are probably already on there) and just see what happens. Facebook won’t email you everything people are doing.  When you have time you check it and catch up with friends.

Cannot connect to Outlook Anywhere (Outlook 2007 RPC over HTTP)

While am a sure there are a ton of reasons Outlook Anywhere will not work, here are the two huge issues we ran into when getting this working.

1) Wild Card Certificates (special handling)

If you are using a wild card certificate, you will need to run the following connect on whatever CAS server you are using:

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*

You can also check what the current settings are by using:

Note: * is replaced with your wildcard certificate name.


by changing that setting it will update autodiscovery to set that into the outlook client configuration as shown here:

For more details about wildcards and Outlook Anywhere go here:

2) Issues with IIS and Certificate Settings

Everyone who is trying to get Outlook Anywhere working should triple check that on the root of the IIS site is set to ignore client certificates.

To do that first go to the properties of the IIS website that has your RPC proxy (the root of the website)

Then click the directory Security Tab, and click Edit on Secure communications

Make sure “Ignore Client Certificates” is selected.

You can change all of the sub folders but you must make sure it is set to ignore on the root site.

So there you have it, those were to two issues we had and were able to resolve.

I would like to thank Jason B (one of my Network Administrators) who did the research to discover the second issue.

Stocks Gadget missing on Windows 7 RTM

If you have used this gadget you probably know that all of the other available stock gadgets don’t come close to its looks and ease of use. I was really disappointed to see Microsoft remove the gadget from the tool kit in the final version of Windows 7.

I am sure they had their reasons; my best guess is whoever provided the quotes for this gadget didn’t want to do it anymore? Or maybe because it does have a 20 minute delay and most apps are real time now?

I was able to find a solution to get the Stock Gadget running on Windows 7 RTM.

I will detail the solution here but to give credit where credit is due I found the solution here (thanks AthlonXP1800):

1) You will need to have the Gadget from Windows 7 RC1 (although I am sure its floating around the internet.) You can find the files you need at “C:\Program Files\Windows Sidebar\Gadgets\Stocks.Gadget” (copy the entire folder)

2) You will also need the “C:\Program Files\Windows Sidebar\wlsrvc.dll” DLL file from the Windows 7 RC1 machine.

NOTE: If you cannot find a Windows 7 RC1 machine you could try using these files from a Vista machines although I am not sure if it would work.

3) Click the Start button, type CMD, when it comes up right click on it and run as administrator (or just press CTRL + SHIFT + ENTER after typing CMD)

4) Once the command prompt window is open type the following commands:

CD “\Program Files\Windows Sidebar”
TAKEOWN /f wlsrvc.dll
icacls wlsrvc.dll /grant %username%:F

5) Take that DLL file from your other machine and copy it to “c:\program files\windows sidebar”

6) Finally, copy the Stocks.Gadget Folder from the other machine and copy it to “c:\program files\windows sidebar\gadgets” folder.

7) You can restart the Sidebar application by running “c:\program files\windows sidebar\sidebar.exe” or by rebooting your PC.

Comcast sucks. Why they don’t get it…


For the third day in a row my high speed internet has been disconnected. Why? Because my HOA (home owners association) has canceled my television service. Now if you are wondering what my TV service has to do with the interwebs, you and I are in the same boat.

Each day I have spent 30 minutes on the phone and they add my modem back to my account.

Today however I demanded 1 month’s service credit for the repeated interruption. The first two times I didn’t even bother to ask. First time I figured it was due to the HOA. Second time I thought ok that was strange. Third time, now they have wasted over an hour of my time.

So the first tech guy was nice and got me up and running and was “checking with billing” for my credit. He then blind transferred me to someone with the initials “WCI”. She asked who I was and what I wanted. I explained I thought I was on hold while the tech got a status on the refund. She then told me it was my fault because I use my own modem.

I want to make it perfectly clear that it’s a problem with their systems and only happened after the HOA stopped paying for TV service.

I cut WCI off and told her that was the final straw and if she was going to be so low as to blame me and my 2 month old cable modem then I didn’t want to be a customer any longer.

Then I got transferred to cancellations, they wanted to know why. I told them because of WCI’s attitude of blaming me. She then proceeded to tell me that they could only give me a credit for 3 days (about 3 dollars). So I canceled my service. I am a free man!

ATT U-Verse here I come!!! Lisa and I are very excited.

One final thing for those of you thinking of canceling, you always pay a month in advance so make sure to tell them to cancel the day that you are paid up to. It will give you enough time to make the switch.

Comcast, shame on you! Your middle managers really all need to be fired. I bet your top executives don’t even know how bad and unsympathetic your customer service is. Not once did any of the three customer service representative take one second to ask why my service was failing each day. All they cared about was handling me per their carefully constructed plan thought up by middle management, a plan which leads to lower hold times and displeased customers. Well ATT has U-Verse now, you need to get your act together or everyone is going to leave you and not even that colorful logo can save you now.

Disable IE8 “Set up Windows Internet Explorer 8” Wizard

So nothing bothers me more than every time I open a new server or desktop on my network then seeing the “Welcome to Internet Explorer8” setup screen.

It was a good idea but not executed well.

The main problem I have with it is users have zero idea what to do or click. Users are very much like sheep and don’t want to think or read anything unexpected for fear they might damage the computer.

However using ether registry setting or GPO you can disable this unwelcomed screen and save yourself some helpdesk calls.

DWORD : “DisableFirstRunCustomize” set to 1 under HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

Use any tool you have to push this to your desktops. I personally use ScriptLogic Software’s Desktop Authority to do this.

Go to a GPO then pick computer or user then Policies (in Vista / 2008 and Windows 7) -> Administrative Templates -> Windows Components -> Internet Explorer

Select “Prevent performance of First Run Customize settings”

Then select Enabled, and “Go Directly to home page”

Thanks to Axel S. for providing the GPO method that I and my team had overlooked!

Fix: BES 5 on SQL 2008 (BAS: “cannot display the webpage”)

Wanted to take a quick second to let everyone know SQL 2008 does work on BlackBerry Enterprise Server 5.0. After spending what could arguably be the greatest waste of one hour of my life on the phone with TSupport they told me it’s not supported. However it does. Since its not officially supported make sure to always tell them you are running SQL 2005 and if for some reason the server breaks you are on your own.

The install was using a remote SQL 2008 cluster (although should work the same for a non-cluster.) The actual install worked fine, DB’s were created and every looked good. NETSTAT –an showed it was listening on 443 but when I went to a browser I would get “Internet Explorer cannot display the webpage”.

I never laugh so hard as when TSupport level 1 told me to click the “Diagnose Connection Problems”. That alone told me I was in for a bumpy ride.

Officially IE8 (Internet Explorer 8 ) is not supported and nether is SQL 2008. This is just another example of RIM not getting it (very common). In fact you think that once got the server running using the migration tools is going to be a snap. Well think again, no IT policy import and export between 4 and 5. Shame on RIM, seriously. Their Java programmers are on another planet. The user migrator isnt bad however.

Make sure to install MR1 right after installing the server (even before its actually working).

So my problem ended up being the SQL settings. Make sure in the BlackBerry Server Configuration you check off “Use dynamic ports”. It will not work hard coded to 1433 even if you have that set on the SQL Server.

One last recommendation, change the LDAP settings to just the domain name. By default it puts a domain controller in there. Only problem, if that DC is not there BES will not be able to query. Assuming your DNS is setup to resolve FQDN to your DC’s then change the LDAP from server.domain.ext to domain.ext as shown in this example. Always make sure to click verify.

*** UPDATE **** Installing the Native SQL Server Client 10.0 also seemed to help. Had problems with Office Communication Server 2007 intergration that was fixed by installing the client. Also make sure you are running the 2.1.19 (for 4.6 OS and lower) and 2.2.21 (for 4.7 OS and greater).