Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.10
  3. BlackBerry UEM Architecture and Data Flows
  4. Activating devices
  5. Data flow: Activating a BlackBerry OS device

Data flow: Activating a 
BlackBerry
 OS device

 
Diagram showing the steps and the BlackBerry UEM components used when activating an BlackBerry OS device
 
  1. You use the management console to create a new user account and use one of the following options to provide the user with activation details:
    • Automatically generate a device activation password and send an email with activation instructions for the user
    • Set a device activation password and communicate the username and password to the user directly or by email
    • Don't set a device activation password and communicate the 
      BlackBerry Web Desktop Manager
       address to the user so that they can set their own activation password
    The device user list stored in the 
    BlackBerry UEM
     database is updated with the new device user name, email address, mailbox information, activation password, activation status, and other information.
  2. The 
    BlackBerry Dispatcher
     for 
    BlackBerry
     OS assigns the new user to a 
    BlackBerry Messaging Agent
    . The 
    BlackBerry Messaging Agent
     starts to monitor the user's mailbox on the mail server for new email. An email containing an etp.dat file attachment is required to continue the activation process.
  3. The device user navigates to the Enterprise Activation screen on the 
    BlackBerry
     OS (version 5.0 to 7.1) device and types the email address and activation password. The device user opens the menu and clicks Activate. The device displays "Activating."
  4. The device creates an activation request email that contains the email address, device PIN, and public key authentication information, based on the enterprise activation password the user typed. The device encrypts the email using SPEKE and sends it to the 
    BlackBerry Infrastructure
    .
  5. The 
    BlackBerry Infrastructure
     receives the activation request email and identifies it as an activation request. The 
    BlackBerry Infrastructure
     forwards the email using SMTP to the email address that the user typed on the Enterprise Activation screen.
  6. When the activation request email arrives in the user's mailbox, the 
    BlackBerry Messaging Agent
     identifies it and removes it from the user's mailbox. The 
    BlackBerry Messaging Agent
     recognizes the etp.dat attachment in the activation request email and begins an authentication process.
  7. The 
    BlackBerry Messaging Agent
     compares the authentication key received in the activation request email with the authentication key generated from the activation password and stored in the 
    BlackBerry UEM
     database. If the authentication keys match, the 
    BlackBerry Messaging Agent
     notifies the 
    BlackBerry
     OS device that the activation request was received. 
  8. BlackBerry UEM
     and the 
    BlackBerry
     OS device establish an encryption key and verify their knowledge of the encryption key to each other.
    The 
    BlackBerry
     OS device displays "Encryption Verified. Waiting for Services."
    All the data sent between the 
    BlackBerry
     OS device and 
    BlackBerry UEM
     from now on is compressed and encrypted using this encryption key and the device can now be managed from the management console.
  9. The 
    BlackBerry Messaging Agent
     forwards a request to the 
    BlackBerry Policy Service
     to generate service books. The 
    BlackBerry Policy Service
     receives and queues the request. The 
    BlackBerry Policy Service
     adds the unique authentication key that the 
    BlackBerry UEM
     domain uses to sign IT policy data and then forwards the IT policy data through the 
    BlackBerry Dispatcher
     for 
    BlackBerry
     OS to the device. The 
    BlackBerry Policy Service
     waits for confirmation from the device that the IT policy has been applied successfully.
  10. The 
    BlackBerry
     OS device applies the IT policy and sends a confirmation to 
    BlackBerry UEM
    . The IT policy applied to the 
    BlackBerry
     OS device is now in a read-only state and can be modified only by updates sent from the same 
    BlackBerry UEM
     domain.
  11. Once the 
    BlackBerry Policy Service
     receives confirmation that the IT policy was applied successfully, the 
    BlackBerry Policy Service
     generates and sends the service books to the 
    BlackBerry
     OS device.
  12. The 
    BlackBerry
     OS device receives the service books. The device user is notified that the email address has been activated.
    The 
    BlackBerry
     OS device displays "Services Received. Your email address, <
    username
    >@<
    domain
    >.com is now enabled." 
    The device user can now send and receive email messages on the 
    BlackBerry
     OS device.
  13. The slow synchronization process begins. The 
    BlackBerry
     OS device requests the synchronization configuration information from the 
    BlackBerry Synchronization Service
    . The configuration information indicates whether wireless data synchronization on 
    BlackBerry UEM
     is turned on and which organizer databases can be synchronized. The configuration information also provides database synchronization types (unidirectional or bidirectional) and conflict resolution settings.
  14. The 
    BlackBerry Synchronization Service
     returns the configuration information and synchronizes the databases on the 
    BlackBerry
     OS device using that information.
    The 
    BlackBerry
     OS device and 
    BlackBerry UEM
     do not delete records during the initial synchronization process.
  15. The slow synchronization process is complete when all databases are synchronized between the 
    BlackBerry
     OS device and 
    BlackBerry UEM
    .
    The activation process is complete when the 
    BlackBerry
     OS device displays “Activation Complete” and the device user account status displays “Completed” in the management console or 
    BlackBerry Administration Service
    .