Azure Hybrid & Cloud Migration Blog

Author: Zahir Hussain Shah | MVP Exchange Server, CISSP

Recently I happened to perform a POC of BlackBird Auditor (BBMS 3.2.55) product for Exchange Server 2010 Auditing, which is a competitor for Quest Change Auditor for Exchange Server, while performing this POC, we found couple of strange facts about this product against the Exchange messaging organization. Lets go ahead and highlight them.

Installation Problem

– Upon installing the BlackBird agent on the Exchange Server CAS for one server, the product unintentionally installed agent it on all the Exchange Server in the organization.

– While installing the agent on the Exchange Server, it restarted the Exchange Services, and stopped or failed to start the IIS (World Wide Web Service).

– Till the time Blackbird was installed on all the Exchange Servers, Outlook connectivity for the end-users were disturb and all the users were keep prompting for the user name and password, which could be cause of the performance problem, because BlackBird exports all Exchange Server and user related activities to the central BlackBird server.

Uninstallation Problem

– When we performed the uninstallation of the product, from all the servers, the Blackbird management suite said that the agent is offline, but upon checking the agent was running.

– Just like installation, when we performed the uninstallation of the product, it restarted all the Exchange Services (CAS/HUB/MBX), and this time turned the RPC Client Access Service into stopping mode, which doesnt get stopped even after running for longer time period.

– Thus as a last resort we had to restart the Exchange 2010 CAS / HUB servers

Cause / Solution:

After informing the product vendor, they said there are few bugs found in the problem, and soon the patch will be released.

Cheers!