Note: Not all of these may be required for you to access the BSD.
1. Ensure the latest TrustInterlinkSoftware.exe, attached, has been installed as Administrator (right-click > Run as administrator). Once the TrustInterlinkSoftware install is complete, check that the following entry has been added to the file(s) C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config and the C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config if running 64bit machine.
Note. The TrustInterlinkSoftware.exe.must be run via right-click > Run as administrator.
If the above entry is missing from the security.config file, the TrustInterlinkSoftware.exe has not run correctly. The most likely reason will be the user account not having sufficient administrative rights.
2. Via execution of C:\Windows\regedit.exe application, add an ‘EnableIEHosting’ registry key with a DWORD value of 1 to the following paths:
3. Ensure .Net Framework <version> is enabled via Control Panel -> Program and Features -> Turn Windows Features on or off.
4. Ensure that the BES server is defined under IE local intranet zone.
5. Ensure that Internet Explorer Protected Mode is disabled: Internet Options > Security > Local Intranet > Untick 'Enable Protected Mode'
6. Disable FIPS compliance mode as this affects isolated storage used by some .Net components. This can be done under the group policy editor. It’s located under Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options and is called System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing.
It may also be worth looking at some of the security settings in Internet Explorer if none of the above work:
1. On a Microsoft Windows host, open Internet Explorer.
2. From the menu bar, choose Tools => Internet Options to open the Options dialog box.
3. Click the Security tab to bring it to the forefront.
4. In the zone box, select Local Intranet and click Custom Level to open the Security Settings dialog box.
5. Select Enable for everything under “.NET Framework‐reliant components”.
6. Select Enable for everything under “ActiveX controls and plug‐ins”.
7. Click OK to close the Options dialog box.
8. Close the Internet Explorer to ensure that the option changes are retrieved the next time Internet Explorer is opened.
9. On the off chance that you are running Internet Explorer 10+, there may be a further check required: https://support.interlinksoftware.com/customer/portal/articles/1472992
10. If you have applied Microsoft Patch KB3061518 this can cause the .NetHubClient to report the following:
- Client.Connect: Exception A call to SSPI failed, see inner exception.
- Client.Connect: Inner Exception The Local Security Authority cannot be contacted
11. If after completion of all the above, the BSD is still not loading, then it may be a certificate issue within BES itself.
Take a backup of the current webclient.jks, this can be found in /opt/ISS/POWERpack/certs. Place the new one (attached to this article) in the same directory, making sure to replace the old one and retaining ownership and permissions. Once it is on the system, recycle the AlertServer by running the following as ppadmin:
"ppcycle -n AlertServer"
12. We are aware that the following windows update has caused issues with the BSD:
Feature update to Windows 10 (business editions), version 1809 x64 2019-03B, en-gb
Running the TrustInterlinkSoftware2021 fixes the issues. It adds `ISS8` to the .NET security config. See the attached files. Once applied, proceed to step 1 to ensure it has ran correctly.