Jim Harrison recently pointed out to me that there’s a small problem with the UAG DirectAccess Test Lab Guide, which you can find over at http://technet.microsoft.com/en-us/library/ee861167.aspx If you haven’t seen the Test Lab Guide yet, or if you haven’t had a chance to run it, I highly recommend that you do. We recently updated it…
Year: 2010
Introduction to “The Edge Man”
Hey folks! This is Tom Shinder and I’ve been asked to introduce myself and my Edge Man blog. Some of you might already know me from my days at www.isaserver.org where I covered ISA Server and then TMG for the last ten years. It seemed like it was time for a change, so I joined…
Configuring an External Load Balanced UAG DirectAccess Array for an IPv4 Only Network
The article Configuring external load balancing for a Forefront UAG DirectAccess array at http://technet.microsoft.com/en-us/library/ee690463.aspx describes how you would configure a UAG DirectAccess array when using external load balancers. In the example provided on that page, you will see that both internal and external load balancers are required to complete the solution. However, the requirement for…
Forefront UAG tracing is available
Forefront UAG tracing is available UAG 2010 introduced a new trace mechanism that is based on Event Tracing for Windows (ETW); a high-performance, low overhead, scalable tracing mechanism that is provided by the Windows operating system. UAG tracing provides detailed failure and debugging information in a binary format. This binary information can be converted into…
Split-Brain DNS: Configuring DirectAccess for Office Communications Server (OCS)
One of the considerations for DirectAccess planning is to decide which DNS names should be resolved internally, by your organization’s internal DNS servers, and which should be resolved externally, using the traditional DNS server configured for your computer’s network interface. This distinction about which DNS server to send each query to is configured on a…
Forefront Edge Content Newsletter – Issue 2
Issue 2 | May 2010 | Bi-Monthly Update Forefront Edge on the Wiki The Anywhere Access iX Team has posted ~ 25 articles to the new TechNet Wiki! Forefront TMG launched a series of articles on the wiki about troubleshooting. Posted so far in this series, by Rachel Aldam: · Troubleshooting Forefront TMG URL Filtering…
The Mystery of the IP-HTTPS Listener, an Outlook Client and an IPv4 Only Network
A customer presented the DirectAccess team with an interesting problem that brought together many pieces of how a DirectAccess works, and how things might not work in certain circumstances. Because the problem was an interesting one, and because it highlights how some features of DirectAccess work, we thought it might be a good idea to…
How to configure UAG to send Request Headers to published Web Applications
Summary: I recently had a customer ask if they could send header values with Forefront Unified Access Gateway (UAG) to published web servers. While this is pretty simple once you know how to do it, I found there was little documentation on this topic, so I thought I would share this information in this blog….
DirectAccess, Mobile connections, DNS records, and more
Hello there! My name is Daniele Francioni and I work as an IT consultant in Microsoft Italy. As you know, DNS is a core element in many kinds of IT infrastructures, from Active Directory to IPv6 networks; however, in IPv6 networks, addresses are simply too long and too cryptic to remember and use. Dynamic DNS…
Deep dive into UAG DirectAccess (Certificate Enrollment)
Today I want to talk about how to configure the UAG DirectAccess server security policy to enable certificate enrollment from the Certificates MMC console. By default, when you try to use the Certificates MMC console for certificate enrollment from the UAG DirectAccess server you will see the RPC server is unavailable message, as seen in…