Unable to install Forefront TMG 2010 – Error 0x80074e46

TMG installation problems can be a bit trick to troubleshooting if you don’t know which components are involved, however if you know then things start make more sense. Most of the setup problems that I faced up to now on TMG 2010 (since RTM) were related to ADLDS or some kind of domain connectivity problem. The most two recent examples are described on two articles that I tech reviewed from my friends Bala Natarajan and Niladri Dasgupta wrote:

Last week I worked on an issue where TMG admin was not able to install this brand new TMG to be used as Edge Firewall. The error message that he was receiving was:


After this error the setup process rolled back and finish without completing the installation. As recommended on the previous two articles mentioned in this post, the first step is to review the setup logs and look for more information in order to move the troubleshooting further. In the ADAM Log file we can see the following entry:


When you see an error where trust relationship between client and domain is failing, be sure to do your homework, in other words, check:

  • General connectivity with the DC – can TMG access the DC (ping, tracert, etc)?
  • Name resolution – can TMG resolve DC’s name?
  • NIC Binding Order – is the Internal NIC on the top of the binding order?
  • Secure Channel – is the secure channel between the server where TMG is installed and the DC working correctly?

When I hit the third test I found out the problem:


This was the problem, because Windows (where I was trying to install TMG) was sending the traffic to the wrong interface. Once we moved the Internal to the top, flushdns (with ipconfig) and ran the setup again the issue went away and the installation finished successfully.

Note: same recommendation to have Internal on the top applies to UAG, check it out a great reference on that written by Jason Jones at http://blog.msedge.org.uk/2010/04/recommended-network-card-configuration_14.html

Comments (18)

  1. You are very welcome. Great to hear that it did help you Murtaza!

  2. Excellent, thanks for the feedback!

  3. This option is available on Windows Network, under Advanced:

    1.Click Start, click Network, click Network and Sharing Center, and then click Manage Network Connections.

    2.Press the ALT key, click Advanced, and then click Advanced Settings.

    Make sure Internal is on the top.

  4. Que Bueno! Gracias for the feedback 🙂

  5. Thanks for sharing your solution ursenj !

  6. Crcaker says:


    I can't understand these.Where is the advanced settings?And whitch interface should be there?

  7. ursenj says:

    In my case my TMG server did not have a route back to a DC,.. I made a non persistent route to a subnet with a DC and the install finished,.. route add subnet mask gateway.

  8. Bros says:

    Thanks for your sharing this post can help me.

  9. Murtaza Burhanpurwala [MSFT] Forefront Security says:

    It helped me as well, the Binding Order is the culprit most of the times. Thank you Yuri for this Blog.

  10. Luis Quispe says:

    Gracias por la ayuda hice lo que mencionaste y funciono.

    Un saludo.

  11. kienit719 says:

    thank you very much!

  12. Mohamed says:

    i have solution ,,,, and worked for me
    can you log in as user and in setup will ask you for administrator then type administrator and you pass then it will install

  13. t.shiri says:

    hi, thanks for sharing this post
    i could solve my problem

  14. Rizwan says:

    problem solved.. Thanks:)

  15. shahram pourmonfared says:

    Excellent, thanks for the feedback!

  16. Mohammed chalil says:

    Thanks for the post.. solved my issue

  17. Julius Kamya says:

    I discovered that this problem comes as a result of traffic being sent via the WAN card, i experienced the same problem and when i disabled the WAN card temporarily i was able to continue with the installation, i think you can do the same or move the LAN
    card on top .

  18. TanTran says:

    Thanks u 🙂

Skip to main content