This article describes the features and fixes that are included in Service Pack 2 (SP2) for Microsoft Forefront Unified Access Gateway (UAG) 2010.
Features that are included and issues that are fixed in Service Pack 2
Forefront UAG 2010 SP2 includes the following features:
- Improved Microsoft SharePoint 2010 support
Forefront UAG 2010 SP2 lets users authenticate to a trunk by using Microsoft Office Forms-Based Authentication (MSOFBA) when the trunk uses Active Directory Federation Services (AD FS) 2.0 for authentication.
- Improved Active Directory Federation Services 2.0 support
You can provide remote employees and partner employees with access to published applications that have AD FS 2.0 enabled. For example, you can do the following:
- Use AD FS multi-namespace support: Multi-namespace support for AD FS 2.0 lets you use a single AD FS 2.0 server that has multiple Forefront UAG trunks when the fully qualified domain names (FQDNs or public host names) of the trunks are in different domains. For example, the FQDN of the first trunk is portal.contoso.com, and the FQDN of the second trunk is portal.fabrikam.com. Both trunks can be configured to perform AD FS authentication by using the same AD FS 2.0 server (sts.contoso.com). In this kind of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks or by an AD FS proxy that is parallel to Forefront UAG.
- Use the AD FS proxy to publish the AD FS 2.0 server: Publishing the AD FS 2.0 server by using an AD FS proxy has many advantages over publishing the AD FS 2.0 server through Forefront UAG. These advantages include support for Office 365 authentication and mobile devices.
- Enable complex topologies: You can use Forefront UAG to publish a SharePoint website that is located in one site when the AD FS server is located in another site.
- Added client devices
Forefront UAG 2010 SP2 lets users connect to the following mobile devices:
For more information about Forefront UAG and mobile devices, go to the following Microsoft TechNet website:
- Windows Phone 7.5
- iOS 5.x on iPad and iPhone
- Android 4.x on tablets and phones
Forefront UAG 2010 SP2 includes the following fixes:
FIX: Error message when you try to apply a UAG SP1 array configuration that contains an ADFS trunk: "Invalid External Port address"
FIX: The installation of the Unified Access Gateway 2010 SP1 client components stops responding when you use the MSI-based installer
FIX: Error message when you try to export your configuration settings in Forefront Unified Access Gateway 2010 SP1: "Unspecified error"
FIX: The "Identify by Extension" endpoint download policy does not work as expected in Forefront Unified Access Gateway 2010 SP1 Client
FIX: The "sign out" button and the "user presence" drop-down menu are not visible in Outlook Web Access 2010 when it is published to a Unified Access Gateway 2010 portal
FIX: The NLSessionStrunknamePersistForOffice cookie domain that is generated by Forefront Unified Access Gateway 2010 is set to "host.domain.com" instead of to "domain.com"
FIX: A Unified Access Gateway 2010 SP1 client connection may fail when client traffic fails over between load balanced array nodes
FIX: A client connection to an HTTPS trunk may fail in a Forefront Unified Access Gateway 2010 SP1 array with Error 152 or 116
FIX: Error message when you try to import your configuration settings in Forefront Unified Access Gateway 2010 SP1: "Import configuration failed (0x80070002)"
FIX: Error message when you try to assign an IP address range in Forefront Unified Access Gateway 2010 SP1: "The following array members do not have a static IP address pool defined for VPN client connections"
FIX: External ActiveSync client sessions may be able to view other user mailboxes in Forefront Unified Access Gateway 2010 SP1
FIX: Passwords that contain special characters may not be recognized for Nokia Mail for Exchange users in Forefront Unified Access Gateway (UAG) 2010 SP1
FIX: Configuration activation time may increase significantly after you apply Unified Access Gateway 2010 SP1
FIX: Errors may occur when a user cannot connect to an RD Virtualization Host server after you publish Remote Desktop Services or RemoteApps through Forefront Unified Access Gateway 2010
FIX: You receive the generic "Authentication Failed" error message and are not prompted to change your expired password when you try to log on to a Forefront Unified Access Gateway 2010 portal
FIX: Some security events are not displayed in Web Monitor after a "Warning #18: Invalid Request Version" event is reported when an array deployment is used in Forefront Unified Access Gateway 2010
FIX: User authentication may not function for Exchange ActiveSync in a Forefront Unified Access Gateway (UAG) 2010 environment
FIX: Intermittent socket exhaustion, high CPU and memory usage, and event 111 is logged on a server that is running Forefront Unified Access Gateway 2010
FIX: Application access through a Forefront Unified Access Gateway 2010 server is unsuccessful
FIX: Logon to a Forefront Unified Access Gateway 2010 trunk may be unsuccessful when the Active Directory repository is set to "Use local active directory forest authentication"
FIX: "The application’s digital signature has an error. Do you want to run the application?" error message when you try to log on to a Forefront Unified Access Gateway 2010 trunk
FIX: You may be redirected to an error page after you install security update 2649261 on a server that is running Forefront Unified Access Gateway 2010
FIX: HTTP 500 or "The page cannot be displayed" error message when you try to access the Forefront Unified Access Gateway 2010 portal or a published application
FIX: You receive multiple authentication prompts when you try to use Forefront Unified Access Gateway 2010 to open an Office document that is stored on a SharePoint site
FIX: A client who uses Forefront Unified Access Gateway 2010 to browse to an Outlook Web App website may receive HTTP 500 errors intermittently instead of a Forefront Unified Access Gateway 2010 error page
FIX: A new mail profile is not created when you try to create the profile on a client computer that connects to the Client Access server through Forefront Unified Access Gateway 2010
Additionally, this service pack includes fixes for some stability issues.Note
Forefront UAG 2010 SP2 is cumulative and includes the following previous fixes and security updates:
Rollup 1 for Forefront Unified Access Gateway (UAG) 2010 Service Pack 1 Update 12663860
MS12-026: Vulnerabilities in Forefront Unified Access Gateway (UAG) could allow information disclosure: April 10, 2012
Service Pack information
The following file is available for download from the Microsoft Download Center:
To install this service pack, you must be running Update 1 for Forefront UAG 2010 SP1. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
Description of the Service Pack 1 Update 1 for Forefront Unified Access Gateway (UAG)
- Forefront UAG 2010 SP2 is provided as a service pack update that can be installed on existing Forefront UAG servers. For more information, go to the following Microsoft TechNet website:
- If you run Forefront UAG 2010 in an array configuration, you must apply this update to each array member.
- Before you install Forefront UAG 2010 SP2, we recommend that you create a system restore point. You do not have to back up your existing Forefront UAG 2010 configuration because a backup is automatically created during the installation of Forefront UAG SP2.
- Before you install Forefront UAG 2010 SP2, we recommend that you read the release notes and the installation instructions. To do this, go to the following Microsoft TechNet websites:
- For more information about how to uninstall or roll back Forefront UAG 2010 SP2, go to the following Microsoft TechNet website:
You must restart the computer after you apply this service pack.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
Description of the standard terminology that is used to describe Microsoft software updates
Article ID: 2710791 - Last Review: December 7, 2012 - Revision: 2.0
- Microsoft Forefront Unified Access Gateway 2010
|kbqfe kbfix kbexpertiseinter kbsurveynew kbbug KB2710791|