FIX: User authentication may not function for Exchange ActiveSync in a Forefront Unified Access Gateway (UAG) 2010 environment

Article translations Article translations
Article ID: 2743301 - View products that this article applies to.
Expand all | Collapse all

Symptoms

Consider the following scenario:
  • You publish Microsoft Exchange ActiveSync application access on a server that is running Microsoft Forefront Unified Access Gateway (UAG) 2010.
  • You configure UAG access restrictions to limit access to the Exchange ActiveSync application for a specific user name or group membership.
  • A user starts an Exchange ActiveSync connection and provides valid authentication credentials to log on.

In this scenario, the authenticated user may be able to access the Exchange ActiveSync application even when the credentials that were supplied do not match the specific group or user account restrictions that you specified as the UAG administrator.

Cause

This issue occurs because, even though user authentication is required and performed correctly, application authorization may not be enforced for rich client access. An example of rich client access is when a non-browser client agent uses HTTP authentication and does not use HTML Forms Based Authentication (FBA). In this case, the UAG authorization process that is based on the administratively defined group or user accounts may not appropriately restrict client access to the published application.

Resolution

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2710791 Description of Service Pack 2 for Forefront Unified Access Gateway 2010

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 2743301 - Last Review: December 7, 2012 - Revision: 1.0
Applies to
  • Microsoft Forefront Unified Access Gateway 2010 Service Pack 1
Keywords: 
kbqfe kbfix kbexpertiseinter kbsurveynew kbbug KB2743301

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com