Article ID: 2748172
Consider the following scenario:
In this scenario, your logon is unsuccessful.
This issue occurs because Forefront UAG 2010 issues an incorrect DNS query. The incorrect query results in a list of servers. Included in this list are domain controllers that are not global catalog servers. Forefront UAG assumes incorrectly that the list contains only global catalog servers. Because Forefront UAG tries to contact a domain controller that is assumed to be a global catalog server, Forefront UAG cannot complete the authentication process.
To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
(http://support.microsoft.com/kb/2710791/ )Description of Service Pack 2 for Forefront Unified Access Gateway 2010
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/824684/ )Description of the standard terminology that is used to describe Microsoft software updates