Μετάβαση στο κύριο περιεχόμενο
Υποστήριξη
Είσοδος
Είσοδος με Microsoft
Είσοδος ή δημιουργία λογαριασμού.
Γεια σας,
Επιλέξτε διαφορετικό λογαριασμό.
Έχετε πολλούς λογαριασμούς
Επιλέξτε τον λογαριασμό με τον οποίο θέλετε να εισέλθετε.
Αγγλικά
Λυπούμαστε. Αυτό το άρθρο δεν είναι διαθέσιμο στη γλώσσα σας.

Symptoms

Consider the following scenario:

  • You publish a web server and authenticate all requests in a Microsoft Forefront Threat Management Gateway (TMG) 2010 environment.

  • You set Authentication delegation to Kerberos constrained delegation (KCD).

  • You experience a network issue such as a loss of network connectivity, or the domain controller is restarted.


In this scenario, the connection to the domain controller is closed, and TMG 2010 never tries to reestablish the connection.

Resolution

To resolve this problem, install the hotfix package that is described in the following Microsoft Knowledge Base article:

2735208 Rollup 3 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

By default, TMG 2010 uses the "Domain NETBIOS name\User name" format when it requests a Kerberos ticket. Therefore, the domain name and the user name in the Kerberos ticket resemble the following:

User: FirstName.LastName
Realm: MyCompanyUpdate 960146 introduced a design change to control the format of the domain name and the user name. This design change was made in Microsoft Internet Security and Acceleration (ISA) Server 2006 and is maintained in TMG 2010.

If a network issue is experienced, such as a network connectivity issue, or the domain controller is restarted, the connection with the domain controller is disconnected. Additionally, TMG never tries to establish the connection again. This may cause TMG to leave the user name and domain name unformatted.

References

For more information about the design change introduced in update 960146, click the following article number to go to the article in the Microsoft Knowledge Base:

960146 An update is available for ISA Server 2006 to control the domain name and user name format in Kerberos Constrained Delegation scenariosFor more information about software update terminology, click the following article number to go to the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Facebook LinkedIn Ηλεκτρονικό ταχυδρομείο
ΕΓΓΡΑΦΗ ΣΤΙΣ ΤΡΟΦΟΔΟΣΙΕΣ RSS

Χρειάζεστε περισσότερη βοήθεια;

Θέλετε περισσότερες επιλογές;

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Σας βοήθησαν αυτές οι πληροφορίες;

Τι επηρέασε την εμπειρία σας;
Πατώντας "Υποβολή" τα σχόλια σας θα χρησιμοποιηθούν για τη βελτίωση των προϊόντων και των υπηρεσιών της Microsoft. Ο διαχειριστής IT θα έχει τη δυνατότητα να συλλέξει αυτά τα δεδομένα. Δήλωση προστασίας προσωπικών δεδομένων.

Σας ευχαριστούμε για τα σχόλιά σας!

×