- You create a Microsoft Forefront Unified Access Gateway (UAG) 2010 Service Pack 1 (SP1) array.
- You configure an HTTPS trunk by using a name such as TrunkAAA.
- You configure a second HTTPS trunk in the same domain suffix by using a name that represents an extension of the first trunk name such as TrunkAAAbbb.
- A client accesses both HTTPS trunks in the same session.
In this scenario, the client connection to an HTTPS trunk may fail, and one of the following error messages occurs:
- Error 152: ADFS User Group - You have authenticated successfully using AD FS, but your user name or group cannot be located in a Forefront UAG local group.
- Error 116: Logon error - The logon process cannot be completed. The page was accessed from an unauthorized URL.
- Error 116 may occur even for Forefront UAG trunks for which Active Directory Federation Services (AD FS) authentication is not configured.
- This problem may also occur when two similarly named trunks are located on separate Forefront UAG server installations, and the client accesses both Forefront UAG server trunks in the same session.
Article ID: 2699807 - Last Review: Dec 7, 2012 - Revision: 1