You are currently offline, waiting for your internet to reconnect

FIX: User authentication may not function for Exchange ActiveSync in a Forefront Unified Access Gateway (UAG) 2010 environment

Symptoms
Consider the following scenario:
  • You publish Microsoft Exchange ActiveSync application access on a server that is running Microsoft Forefront Unified Access Gateway (UAG) 2010.
  • You configure UAG access restrictions to limit access to the Exchange ActiveSync application for a specific user name or group membership.
  • A user starts an Exchange ActiveSync connection and provides valid authentication credentials to log on.

In this scenario, the authenticated user may be able to access the Exchange ActiveSync application even when the credentials that were supplied do not match the specific group or user account restrictions that you specified as the UAG administrator.
Cause
This issue occurs because, even though user authentication is required and performed correctly, application authorization may not be enforced for rich client access. An example of rich client access is when a non-browser client agent uses HTTP authentication and does not use HTML Forms Based Authentication (FBA). In this case, the UAG authorization process that is based on the administratively defined group or user accounts may not appropriately restrict client access to the published application.
Resolution
To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2710791 Description of Service Pack 2 for Forefront Unified Access Gateway 2010
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
Properties

Article ID: 2743301 - Last Review: 12/07/2012 08:28:00 - Revision: 1.0

Microsoft Forefront Unified Access Gateway 2010 Service Pack 1

  • kbqfe kbfix kbexpertiseinter kbsurveynew kbbug KB2743301
Feedback
m/c.gif?DI=4050&did=1&t=">html>ns track by $index" class="col-sm-6 col-xs-24 ng-scope">
DI=4050&did=1&t=">amp;did=1&t=">var varCustomerTracking = 1; var Route = "76500"; var Ctrl = ""; document.write(" ')[0].appendChild(m);" onload="var m=document.createElement('meta');m.name='ms.dqp0';m.content='false';document.getElementsByTagName('head')[0].appendChild(m);" src="http://c1.microsoft.com/c.gif?"> >