Symptoms
Consider the following scenario:
-
You publish Outlook Web App by using an instance of Microsoft Forefront Threat Management Gateway 2010 that has the RSA SecurID authentication enabled.
-
The single sign-on feature is enabled on the Forefront Threat Management Gateway server when you use RSA SecurID delegation to authenticate to the published application.
-
You have Internet Information Services (IIS) 7 with the RSA agent enabled for Outlook Web App.
In this scenario, when you provide your user credentials to access the Outlook Web App site, you do not receive access to the site. Instead, you receive the following error message:
Bad Request
You expect to be provided access to your Inbox or to the first page of Outlook Web App.
Note A similar configuration works correctly with Internet Security and Acceleration (ISA) Server 2006.
Resolution
To resolve this issue, install the hotfix package that is described in the following Microsoft Knowledge Base article:
2649961 Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
