Ben Ari's UAG and IAG Blog

Plenty of useful and fun info on UAG, Microsoft's remote access and reverse-proxy product.

Ben Ari's UAG and IAG Blog

  • How to create a static redirector on a UAG trunk

    Using UAG as a static redirector is a major overkill, but occasionally, it makes better sense to use an existing server than build a special box just for a redirect. While IIS has a simple option to setup a redirector, making such configuration changes...
  • UAG Tracing made simple

    ***Updated on Sep 20th 2012…see below*** Unlike many software products, where most errors are presented by the application’s user interface, many of the issues you might encounter have little or no visual indication of what’s going on. In those cases...
  • UAG Error Codes

    When working with UAG, clients might run into various errors, but the error message that’s displayed to the user may not always clearly tie to the details of the problem. When a user reports a problem, the first step for the UAG administrator is to inspect...
  • Make head for headers

    In a previous post, I discussed how UAG’s AppWrap and SRA mechanisms can help you solve problems and enhance functionality by performing on-the-fly modification of content that UAG processes. A lesser-known ability of AppWrap and SRA is editing HTTP Headers...
  • Troubleshooting UAG installation and update problems

    An unpleasant situation is when you’re trying to install a product or an update, and get some error message and a failed installation. If this is on a brand new installation, it could be frustrating, because you didn’t even get a chance to cause any problem...
  • UAG and Office integration

    ***Updated on 23 Jan 2013 with information about Forms-based authentication*** When publishing SharePoint servers, one key feature is office integration – the ability of Office applications to open documents from the UAG site. This might sound like something...
  • UAG and TMG update order

    I’ve referred to types of updates available in another blog post , in which I also list and update all available UAG updates. I also wrote about the update order in another post . However, it appears the topic is still a source of confusion, so I’ll dedicate...
  • UAG custom Form Login

    Single Sign On is one of the most useful features UAG offers, and Form Login is a very unique and clever mechanism. For many applications, this SSO is simple and automatic, but FormLogin can be a little more challenging. This guide will discuss configuring...
  • UAG and your own code!

    One of the greatest aspects of UAG's customizability is the ability to add your own code into the mix (and not just the look and feel of it!). I've already discussed some ways to do this, like a custom endpoint detection script , and adding JavaScript...
  • Troubleshooting IAG Client installation issues

    The IAG client components are an important part of the endpoint security that the product provides, as these detect and report back to the server what is running on that computer, and more importantly - what's not running. The client tools also are also...
  • Enhanced tracing for ASP debugging

    I’ve talked before about how to enable and read UAG’s traces , for advanced debugging and troubleshooting. However, this type of tracing does not cover the entire spectrum. If you ever looked at UAG’s ASP code, you might have noticed that the code has...
  • How to add “change password” direct link to UAG

    One of UAG’s features is the ability to change a user’s password. To do so, the user needs to click on the Credentials Management page on the portal, and then click on Change Password : Some customers asked us how to add a link to this page directly on...
  • UAG, ADFS, Mobile devices and O365

    Two questions that come up often with regards to UAG is its support for the following two scenarios: 1. Publishing Office 365 (O365) 2. Accessing a UAG trunk that’s configured with ADFS authentication through mobile devices. With the release of UAG SP2...
  • Form Login Customization Troubleshooting

    In a recent blog article, I wrote about form-login and how to create a custom one. Later on I thought it might be a good idea to details a little bit about the form-login mechanism, and how it works, which could be helpful in troubleshooting this if it...
  • Shining a light on UAG SP3, IE10 and Windows 8 support

    With the release of UAG SP3, Internet Explorer 10 is now supported by UAG. This support extends to both IE10 on Windows 7 and on Windows 8. Internet Explorer 10 has a few changes to its architecture which can be confusing with regards to how it works...
  • The configuration cannot be loaded from TMG storage

    One of the common errors seen by many UAG users, usually following a new installation, is the error message “The configuration cannot be loaded from Forefront TMG storage. An unrecoverable error has occurred. The application will close”. This is particularly...
  • What’s the deal with “Public host name”?

    As you may have noticed, some of the application templates in UAG have a setting for a “public host name”…like this: This is known as an “application specific hostname”, or A.S.H for short. You can find this option in the Exchange 2007, Exchange 2010...
  • Issues with downloading of attachments from OWA on mobile devices.

    Guest post by Shawn Liu An issue encountered by some users is when trying to access OWA published by UAG via mobile devices and downloading attachments. With some platforms, the user may receive an error saying “According to your organization’s download...
  • AppWrap and SRA

    The Application Wrapper (AppWrap) and SRA are two mechanisms UAG uses to dynamically rewrite the content of textual web data it processes. When UAG delivers a page to the client, one of the core UAG components known as “the filter” parses the content...
  • Using UAG SQL logging or data retrieval

    In a previous article , I discussed querying the TMG log directly, which can be useful if one wants to create a complex query to perform advanced data-mining on the log. The same need might apply to a UAG server. Normally, UAG doesn’t log its data into...
  • SharePoint publishing concepts and considerations

    SharePoint is probably the most common service that is published by UAG servers out there, and it can be really simple, but sometimes extremely difficult. The situation can be challenging because the external access to the site can be non-trivial, and...
  • My UAG, my terms!

    For legal reasons, most website operators are required to include a terms of use text on the front page of their website. Similarly, many UAG administrators need to add such text to the UAG’s login page. Thankfully, UAG supports customizing the login...
  • LSP conflicts and IE crashes

    I’ve written about troubleshooting client component issues with IAG in the past, and recently I’ve noticed some users running into a problem with LSP conflicts. This problem manifests itself as IE crashes on the client, after connecting to the portal...
  • Certified Endpoints in UAG

    A really useful feature of UAG is the checking for Certified Endpoints. This entails installing a digital certificate on client computers, and configuring UAG to check them upon a client’s connection. If the certificate is not there, or revoked, UAG can...
  • Lync publishing on UAG

    Following SP1 Update 1, UAG now supports publishing of Lync. This, however, has some important considerations that need to be followed, with regards to the trunk configuration and the certificates. Even though the Lync application can be added to ANY...