When working with UAG, clients might run into various errors, but the error message that’s displayed to the user may not always clearly tie to the details of the problem. When a user reports a problem, the first step for the UAG administrator is to inspect UAG’s Web Monitor, which would list the full error message, with additional details. For example, the user may see a simple “You have attempted to access a restricted URL”, while the Web Monitor would show a more detailed “The URL is blocked by one or more Forefront UAG out-of-the-box rules for the application”. To make life simpler, here’s a full list of all the error messages UAG might show, with some more information about what they mean. Note that the full text won’t always give you a resolution, but it should point you in at least the general direction.
The URL you have requested is too long.
The HTTP method used in the request is too long.
The HTTP version in the request is too long.
The HTTP header in the request is too long.
An attempt to use an invalid source IP address was detected.
An attempt to use invalid application authorization information was detected.
Unrecognized URL (The URL you have requested is not associated with any application)
There are currently too many users accessing the Web site
The requested download is not allowed by the download policy for this site.
The requested upload is not allowed by the upload policy for this site.
The upload is blocked because it exceeds the maximum size limit (Post too big)
The upload is blocked because the request does not contain a content-type header.
The URL is blocked by one or more Forefront UAG out-of-the-box rules.
The URL is blocked by one or more Forefront UAG out-of-the-box rules for the application.
The URL contains an invalid parameter.
The URL contains an invalid path.
The URL uses an invalid method.
WebDAV methods are not allowed.
Application dont have access policy
Session dont have access policy
The request failed an XML integrity verification.
An HTTP Request Smuggling (HRS) attempt was detected.
The URL is not allowed According to the restricted zone policy for your organization
Failed to bind Source IP (You cannot access this site because a source IP address cannot be bound)
Unpublished link access is blocked (Remote access to the site might not be allowed or the specified site host name may be invalid.)
No farm server is available to handle the browser's request
The certificate chain was issued by an untrusted certification authority (CA).
The specified target common name of the certificate is invalid.
An untrusted certification authority (CA) was detected when processing the smartcard certificate used for authentication.
The certificate has expired.
The certificate type is not valid for the required purpose.
An unknown error occurred while processing the certificate.
The revocation status of the smartcard certificate used for authentication cannot be determined.
An untrusted certification authority (CA) was detected while processing the domain controller certificate used for authentication.
The domain controller certificate used for smartcard logon has expired.
The domain controller certificate used for smartcard logon has been revoked.
The certificate or certificate signature has been revoked.
The certificate signature cannot be verified.
The root certificate is a test certificate. Certificates of this type are blocked by site access policies
A certificate chain is invalid.
The certificate name is invalid. Either the name is explicitly blocked or it is not included in the list of allowed certificates.
The certificate policy is invalid.
The basic constraint extensions of the certificate are invalid or missing.
There are inconsistencies in validity periods specified in the certification chain.
The revocation process cannot complete and the certificate cannot be checked.
Backend server is unavailable.
Failed to add user.
The layers are not initialized.
Failed to get the repositories
Failed to get the users.
Failed to get the user and the repository.
User validation error - You have exceeded the maximum number of logon attempts.
Failed to set the user
Failed to get user information
Unknown activation type
Unknown application type
User validation error (You have exceeded the maximum number of change password attempts)
Dependent application error (This application requires another application or service to be activated. The activation failed.)
Application is not supported on this browser (to run the application access the portal using a browser that complies with endpoint system requirements. )
The page was accessed from an unauthorized URL
User credentials were not submitted within the time limit.
Your account is currently blocked.
Failed to authenticate
The application cannot be started because your browser does not allow Java applets to run.
Forefront UAG endpoint components Installer Error
ADFS problem with WhlAdfsHelper (You have authenticated successfully using Active Directory Federated Services (ADFS) but your user and group membership cannot be identified)
ADFS user is not part of ADFS local group (You have authenticated successfully using Active Directory Federated Services (ADFS) but your user name or group cannot be located in a required Forefront UAG local group.)
File Access application is disabled.