Swedish Windows Security User Group

An updated tracing package is now available from the Microsoft Download center page for Forefront Unified Access Gateway (UAG) Tracing Symbols.  This new trace package includes formatting for all UAG versions through Service Pack 4 Rollup 1.

Forefront UAG tracing can be run on the Forefront UAG server and on client endpoint devices connecting to Forefront UAG resources. You configure trace settings, start tracing, reproduce scenarios that require troubleshooting, stop tracing, and then convert the binary tracing output to text using the provided format files.

This download provides the following:
• A set of .tmf files in a zip file. These .tmf files can be used to convert binary trace files on the Forefront UAG server, and on client endpoint devices.
• A EULA license
• A document with instructions for configuring and running tracing

Note that the zip file provided by this download is cumulative. .tmf files included in the zip file can be used with the RTM version of Forefront UAG, and with subsequent Forefront UAG releases.

Versions of .tmf files provided by this download are as follows:

• UAG RTM (Version 4.0.1101.000)
• UAG Update 1 (Version 4.0.1152.100) KB Article 981323
• UAG Update 2 (Version 4.0.1269.200), KB Article 2288900
• UAG RTM MS10-089 bulletin (Version 4.0.1101.052), KB Article 2433585
• UAG Update 1 MS10-089 bulletin (Version 4.0.1152.150), KB Article 2433584
• UAG Update 2 MS10-089 bulletin (Version 4.0.1269.250), KB Article 2418933
• UAG SP1 (Version 4.0.1752.10000), KB Article 2285712
• UAG SP1 Rollup 1 (Version 4.0.1752.10020), KB Article 2475733
• UAG RTM MS11-079 bulletin (Version 4.0.1101.063), KB Article 2522482
• UAG Update 1 MS11-079 bulletin (Version 4.0.1152.163), KB Article 2522483
• UAG Update 2 MS11-079 bulletin (Version 4.0.1269.284), KB Article 2522484
• UAG SP1 MS11-079 bulletin (Version 4.0.1752.10073), KB Article 2522485
• UAG SP1 Update 1 (Version 4.0.1773.10100), KB Article 2585140
• UAG SP1 MS12-026 (Version 4.0.1753.10076), KB Article 2649261
• UAG SP1 Update 1 MS12-026 (Version 4.0.1773.10190), KB Article 2649262
• UAG SP2 (Version 4.0.2095.10000), KB Article 2710791
• UAG SP3 (Version 4.0.3123.10000), KB Article 2744025
• UAG SP3 Rollup 1 (Version 4.0.3206.10100), KB Article 2827350
• UAG SP4 (Version 4.0.4083.10000), KB Article 2861386
• UAG SP4 Rollup 1 (Version 4.0.4160.10100), KB Article 2922171

Thank you,

The Forefront UAG Product Team

Get the latest System Center news on Facebook and Twitter:

The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/ 
The Forefront TMG blog: http://blogs.technet.com/b/isablog/ 
The Application Proxy blog: http://blogs.technet.com/b/applicationproxyblog/

The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/ 

System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/

App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv

An updated tracing package is now available from the Microsoft Download center page for Forefront Unified Access Gateway (UAG) Tracing Symbols.  This new trace package includes formatting for all UAG versions through Service Pack 4 Rollup 1.

Forefront UAG tracing can be run on the Forefront UAG server and on client endpoint devices connecting to Forefront UAG resources. You configure trace settings, start tracing, reproduce scenarios that require troubleshooting, stop tracing, and then convert the binary tracing output to text using the provided format files.

This download provides the following:
• A set of .tmf files in a zip file. These .tmf files can be used to convert binary trace files on the Forefront UAG server, and on client endpoint devices.
• A EULA license
• A document with instructions for configuring and running tracing

Note that the zip file provided by this download is cumulative. .tmf files included in the zip file can be used with the RTM version of Forefront UAG, and with subsequent Forefront UAG releases.

Versions of .tmf files provided by this download are as follows:

• UAG RTM (Version 4.0.1101.000)
• UAG Update 1 (Version 4.0.1152.100) KB Article 981323
• UAG Update 2 (Version 4.0.1269.200), KB Article 2288900
• UAG RTM MS10-089 bulletin (Version 4.0.1101.052), KB Article 2433585
• UAG Update 1 MS10-089 bulletin (Version 4.0.1152.150), KB Article 2433584
• UAG Update 2 MS10-089 bulletin (Version 4.0.1269.250), KB Article 2418933
• UAG SP1 (Version 4.0.1752.10000), KB Article 2285712
• UAG SP1 Rollup 1 (Version 4.0.1752.10020), KB Article 2475733
• UAG RTM MS11-079 bulletin (Version 4.0.1101.063), KB Article 2522482
• UAG Update 1 MS11-079 bulletin (Version 4.0.1152.163), KB Article 2522483
• UAG Update 2 MS11-079 bulletin (Version 4.0.1269.284), KB Article 2522484
• UAG SP1 MS11-079 bulletin (Version 4.0.1752.10073), KB Article 2522485
• UAG SP1 Update 1 (Version 4.0.1773.10100), KB Article 2585140
• UAG SP1 MS12-026 (Version 4.0.1753.10076), KB Article 2649261
• UAG SP1 Update 1 MS12-026 (Version 4.0.1773.10190), KB Article 2649262
• UAG SP2 (Version 4.0.2095.10000), KB Article 2710791
• UAG SP3 (Version 4.0.3123.10000), KB Article 2744025
• UAG SP3 Rollup 1 (Version 4.0.3206.10100), KB Article 2827350
• UAG SP4 (Version 4.0.4083.10000), KB Article 2861386
• UAG SP4 Rollup 1 (Version 4.0.4160.10100), KB Article 2922171

Thank you,

The Forefront UAG Product Team

Get the latest System Center news on Facebook and Twitter:

The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/ 
The Forefront TMG blog: http://blogs.technet.com/b/isablog/ 
The Application Proxy blog: http://blogs.technet.com/b/applicationproxyblog/

The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/ 

System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/

App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv

An updated tracing package is now available from the Microsoft Download center page for Forefront Unified Access Gateway (UAG) Tracing Symbols.  This new trace package includes formatting for all UAG versions through Service Pack 4 Rollup 1.

Forefront UAG tracing can be run on the Forefront UAG server and on client endpoint devices connecting to Forefront UAG resources. You configure trace settings, start tracing, reproduce scenarios that require troubleshooting, stop tracing, and then convert the binary tracing output to text using the provided format files.

This download provides the following:
• A set of .tmf files in a zip file. These .tmf files can be used to convert binary trace files on the Forefront UAG server, and on client endpoint devices.
• A EULA license
• A document with instructions for configuring and running tracing

Note that the zip file provided by this download is cumulative. .tmf files included in the zip file can be used with the RTM version of Forefront UAG, and with subsequent Forefront UAG releases.

Versions of .tmf files provided by this download are as follows:

• UAG RTM (Version 4.0.1101.000)
• UAG Update 1 (Version 4.0.1152.100) KB Article 981323
• UAG Update 2 (Version 4.0.1269.200), KB Article 2288900
• UAG RTM MS10-089 bulletin (Version 4.0.1101.052), KB Article 2433585
• UAG Update 1 MS10-089 bulletin (Version 4.0.1152.150), KB Article 2433584
• UAG Update 2 MS10-089 bulletin (Version 4.0.1269.250), KB Article 2418933
• UAG SP1 (Version 4.0.1752.10000), KB Article 2285712
• UAG SP1 Rollup 1 (Version 4.0.1752.10020), KB Article 2475733
• UAG RTM MS11-079 bulletin (Version 4.0.1101.063), KB Article 2522482
• UAG Update 1 MS11-079 bulletin (Version 4.0.1152.163), KB Article 2522483
• UAG Update 2 MS11-079 bulletin (Version 4.0.1269.284), KB Article 2522484
• UAG SP1 MS11-079 bulletin (Version 4.0.1752.10073), KB Article 2522485
• UAG SP1 Update 1 (Version 4.0.1773.10100), KB Article 2585140
• UAG SP1 MS12-026 (Version 4.0.1753.10076), KB Article 2649261
• UAG SP1 Update 1 MS12-026 (Version 4.0.1773.10190), KB Article 2649262
• UAG SP2 (Version 4.0.2095.10000), KB Article 2710791
• UAG SP3 (Version 4.0.3123.10000), KB Article 2744025
• UAG SP3 Rollup 1 (Version 4.0.3206.10100), KB Article 2827350
• UAG SP4 (Version 4.0.4083.10000), KB Article 2861386
• UAG SP4 Rollup 1 (Version 4.0.4160.10100), KB Article 2922171

Thank you,

The Forefront UAG Product Team

Get the latest System Center news on Facebook and Twitter:

_64a4101d-1898-43ad-8493-b15123a8f037.gif” border=”0″ />

_e463ef66-6372-4614-ad1b-a2e20e16de5f.gif” border=”0″ />

The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/ 
The Forefront TMG blog: http://blogs.technet.com/b/isablog/ 
The Application Proxy blog: http://blogs.technet.com/b/applicationproxyblog/

The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/ 

System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/

App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv

Once again the UAG product group have worked diligently on releasing a much awaited update for UAG – SP4 Rollup 1

This update includes numerous fixes for the issues we have heard from customers over the last 12 months, plus also some improvements. However, one particular issue is not included in this release, so we thought to share the details on this…

  Problem Scenario

Users from a trusted forest are unable to change their password using the Credentials Management option on the UAG portal page.

E.g., a user from a trusted forest logs into the UAG portal and selects the Credentials Management icon on the toolbar. The user then chooses the “Change Password” option, which displays the password change dialog. After completing the form with their current and new password, the user clicks “Save” to apply the change. However, the password is not changed and the user receives an error message stating, “The password change cannot be applied”.

On the other hand, this behavior does not affect users from a domain within the UAG forest and their password is successfully changed. In this scenario, you may also observe that the “User name:” field appears to display the logged in user’s name as “Repository\username”, rather than “TrustedForest\username”.

  The Solution

The suggested fix is to make a modification to UAG’s LoginChangePassword.inc,so that the domain_name variable includes the user’s respective domain.

It’s not possible to customize the LoginChangePassword.incfile using the standard UAG CustomUpdate mechanism, and therefore it’s required to modify the built-in file using a manual method.

Note:Unless advised by Microsoft support personnel, making changes to core UAG files is wholly unsupported. You should not make changes to these files except under strict guidance set out by the UAG support team, or other exceptions provided through an official channel such as this blog. Applying any future updates or running repairs may overwrite the modified file.

1. Navigate to ..\<UAG_Installation_path>\Microsoft Forefront Unified Access Gateway\von\InternalSite\inc\ and make a copy of the LoginChangePassword.incfile within the same folder

2. Now edit the original file and locate the below block of code…

3. Change this to include the following 6 lines…

4. Save the file and repeat these same steps on any other remaining UAG servers

AUTHOR

Rainier Amara

Support Escalation Engineer – Microsoft Edge Security Team

REVIEWERS

Lars Bentzen

Sr. Escalation Engineer – Microsoft Edge Security Team

Once again the UAG product group have worked diligently on releasing a much awaited update for UAG – SP4 Rollup 1

This update includes numerous fixes for the issues we have heard from customers over the last 12 months, plus also some improvements. However, one particular issue is not included in this release, so we thought to share the details on this…

  Problem Scenario

Users from a trusted forest are unable to change their password using the Credentials Management option on the UAG portal page.

E.g., a user from a trusted forest logs into the UAG portal and selects the Credentials Management icon on the toolbar. The user then chooses the “Change Password” option, which displays the password change dialog. After completing the form with their current and new password, the user clicks “Save” to apply the change. However, the password is not changed and the user receives an error message stating, “The password change cannot be applied”.

On the other hand, this behavior does not affect users from a domain within the UAG forest and their password is successfully changed. In this scenario, you may also observe that the “User name:” field appears to display the logged in user’s name as “Repositoryusername”, rather than “TrustedForestusername”.

  The Solution

The suggested fix is to make a modification to UAG’s LoginChangePassword.inc,so that the domain_name variable includes the user’s respective domain.

It’s not possible to customize the LoginChangePassword.incfile using the standard UAG CustomUpdate mechanism, and therefore it’s required to modify the built-in file using a manual method.

Note:Unless advised by Microsoft support personnel, making changes to core UAG files is wholly unsupported. You should not make changes to these files except under strict guidance set out by the UAG support team, or other exceptions provided through an official channel such as this blog. Applying any future updates or running repairs may overwrite the modified file.

1. Navigate to ..<UAG_Installation_path>Microsoft Forefront Unified Access GatewayvonInternalSiteinc and make a copy of the LoginChangePassword.incfile within the same folder

2. Now edit the original file and locate the below block of code…

3. Change this to include the following 6 lines…

4. Save the file and repeat these same steps on any other remaining UAG servers

AUTHOR

Rainier Amara

Support Escalation Engineer – Microsoft Edge Security Team

REVIEWERS

Lars Bentzen

Sr. Escalation Engineer – Microsoft Edge Security Team

Once again the UAG product group have worked diligently on releasing a much awaited update for UAG – SP4 Rollup 1

This update includes numerous fixes for the issues we have heard from customers over the last 12 months, plus also some improvements. However, one particular issue is not included in this release, so we thought to share the details on this…

  Problem Scenario

Users from a trusted forest are unable to change their password using the Credentials Management option on the UAG portal page.

E.g., a user from a trusted forest logs into the UAG portal and selects the Credentials Management icon on the toolbar. The user then chooses the “Change Password” option, which displays the password change dialog. After completing the form with their current and new password, the user clicks “Save” to apply the change. However, the password is not changed and the user receives an error message stating, “The password change cannot be applied”.

On the other hand, this behavior does not affect users from a domain within the UAG forest and their password is successfully changed. In this scenario, you may also observe that the “User name:” field appears to display the logged in user’s name as “Repositoryusername”, rather than “TrustedForestusername”.

  The Solution

The suggested fix is to make a modification to UAG’s LoginChangePassword.inc,so that the domain_name variable includes the user’s respective domain.

It’s not possible to customize the LoginChangePassword.incfile using the standard UAG CustomUpdate mechanism, and therefore it’s required to modify the built-in file using a manual method.

Note:Unless advised by Microsoft support personnel, making changes to core UAG files is wholly unsupported. You should not make changes to these files except under strict guidance set out by the UAG support team, or other exceptions provided through an official channel such as this blog. Applying any future updates or running repairs may overwrite the modified file.

1. Navigate to ..<UAG_Installation_path>Microsoft Forefront Unified Access GatewayvonInternalSiteinc and make a copy of the LoginChangePassword.incfile within the same folder

2. Now edit the original file and locate the below block of code…

3. Change this to include the following 6 lines…

4. Save the file and repeat these same steps on any other remaining UAG servers

AUTHOR

Rainier Amara

Support Escalation Engineer – Microsoft Edge Security Team

REVIEWERS

Lars Bentzen

Sr. Escalation Engineer – Microsoft Edge Security Team

We have an updated tracing package now available from the Microsoft Download center page for Forefront Unified Access Gateway (UAG) Tracing Symbols.  This new trace package includes formatting for all UAG versions through Service Pack 3 Rollup 1 and includes the SP3 enhanced context tracing to more easily filter trace data per session. 

Forefront UAG tracing can be run on the Forefront UAG server and on client endpoint devices connecting to Forefront UAG resources. You configure trace settings, start tracing, reproduce scenarios that require troubleshooting, stop tracing, and then convert the binary tracing output to text using the provided format files.

This download provides the following:
• A set of .tmf files in a zip file. These .tmf files can be used to convert binary trace files on the Forefront UAG server, and on client endpoint devices.
• A EULA license
• A document with instructions for configuring and running tracing

Note that the zip file provided by this download is cumulative. .tmf files included in the zip file can be used with the RTM version of Forefront UAG, and with subsequent Forefront UAG releases.

Versions of .tmf files provided by this download are as follows:

• UAG RTM (Version 4.0.1101.000)
• UAG Update 1 (Version 4.0.1152.100) KB Article 981323
• UAG Update 2 (Version 4.0.1269.200), KB Article 2288900
• UAG RTM MS10-089 bulletin (Version 4.0.1101.052), KB Article 2433585
• UAG Update 1 MS10-089 bulletin (Version 4.0.1152.150), KB Article 2433584
• UAG Update 2 MS10-089 bulletin (Version 4.0.1269.250), KB Article 2418933
• UAG SP1 (Version 4.0.1752.10000), KB Article 2285712
• UAG SP1 Rollup 1 (Version 4.0.1752.10020), KB Article 2475733
• UAG RTM MS11-079 bulletin (Version 4.0.1101.063), KB Article 2522482
• UAG Update 1 MS11-079 bulletin (Version 4.0.1152.163), KB Article 2522483
• UAG Update 2 MS11-079 bulletin (Version 4.0.1269.284), KB Article 2522484
• UAG SP1 MS11-079 bulletin (Version 4.0.1752.10073), KB Article 2522485
• UAG SP1 Update 1 (Version 4.0.1773.10100), KB Article 2585140
• UAG SP1 MS12-026 (Version 4.0.1753.10076), KB Article 2649261
• UAG SP1 Update 1 MS12-026 (Version 4.0.1773.10190), KB Article 2649262
• UAG SP2 (Version 4.0.2095.10000), KB Article 2710791
• UAG SP3 (Version 4.0.3123.10000), KB Article 2744025
• UAG SP3 Rollup 1  

Thank you,

The Forefront UAG Product Team

Get the latest System Center news on Facebook and Twitter:

System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/

App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv

The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

We have an updated tracing package now available from the Microsoft Download center page for Forefront Unified Access Gateway (UAG) Tracing Symbols.  This new trace package includes formatting for all UAG versions through Service Pack 3 Rollup 1 and includes the SP3 enhanced context tracing to more easily filter trace data per session. 

Forefront UAG tracing can be run on the Forefront UAG server and on client endpoint devices connecting to Forefront UAG resources. You configure trace settings, start tracing, reproduce scenarios that require troubleshooting, stop tracing, and then convert the binary tracing output to text using the provided format files.

This download provides the following:
• A set of .tmf files in a zip file. These .tmf files can be used to convert binary trace files on the Forefront UAG server, and on client endpoint devices.
• A EULA license
• A document with instructions for configuring and running tracing

Note that the zip file provided by this download is cumulative. .tmf files included in the zip file can be used with the RTM version of Forefront UAG, and with subsequent Forefront UAG releases.

Versions of .tmf files provided by this download are as follows:

• UAG RTM (Version 4.0.1101.000)
• UAG Update 1 (Version 4.0.1152.100) KB Article 981323
• UAG Update 2 (Version 4.0.1269.200), KB Article 2288900
• UAG RTM MS10-089 bulletin (Version 4.0.1101.052), KB Article 2433585
• UAG Update 1 MS10-089 bulletin (Version 4.0.1152.150), KB Article 2433584
• UAG Update 2 MS10-089 bulletin (Version 4.0.1269.250), KB Article 2418933
• UAG SP1 (Version 4.0.1752.10000), KB Article 2285712
• UAG SP1 Rollup 1 (Version 4.0.1752.10020), KB Article 2475733
• UAG RTM MS11-079 bulletin (Version 4.0.1101.063), KB Article 2522482
• UAG Update 1 MS11-079 bulletin (Version 4.0.1152.163), KB Article 2522483
• UAG Update 2 MS11-079 bulletin (Version 4.0.1269.284), KB Article 2522484
• UAG SP1 MS11-079 bulletin (Version 4.0.1752.10073), KB Article 2522485
• UAG SP1 Update 1 (Version 4.0.1773.10100), KB Article 2585140
• UAG SP1 MS12-026 (Version 4.0.1753.10076), KB Article 2649261
• UAG SP1 Update 1 MS12-026 (Version 4.0.1773.10190), KB Article 2649262
• UAG SP2 (Version 4.0.2095.10000), KB Article 2710791
• UAG SP3 (Version 4.0.3123.10000), KB Article 2744025
• UAG SP3 Rollup 1  

Thank you,

The Forefront UAG Product Team

Get the latest System Center news on Facebook and Twitter:

System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/

App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv

The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

We have an updated tracing package now available from the Microsoft Download center page for Forefront Unified Access Gateway (UAG) Tracing Symbols.  This new trace package includes formatting for all UAG versions through Service Pack 3 Rollup 1 and includes the SP3 enhanced context tracing to more easily filter trace data per session. 

Forefront UAG tracing can be run on the Forefront UAG server and on client endpoint devices connecting to Forefront UAG resources. You configure trace settings, start tracing, reproduce scenarios that require troubleshooting, stop tracing, and then convert the binary tracing output to text using the provided format files.

This download provides the following:
• A set of .tmf files in a zip file. These .tmf files can be used to convert binary trace files on the Forefront UAG server, and on client endpoint devices.
• A EULA license
• A document with instructions for configuring and running tracing

Note that the zip file provided by this download is cumulative. .tmf files included in the zip file can be used with the RTM version of Forefront UAG, and with subsequent Forefront UAG releases.

Versions of .tmf files provided by this download are as follows:

• UAG RTM (Version 4.0.1101.000)
• UAG Update 1 (Version 4.0.1152.100) KB Article 981323
• UAG Update 2 (Version 4.0.1269.200), KB Article 2288900
• UAG RTM MS10-089 bulletin (Version 4.0.1101.052), KB Article 2433585
• UAG Update 1 MS10-089 bulletin (Version 4.0.1152.150), KB Article 2433584
• UAG Update 2 MS10-089 bulletin (Version 4.0.1269.250), KB Article 2418933
• UAG SP1 (Version 4.0.1752.10000), KB Article 2285712
• UAG SP1 Rollup 1 (Version 4.0.1752.10020), KB Article 2475733
• UAG RTM MS11-079 bulletin (Version 4.0.1101.063), KB Article 2522482
• UAG Update 1 MS11-079 bulletin (Version 4.0.1152.163), KB Article 2522483
• UAG Update 2 MS11-079 bulletin (Version 4.0.1269.284), KB Article 2522484
• UAG SP1 MS11-079 bulletin (Version 4.0.1752.10073), KB Article 2522485
• UAG SP1 Update 1 (Version 4.0.1773.10100), KB Article 2585140
• UAG SP1 MS12-026 (Version 4.0.1753.10076), KB Article 2649261
• UAG SP1 Update 1 MS12-026 (Version 4.0.1773.10190), KB Article 2649262
• UAG SP2 (Version 4.0.2095.10000), KB Article 2710791
• UAG SP3 (Version 4.0.3123.10000), KB Article 2744025
• UAG SP3 Rollup 1  

Thank you,

The Forefront UAG Product Team

Get the latest System Center news on Facebook and Twitter:

System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/

App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv

The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

We have an updated tracing package now available from the Microsoft Download center page for Forefront Unified Access Gateway (UAG) Tracing Symbols.  This new trace package includes formatting for all UAG versions through Service Pack 3 Rollup 1 and includes the SP3 enhanced context tracing to more easily filter trace data per session. 

Forefront UAG tracing can be run on the Forefront UAG server and on client endpoint devices connecting to Forefront UAG resources. You configure trace settings, start tracing, reproduce scenarios that require troubleshooting, stop tracing, and then convert the binary tracing output to text using the provided format files.

This download provides the following:
• A set of .tmf files in a zip file. These .tmf files can be used to convert binary trace files on the Forefront UAG server, and on client endpoint devices.
• A EULA license
• A document with instructions for configuring and running tracing

Note that the zip file provided by this download is cumulative. .tmf files included in the zip file can be used with the RTM version of Forefront UAG, and with subsequent Forefront UAG releases.

Versions of .tmf files provided by this download are as follows:

• UAG RTM (Version 4.0.1101.000)
• UAG Update 1 (Version 4.0.1152.100) KB Article 981323
• UAG Update 2 (Version 4.0.1269.200), KB Article 2288900
• UAG RTM MS10-089 bulletin (Version 4.0.1101.052), KB Article 2433585
• UAG Update 1 MS10-089 bulletin (Version 4.0.1152.150), KB Article 2433584
• UAG Update 2 MS10-089 bulletin (Version 4.0.1269.250), KB Article 2418933
• UAG SP1 (Version 4.0.1752.10000), KB Article 2285712
• UAG SP1 Rollup 1 (Version 4.0.1752.10020), KB Article 2475733
• UAG RTM MS11-079 bulletin (Version 4.0.1101.063), KB Article 2522482
• UAG Update 1 MS11-079 bulletin (Version 4.0.1152.163), KB Article 2522483
• UAG Update 2 MS11-079 bulletin (Version 4.0.1269.284), KB Article 2522484
• UAG SP1 MS11-079 bulletin (Version 4.0.1752.10073), KB Article 2522485
• UAG SP1 Update 1 (Version 4.0.1773.10100), KB Article 2585140
• UAG SP1 MS12-026 (Version 4.0.1753.10076), KB Article 2649261
• UAG SP1 Update 1 MS12-026 (Version 4.0.1773.10190), KB Article 2649262
• UAG SP2 (Version 4.0.2095.10000), KB Article 2710791
• UAG SP3 (Version 4.0.3123.10000), KB Article 2744025
• UAG SP3 Rollup 1  

Thank you,

The Forefront UAG Product Team

Get the latest System Center news on Facebook and Twitter:

System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/

App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv

The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

We are happy to announce that Service Pack 2 for Forefront UAG 2010 is now released.

UAG 2010 Service Pack 2 is available for download from the Microsoft Download Center, as an upgrade from UAG Service Pack 1 Update 1.

Here are some details about what is included in Service Pack 2 for UAG 2010:

• Improved SharePoint 2010 support
  Forefront UAG 2010 SP2 enables users to authenticate to a trunk by using Microsoft Office Forms-Based Authentication (MSOFBA) when the trunk uses Active Directory Federation Services (AD FS) 2.0 for authentication.
• Improved Active Directory Federation Services (AD FS) 2.0 support
  You can provide remote and partner employees with access to published applications that have AD FS 2.0 enabled.
  • AD FS Multi-Namespace support: Multi-namespace support with AD FS 2.0 enables you to use a single AD FS 2.0 server that has multiple Forefront UAG trunks when the FQDNs (the public host names) of the trunks are in different domains. For example, the FQDN of the first trunk is portal.contoso.com and the FQDN of the second trunk is portal.fabrikam.com. Both trunks can be configured to perform AD FS authentication by using the same AD FS 2.0 server sts.contoso.com. In this kind of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks, or by an AD FS proxy that is parallel to Forefront UAG. 
  • Use the AD FS Proxy to publish the AD FS 2.0 Server: The AD FS proxy has many benefits compared to publishing the AD FS 2.0 server through Forefront UAG; including, support for Office365 authentication and mobile devices. 
  • Enable complex topologies: For example, by using Forefront UAG to publish a SharePoint website located in one site when the AD FS server is located in another site
• Added client devices
  Forefront UAG 2010 SP2 enables users to connect with the following mobile devices:
  • Windows Phone 7.5
  • iOS 5.x on iPad and iPhone
  • Android 4.x on tablets and phones
• Updated support for UAG’s endpoint detection capabilities
  
• Fixes included in UAG SP2
• Over 25 new fixes for customer reported issues. For details, please visit KB 2710791: Description of Forefront Unified Access Gateway 2010 Service Pack 2 (SP2)
• In addition, UAG SP2 is cumulative and includes Rollup 1 for UAG 2010 SP1 Update 1, as well as the security fixes described in Microsoft Security Bulletin MS12-026

Download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 2 package now, and learn more about UAG SP2 by visiting our TechNet Library.

Thank you,

The UAG Product Team

We are happy to announce that Service Pack 2 for Forefront UAG 2010 is now released.

UAG 2010 Service Pack 2 is available for download from the Microsoft Download Center, as an upgrade from UAG Service Pack 1 Update 1.

Here are some details about what is included in Service Pack 2 for UAG 2010:

• Improved SharePoint 2010 support
  Forefront UAG 2010 SP2 enables users to authenticate to a trunk by using Microsoft Office Forms-Based Authentication (MSOFBA) when the trunk uses Active Directory Federation Services (AD FS) 2.0 for authentication.
• Improved Active Directory Federation Services (AD FS) 2.0 support
  You can provide remote and partner employees with access to published applications that have AD FS 2.0 enabled.
  • AD FS Multi-Namespace support: Multi-namespace support with AD FS 2.0 enables you to use a single AD FS 2.0 server that has multiple Forefront UAG trunks when the FQDNs (the public host names) of the trunks are in different domains. For example, the FQDN of the first trunk is portal.contoso.com and the FQDN of the second trunk is portal.fabrikam.com. Both trunks can be configured to perform AD FS authentication by using the same AD FS 2.0 server sts.contoso.com. In this kind of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks, or by an AD FS proxy that is parallel to Forefront UAG. 
  • Use the AD FS Proxy to publish the AD FS 2.0 Server: The AD FS proxy has many benefits compared to publishing the AD FS 2.0 server through Forefront UAG; including, support for Office365 authentication and mobile devices. 
  • Enable complex topologies: For example, by using Forefront UAG to publish a SharePoint website located in one site when the AD FS server is located in another site
• Added client devices
  Forefront UAG 2010 SP2 enables users to connect with the following mobile devices:
  • Windows Phone 7.5
  • iOS 5.x on iPad and iPhone
  • Android 4.x on tablets and phones
• Updated support for UAG’s endpoint detection capabilities
  
• Fixes included in UAG SP2
• Over 25 new fixes for customer reported issues. For details, please visit KB 2710791: Description of Forefront Unified Access Gateway 2010 Service Pack 2 (SP2)
• In addition, UAG SP2 is cumulative and includes Rollup 1 for UAG 2010 SP1 Update 1, as well as the security fixes described in Microsoft Security Bulletin MS12-026

Download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 2 package now, and learn more about UAG SP2 by visiting our TechNet Library.

Thank you,

The UAG Product Team

We are happy to announce that Service Pack 2 for Forefront UAG 2010 is now released.

UAG 2010 Service Pack 2 is available for download from the Microsoft Download Center, as an upgrade from UAG Service Pack 1 Update 1.

Here are some details about what is included in Service Pack 2 for UAG 2010:

• Improved SharePoint 2010 support
  Forefront UAG 2010 SP2 enables users to authenticate to a trunk by using Microsoft Office Forms-Based Authentication (MSOFBA) when the trunk uses Active Directory Federation Services (AD FS) 2.0 for authentication.
• Improved Active Directory Federation Services (AD FS) 2.0 support
  You can provide remote and partner employees with access to published applications that have AD FS 2.0 enabled.
  • AD FS Multi-Namespace support: Multi-namespace support with AD FS 2.0 enables you to use a single AD FS 2.0 server that has multiple Forefront UAG trunks when the FQDNs (the public host names) of the trunks are in different domains. For example, the FQDN of the first trunk is portal.contoso.com and the FQDN of the second trunk is portal.fabrikam.com. Both trunks can be configured to perform AD FS authentication by using the same AD FS 2.0 server sts.contoso.com. In this kind of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks, or by an AD FS proxy that is parallel to Forefront UAG. 
  • Use the AD FS Proxy to publish the AD FS 2.0 Server: The AD FS proxy has many benefits compared to publishing the AD FS 2.0 server through Forefront UAG; including, support for Office365 authentication and mobile devices. 
  • Enable complex topologies: For example, by using Forefront UAG to publish a SharePoint website located in one site when the AD FS server is located in another site
• Added client devices
  Forefront UAG 2010 SP2 enables users to connect with the following mobile devices:
  • Windows Phone 7.5
  • iOS 5.x on iPad and iPhone
  • Android 4.x on tablets and phones
• Updated support for UAG’s endpoint detection capabilities
  
• Fixes included in UAG SP2
• Over 25 new fixes for customer reported issues. For details, please visit KB 2710791: Description of Forefront Unified Access Gateway 2010 Service Pack 2 (SP2)
• In addition, UAG SP2 is cumulative and includes Rollup 1 for UAG 2010 SP1 Update 1, as well as the security fixes described in Microsoft Security Bulletin MS12-026

Download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 2 package now, and learn more about UAG SP2 by visiting our TechNet Library.

Thank you,

The UAG Product Team

We are happy to announce that Service Pack 2 for Forefront UAG 2010 is now released.

UAG 2010 Service Pack 2 is available for download from the Microsoft Download Center, as an upgrade from UAG Service Pack 1 Update 1.

Here are some details about what is included in Service Pack 2 for UAG 2010:

• Improved SharePoint 2010 support
  Forefront UAG 2010 SP2 enables users to authenticate to a trunk by using Microsoft Office Forms-Based Authentication (MSOFBA) when the trunk uses Active Directory Federation Services (AD FS) 2.0 for authentication.
• Improved Active Directory Federation Services (AD FS) 2.0 support
  You can provide remote and partner employees with access to published applications that have AD FS 2.0 enabled.
  • AD FS Multi-Namespace support: Multi-namespace support with AD FS 2.0 enables you to use a single AD FS 2.0 server that has multiple Forefront UAG trunks when the FQDNs (the public host names) of the trunks are in different domains. For example, the FQDN of the first trunk is portal.contoso.com and the FQDN of the second trunk is portal.fabrikam.com. Both trunks can be configured to perform AD FS authentication by using the same AD FS 2.0 server sts.contoso.com. In this kind of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks, or by an AD FS proxy that is parallel to Forefront UAG. 
  • Use the AD FS Proxy to publish the AD FS 2.0 Server: The AD FS proxy has many benefits compared to publishing the AD FS 2.0 server through Forefront UAG; including, support for Office365 authentication and mobile devices. 
  • Enable complex topologies: For example, by using Forefront UAG to publish a SharePoint website located in one site when the AD FS server is located in another site
• Added client devices
  Forefront UAG 2010 SP2 enables users to connect with the following mobile devices:
  • Windows Phone 7.5
  • iOS 5.x on iPad and iPhone
  • Android 4.x on tablets and phones
• Updated support for UAG’s endpoint detection capabilities
  
• Fixes included in UAG SP2
• Over 25 new fixes for customer reported issues. For details, please visit KB 2710791: Description of Forefront Unified Access Gateway 2010 Service Pack 2 (SP2)
• In addition, UAG SP2 is cumulative and includes Rollup 1 for UAG 2010 SP1 Update 1, as well as the security fixes described in Microsoft Security Bulletin MS12-026

Download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 2 package now, and learn more about UAG SP2 by visiting our TechNet Library.

Thank you,

The UAG Product Team

With the upcoming release of Unified Access Gateway 2010 (UAG) Service Pack 1, we decided it was important to discuss some important scenarios that many of our customers have asked us about. These scenarios are:

• Business Continuity
• Disaster Recovery
• Multi-Geo (Multi-site) deployment

We believe that support for each of these scenarios is important for an enterprise ready solution. Business continuity and disaster recovery needs to be part of any solution designed to provide your users seamless and transparent connectivity to resources that give your firm a competitive advantage. In addition, support for multiple, geographically dispersed sites is also considered important in an era of international business can travel and we consider support for this scenario to be central in our near term goals for UAG.

While UAG Service Pack 1 (UAG SP1) can provide you basic support for business continuity, disaster recovery and multi-geo scenarios, we want you to know that we plan to address each of these scenarios with a post-UAG SP1 update and that work is already underway.

However, until we are able to deliver this update to you, we want to provide you some guidance for supported workarounds for these scenarios.

Business Continuity and Disaster Recovery

In the area of business continuity and disaster recovery we recommend that you create a “mirrored” installation of your UAG DirectAccess server or array. This can be a hot or cold standby that is configured with the same IP addresses as the production server or array. If the production array should fail, you can bring up the standby server or array and take advantage of ISP subnet redundancy so that traffic is routed to the backup deployment. When the primary UAG DirectAccess server or array comes back up, you take down the backup and route the traffic back through the original route.

Multiple Geographic Locations and Load Balancing Multiple Entry Points

There are two primary scenarios to consider when deploying UAG SP1 DirectAccess servers or arrays in multiple locations:

• Your intranet resources are all IPv4
• Your intranet resources are a mix of IPv4 and IPv6

Intranet Resources are all IPv4

If all your intranet resources are accessible only through IPv4 addresses (IPv4-only network), then you will take advantage of the UAG SP1 NAT64/DNS64 IPv6 to IPv4 protocol translator. In this scenario the source IP address of the incoming connections from DirectAccess clients is always an internal IP address on the UAG DirectAccess server or array. Your existing IPv4 routing infrastructure will be able to route these connections from the UAG DirectAccess server or array to the destination resource and responses back to the UAG DirectAccess server or array that the DirectAccess client is connected to. In this scenario you do not need to worry about IPv6 routing on the intranet.

You would install multiple UAG DirectAccess servers or arrays and apply the DirectAccess client and server settings by using different GPOs (which are specific to the particular UAG DirectAccess server or array)and assigning those GPOs to different OUs or security groups. If you are using a pre-SP1 deployment of UAG, you can use the methods discussed in the blog post http://blogs.technet.com/b/edgeaccessblog/archive/2010/02/18/deep-dive-into-uag-directaccess-tweaking-the-gpos.aspx to deploy the settings to different OUs. If you plan to deploy this scenario with UAG SP1, you can take advantage of the new GPO deployment features included in UAG SP1 which make custom deployment of GPOs to OUs or security groups available in the UAG DirectAccess wizard.

This method enables you to assign a fixed number of clients (based on the fixed number of computer accounts that belong to an OU or security group that you configure) to each UAG DirectAccess server or array. While this method allows for a static level of load balancing (DirectAccess clients can be split relatively evenly between servers or arrays), this approach does not allow users to change which array they connect to. This change requires that an administrator move the computer account to a different security group or OU.

Intranet Resources are IPv4 and IPv6

In this scenario, you would take advantage of the same distribution of DirectAccess clients are you would with an IPv4-only intranet – by assigning clients to a specific UAG DirectAccess server or array through the use of different GPOs or security groups. What changes in this scenario is how you handle the IPv6 routing requirements in a geographically distributed environment.

In this scenario you can configure a single ISATAP cloud and deploy multiple ISATAP routers that are on-link with the UAG DirectAccess server or array at each location. To make this work, you need to do the following:

• Prevent DirectAccess clients from connecting to the UAG DirectAccess server or array using the 6to4 protocol. You can accomplish this by blocking IP Protocol 41 inbound through your edge firewalls.
• Install an ISATAP router on the same link as the internal interface of the UAG DirectAccess server or array (that is to say, on the same physical or virtual segment).
• Generate an IPv6 address space and assign both the ISATAP and UAG server or array addresses from this address space. You can find detailed instructions on how to generate an internal IPv6 address space and how to assign and use these IPv6 addresses on a UAG DirectAccess server or array in the blog post http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/17/configuring-an-external-load-balanced-uag-directaccess-array-for-an-ipv4-only-network.aspx
• Allocate a /64 ISATAP prefix for your entire intranet and use the same prefix for all your ISATAP routers.
• On each of the ISATAP routers, add a specific /64 Teredo route, based on the Teredo address space that is generated by the UAG for that server’s or array’s clients.
• On each of the ISATAP routers, add a specific /64 IP-HTTPS route based on the IP-HTTPS address space that is generated by UAG for that server’s or array’s clients.
• Add a resource record for ISATAP for each ISATAP router. ISATAP hosts will receive all ISATAP resource records from the DNS server and will send router solicitation requests to each ISATAP server so that the ISATAP hosts are aware of all routes back to DirectAccess clients.

One other thing worth highlighting is the fact that the ISATAP Router needs to be configured with two IPv6 addresses:

• The ISATAP address is used by the entire organization to reach the ISATAP router
• The native IPv6 address is used on the ISATAP router to communicate with the UAG server

Figure 1 provides a high level overview of what this configuration looks like.

Figure 1 Workaround for an intranet with IPv6 ISATAP resources

Figure 1 shows that the ISATAP router in Asia is configured with routes for the Asia UAG Teredo and IP-HTTPS address space to the Asia UAG DirectAccess server. It also shows that the ISATAP router in the USA is configured with routes for the USA UAG Teredo and IP-HTTPS address space to the USA UAG DirectAccess server.

If you have some experience with IPv6 and ISATAP, the configuration should not be too difficult to accomplish. However, if you would like to see how this configuration works in a Test Lab, we plan to publish a Test Lab Guide – Test Lab Guide: Demonstrate UAG SP1 DirectAccess in a Multi-Site Configuration soon after the release of UAG SP1, which should help speed you understanding of the overall solution. For a list of current UAG Test Lab Guides, be sure to check out UAG DirectAccess Test Lab Guide Portal page at http://social.technet.microsoft.com/wiki/contents/articles/uag-directaccess-test-lab-guide-portal-page.aspx

Authors:

Ben Bernstein, Senior Program Manager, DirectAccess
Tom Shinder (tomsh@microsoft.com), Knowledge Engineer/Principal Technical Writer, Anywhere Access Group (AAG)