Release notes for Forefront UAG SP4

  • Article

These release notes address late-breaking issues for Forefront Unified Access Gateway (UAG) Service Pack Four (SP4).

Installation, upgrade, and administration issues

  1. We recommend that you add a restore point on the Forefront UAG server before running SP4 installation.

  2. You must install SP4 on a server running Forefront UAG SP3 Rollup 1 as follows:

    1. Make sure all previous service packs up to and including Forefront UAG SP3 Rollup 1 are installed.

    2. Install Forefront UAG SP4.

  3. We recommend that you do not have installations of other applications in progress when you install SP4 on an existing Forefront UAG server. Otherwise you might receive the following message during SP4 installation: “Setup failed during Forefront UAG prerequisites installation”. If you do receive this error, do the following:

    1. Restart the computer.

    2. Wait several minutes for any installations that are in progress to complete.

    3. Reinstall SP4.

  4. For a summary of known globalization issues in Forefront UAG, see Compliance notes.

Client issues

  • When users launch RemoteApp with non-English names there is a problem displaying the RemoteApp name.

  • Some client applications that attempt to use Forefront UAG’s Socket Forwarding SSL VPN tunneling component may not work as expected.

  • The Windows 8.1 version of Device Session Cleanup might not be detected in the System Information window.

  • After upgrading to SP4, users trying to access an application using Internet Explorer 11 might get this sign-in error Access to this portal from a mobile device is not allowed because the portal uses federated authentication. This can happen if your Forefront UAG server is configured with one or more portal trunks using AD FS 2.0 as the trunk authentication server. To solve this issue, perform the following:

    1. On the UAG server, find the file mobile.browser in the folder …\InternalSite\ADFSv2Sites\<trunk name>\App_Browsers\DetectionModule. Make sure you are in the ADFSv2Sites folder because there are multiple files with this name in other locations.

    2. Delete the file.
      If you have more than one trunk using AD FS 2.0 authentication, repeat this process for each mobile.browser file for each folder inside …\InternalSite\ADFSv2Sites\Activate the UAG configuration.

    3. If you have more than one trunk using AD FS 2.0 authentication, repeat steps one and two above for each mobile.browser file for each folder inside …\InternalSite\ADFSv2Sites\

    4. Activate the UAG configuration.