Export (0) Print
Expand All
0 out of 2 rated this helpful - Rate this topic

Configuring Active Directory for Automatic Detection

Published: November 15, 2009

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

Forefront TMG uses Active Directory (AD) Marker for automatic detection of the location of Forefront TMG. The TmgAdConfig tool is an autodiscovery tool which configures Active Directory with a marker key that points to the Forefront TMG computer. This key is used by the Forefront TMG Client to locate and connect to the Forefront TMG computer.

WarningWarning:
AD Marker is not supported in a workgroup deployment. If your computer is not a member of a domain, either add it to a domain or use the legacy detection methods by clearing the Use Active Directory (recommended) check box in the Forefront TMG Client‘s advanced settings.

  1. To store the marker key in Active Directory, at the command prompt, type: TmgAdConfig.exe add -default -type winsock -url <service-url> [-f] where:

    • The service-url entry should be in the format http://<TMG Server Name>:8080/wspad.dat.

    The following parameters can be used in the commands:

    • To delete a key from Active Directory, at a command line prompt, type:TmgAdConfig.exe del -default -type winsock

    • To configure the Active Directory marker for a specific site, use the –site command line parameter.

    • For a complete list of options, type TmgAdConfig.exe -?

    • For detailed usage information, type TmgAdConfig.exe <command> -help

The TmgAdConfig tool creates the following registry key in Active Directory: LDAP://Configuration/Services/Internet Gateway("Container") /Winsock Proxy("ServiceConnectionPoint")

The key’s server binding information will be set to <service-url>. This key will be retrieved by the Forefront TMG Client and will be used to download the wspad configuration file.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.