Share via


Compliance notes

Updated: April 8, 2010

Applies To: Unified Access Gateway

This topic summarizes compliance and globalization issues in Forefront Unified Access Gateway (UAG).

Globalization issues

Globalization issues are summarized in the following table.

Component Details Issue

Installation

Installation folder

Double-byte character set (DBCS) characters are not supported in the Forefront UAG installation path.

Forefront UAG Management console

Dialog boxes

Some fields in the console do not support use of non-English characters. Non-English characters may not display as expected, and might not be saved correctly.

Trunk names

In order to publish internal application, you create Forefront UAG trunks, and then publish applications via the trunk. Remote users access either the URL of the trunk, or connect directly to published Web applications.

Forefront UAG does not support the use of internationalized domain name (IDN) URLs for trunk names

Policy Editor

The Forefront UAG policy editor is used to modify predefined Forefront UAG access policies and expressions, and to create custom policies.

  1. Unicode characters are not supported when defining settings in the policy editor screens in the Forefront UAG Management console.

  2. Access policies cannot be applied to non-

File Access

The File Access application is published via Forefront UAG to provide remote users with access to internal file structures and folders.

File access does not support files and folders with non-English characters.

Backend authentication

Using Forefront UAG you can delegate credentials, so client credentials provided during session logon are sent to backend servers that require authentication. The Forefront UAG server can communicate with backend servers over HTTP or HTTPS.

Forefront UAG does not support HTTPS authentication of a backend server using a certificate that contains information defined in non-English characters. For example the certificate subject name).

Client authentication

Forefront UAG authenticates remote clients for access to Forefront UAG portals, sites, and applications.

When authenticating users with Basic authentication, client devices using languages that require the DBCS, must be configured with a DBSC locale, and the Forefront UAG server, and any backend servers to which the client device makes requests, must be configured with the same DBCS locale.

URL inspection

Forefront UAG can inspect URLs, parameters and other incoming data. You can configure URL rules and inspection settings.

Forefront UAG does not support creating rules that contain non-encoded Unicode characters.

Tracing

You can configure and use tracing to troubleshoot Forefront UAG issues.

Tracing does not work as expected for information containing non-English characters. For example a user name with non-English characters.

AD FS

Using AD FS 1.0 and 2.0 with Forefront UAG, you can provide remote and partner employees with access to your published applications.

Non-English characters are not supported for claim types.

WinLogo compliance issues

The Windows Logo (WinLogo) signifies the compatibility and reliability of systems and devices with Windows operating system. WinLogo compliance notes for this release of Forefront Unified Access Gateway (UAG) include the following:

  1. A computer restart is required after installing and uninstalling Forefront UAG. This is because Forefront UAG requires the svchost.exe host process to reinitialize in order to support SSTP. Reintialization takes place during boot time.

  2. The following files are not removed from the computer after uninstalling Forefront UAG:

    • In the Windows\debug folder: adamsetup_loader.log; adamsetup.log

    • In the Windows\inf\FwSrv\0009 folder: wspperf.ini

    • In the Windows\inf\FwEng\0009 folder: fwengprf.ini

    • In the Windows\System32\inetsrv\History\ folder: MetaBase_0000000026_0000000000.xml; MBSchema_0000000026_0000000000.xml

    • In the Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20091130_061018 folder: Detail_GlobalRules.txt

    • In the Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20091130_061018\resources folder: ProgressSuccess.ico; ProgressError.ico; ProgressSkip.ico; ProgressWarn.ico

    • In the Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20091130_061018 folder: SystemConfigurationCheck_Report.htm; Summary_WIN-LMHBP76MLV6_20091130_061018_GlobalRules.txt; Detail_ComponentUpdate.txt; Summary_WIN-LMHBP76MLV6_20091130_061959_ComponentUpdate.txt; ConfigurationFile.ini; sql_engine_core_inst_Cpu64_1.log; sql_engine_core_inst_loc_Cpu64_1033_1.log; sql_rs_Cpu64_1.log; sql_rs_loc_Cpu64_1033_1.log; SQLServer_ERRORLOG_2009-11-30T06.27.23.txt; SQLServer_ERRORLOG_2009-11-30T06.27.51.txt; SQLServer_ERRORLOG_2009-11-30T06.29.44.txt;

    • All files in the Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20091130_061018\Datastore_GlobalRules folder

    • All files in the Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20091130_061959\Datastore_ComponentUpdate folder

    • In the Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log \20091130_061959 folder: Detail.txt; Summary_WIN-LMHBP76MLV6_20091130_061959.txt;

    • All files in the Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20091130_061959\Datastore folder

    • In the Windows\inf\ReportServer$ISARS\0009 folder: perf-ReportServer$ISARSrsperfctr.ini

  3. Forefront UAG does not support upgrade from Intelligent Application Gateway (IAG) 2007, or from earlier versions of Forefront UAG.

  4. The following .exe files run with elevated permissions:

    File name Details

    c:\Program Files\Microsoft Forefront Threat Management Gateway\IsaApplianceInit.exe

    Applies to OEMs only—Configures a preinstalled server with Forefront TMG settings during Sysprep. This file requires administrator permissions to run.

    c:\Program Files\Microsoft Forefront Threat Management Gateway\IsaMgmt.exe

    A command-line tool that is used by Windows Essential Business Server Admin to opens TMG Admin in specific nodes in the Left-Pane. TMG Admin is hosted by MMC.EXEs and therefore the requestedExecutionLevel of this program is the same as MMC.EXE's - Requires admin permissions

    c:\Program Files\Microsoft Forefront Threat Management Gateway\NicsRestorer.exe

    Applicable for OEMs only—Configures Forefront TMG adapter settings during during Sysprep. This file requires administrator permissions to run.

    c:\Program Files\Microsoft Forefront Threat Management Gateway\Uninstall\SetupWrapper.exe

    Runs Forefront TMG Setup. This file requires administrator permissions to run.

    c:\Program Files\Microsoft Forefront Unified Access Gateway\common\bin\ActivationMonitor.exe

    Reads Forefront UAG configuration settings in Forefront TMG configuration storage repository. This is accessible only by administrators on the local computer.

    c:\Program Files\Microsoft Forefront Unified Access Gateway\common\bin\Configuration.exe

    Opens the Forefront UAG MAnagement console. This is accessible only by administrators on the local computer.

    c:\Program Files\Microsoft Forefront Unified Access Gateway\common\bin\MonitorLauncher.exe

    Opens the Forefront UAG Web Monitor console. This is accessible only by administrators on the local computer.

  5. The following 3rd party binary files do not have valid file information:

    • regex_boost_1_39.dll does not have a valid Company name property

    • regex_boost_1_39.dll does not have a valid Product name property

    • regex_boost_1_39.dll does not have a valid Product Version property

    • tracelog.exe does not have a valid "Company name" propertyregex_boost_1_39.dll does not have a valid Product Name property

    • tracelog.exe does not have a valid Product Name property

    • tracelog.exe does not have a valid Product Version property

  6. The following files are generated by SQL and Windows and are not signed by Forefront UAG:

    C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\USP10.DLL
    C:\Program Files\Microsoft Forefront Unified Access Gateway\common\help\appaware\HTML.cab
    C:\Program Files\Microsoft Forefront Unified Access Gateway\common\help\configuration\HTML.cab
    C:\Program Files\Microsoft Forefront Unified Access Gateway\von\Monitor\Help\Monitor\HTML.cab
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20091130_061018\LogSet_WIN-LMHBP76MLV6_20091130_061018.cab
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20091130_061959\LogSet_WIN-LMHBP76MLV6_20091130_061959.cab
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\1033\sql_as_loc.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\1033\sql_bids_loc.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\1033\sql_is_loc.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\1033\sql_ssms_loc.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\1033\sql_tools_loc.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\1033\sqlbrowser.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\1033\sqlsupport.msi
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\1033\windows\system32\ansi\ansiatl.dll
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\rsfx.msi
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_as.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_bids.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_common_core_msi\sql_common_core.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_engine_core_inst_loc_msi\1033\sql_engine_core_inst_loc.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_engine_core_inst_msi\sql_engine_core_inst.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_engine_core_shared_loc_msi\1033\sql_engine_core_shared_loc.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_engine_core_shared_msi\sql_engine_core_shared.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_is.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_rs.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_ssms.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sql_tools.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\sqlserverbestpracticespolicies.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\x64\1033\sqlsysclrtypes.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\x64\1033\sqlwriter.msp
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\x64\sqlncli.msi
    C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\x64\setup\x64\sqlsqm.msp
    C:\Program Files\Microsoft SQL Server\MSRS10.ISARS\Reporting Services\RSTempFiles\reportserver_isars\06853612\987bdb46\App_global.asax.n_ow6k0j.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.1833_none_8a17faaf2edd3e00\ATL80.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_8442d417329336b1\mfc80.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_8442d417329336b1\mfc80u.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_8442d417329336b1\mfcm80.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_8442d417329336b1\mfcm80u.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80CHS.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80CHT.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80DEU.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80ENU.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80ESP.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80FRA.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80ITA.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80JPN.dll
    C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_bc1b16f50be25ff5\mfc80KOR.dll
    C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.1833_none_d1c5318643596706\ATL80.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_cbf00aee470f5fb7\mfc80.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_cbf00aee470f5fb7\mfc80u.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_cbf00aee470f5fb7\mfcm80.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_cbf00aee470f5fb7\mfcm80u.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80CHS.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80CHT.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80DEU.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80ENU.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80ESP.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80FRA.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80ITA.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80JPN.dll
    C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.1833_none_03c84dcc205e88fb\mfc80KOR.dll