Export (0) Print
Expand All
Collapse the table of content
Expand the table of content
Expand Minimize

Request to connect from an array member to the configuration storage server may fail

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

Cause

In a standalone array with multiple array members, a request to connect from an array member to the configuration storage server may fail.

Solution

As a workaround, create a new DNS entry pointing to the IP address on the intra-array network of the configuration storage server, register the intra-array name in the Kerberos database using the Setspn.exe utility, and change the array properties to use the new DNS entry.

For example: In the scenario where the configuration storage server is installed on a computer named fw1.contoso.com register fw1a.contoso.com, where fw1a.contoso.com is pointing to the intra-array IP address of the configuration storage server.

To register the new name in the Kerberos database run these commands:

  • setspn -a ldap/fw1a.contoso.com FW1A

  • setspn -a ldap/fw1a.contoso.com:2171 FW1A

Modify the configuration storage server array property on the configuration storage page to fw1a.contoso.com.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2015 Microsoft