The Endpoint does not meet access policy requirements for this site + UAG 2010


  • I dont hold too much hope on this as I dont seem to be the only one with issues troubleshooting Endpoint compliance on UAG.

    Server = UAG 2010 version 4.0.2095.10000

    Client = Windows 7 Starter edition (32bit), SP1 - AV installed = Yes, FW enabled = Yes... all the usual suspects covered (is Windows Starter Edition a supported OS with UAG ??) IE 9, 32 bit.

    Anyway - the problem is the client is blocked access before the authentication process, which is making troubleshooting a toughie.

    Looking at the client side, there are event log errors at each connection attempt for "uagqecsvc - failing to register the MSOFT UAG Quarantine Client component failed - HRESULT 0x80270003 ....

    I have un-installed / re-installed the UAG enpoint component (v4.0) from UAG - if manually trying to install the Endpoint from C:\Program Files\Microsoft Forefront Unified Access Gateway\von\PortalHomePage on the UAG server, this fails on the client with "Installer encountered an unexpected error, may indicate a problem with the package - errocr code 2738"

    I have had a look through the UAG trunk to try and find something obvious, but I cant see anything - this is the only Windows 7 client (out of 250) in the organisation that is having this problem...

    Can anyone help ???

    • Edited by Garth_Mail Monday, September 09, 2013 10:08 AM
    Thursday, September 05, 2013 11:12 AM


All replies

  • Hi,

    Thanks for your post

    I suggest you to have a test through the steps below:

    1. Create a new Session Access Policy that there is just only "Any Antivirus" rule in it

    2. Create a new Session Access Policy that there is just only "Any personal firewall" rule in it

    3. To check Step 1 and 2 that the issue will appear in which condition.

    4. Please open "web monitering"  to  collect log.

    There are some links about the problem for your reference:

    If problem persists,please feel free to contact me .

    Best Regards

    Quan Gu


    Monday, September 09, 2013 11:49 AM
  • Hi Quan,

    Appreciate the response...

    At the moment I am only able to test on a production environment so I dont want to affect any availability etc...however - another question I have for you, if ok!

    I am looking at the Endpoint Policies, we have:

    Session Access Policy  > Endopoint Policy : [Name] Custom Trunk,

    Privileged Endpoint Policy > Endpoint Policy: Always

    Access Method > Endpoint policy: Always

    Now I would assume that by editing the Endpoint Policies Custom Trunk Policy (as above), I would see the expressions used to determine the Endpoint health - there are none, simply the explantory text ...your computer does not meet the requirements......

    However, checkin the client machine - which is Windows 7 Starter edition, it tells me the Enforcement client component failed...

    Are you able to confirm that Win 7 Starter edition is supported with UAG please?  I have checked the compatability lists, and only Windows 7 is listed (does this mean all editions)

    Monday, September 09, 2013 3:20 PM
  • Hi,

    I think we should focus on client machine since you said that there is an error "Enforcement client component failed".

    Please remove client component and reinstall it . you can refer to the link below to check if your environment  meets the requirment.

    If problem persists,please feel free to contact me .

    Best Regards

    Quan Gu

    Wednesday, September 11, 2013 2:59 AM
  • Hi Quan,

    apologies for the late response - but its been the usual end of week madness!!

    The problem still hasn't been resolved unfortunately... It is certainly something client side, as apparently the 'service' used to work (this is a Directors personal netbook by the way)

    I had re-installed UAG component client side - firstly I uninstalled UAG endpoint components - reboot.

    If trying to install them manually from the msi's found on the UAG server (C:\Program Files\Microsoft Forefront Unified Access Gateway\von\PortalHomePage) the msi fails to install, regardless of whether I run full, network only etc.... If I go to the UAG site, I get prompted to install UAG and it completes fine ....supposedly..

    When the Endpoint is then checked for compliance, it fails and hence the event log which is generated on the client PC regarding the endpoint component failing to run "uagqecsvc - failing to register the MSOFT UAG Quarantine Client component failed - HRESULT 0x80270003"

    I dont really know what else we can do....

    Friday, September 13, 2013 9:04 AM
  • Hi,

    thanks for your update.

    1. if the problem only occured on computer that is using Win7 Starter Edition.

    2. Can you have a test on anther computer that is using differnet Win7 version?

    Best Regards

    Quan Gu

    Friday, September 13, 2013 9:50 AM
  • Hi Quan,

    as mentioned this is a personal netbook of a Director - all other clients, whether Win 7 Enterprise (corporate builds) or any other Win 7 versions of home users are fine and connect to UAG without a problem (I don't think anyone else uses starter ed to be honest which is why I was questioning this..?

    Many thanks,

    Friday, September 13, 2013 9:55 AM
  • Hi,

    I think I need to take more time to do some research.

    if you have some else clues ,please feel free to contact me.

    Thanks for your patience and support.

    Best Regards

    Quan Gu

    Friday, September 13, 2013 10:08 AM
  • Thank you Quan,

    appreciate the assistance.


    Friday, September 13, 2013 10:22 AM