locked
Removing UAG authentication? RRS feed

  • Question

  • Is it possible to remove UAG authentication? We have a sharepoint site that authenticates against a LDS. I'd like to allow users to connect directly to the site and authenticate using their LDS account in the java app.

    Other sharepoint apps exist that require UAG authentication via the usual channels.

    Cheers

    Mark

    Wednesday, February 8, 2012 12:22 PM

Answers

  • You need to assign an additional VIP and use that for the second Trunk. You can add the additional VIP address from Admin | Network Load Balancing... in the UAG console.

    This assumes you have a spare IP address in the subnet used by the UAG external interfaces...

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk

    • Marked as answer by Mark_Robson Friday, February 10, 2012 5:03 PM
    Thursday, February 9, 2012 10:56 AM

All replies

  • Hi Mark,

    Yeah, just Disable (untick) the Require users to authenticate at session logon option from the Advanced Trunk Configuration | Authentication tab.

    You can't do it during the publishing wizard, so you will need to define a fake auth repository and then make the changes manually afterwards to disable auth on the trunk...

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk

    • Marked as answer by Mark_Robson Thursday, February 9, 2012 9:56 AM
    • Unmarked as answer by Mark_Robson Thursday, February 9, 2012 10:02 AM
    Wednesday, February 8, 2012 11:51 PM
  • P.S. This change will apply to the entire trunk, so you will likely need multiple trunks to meet your needs of both auth and non-auth publishing...

    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk

    Wednesday, February 8, 2012 11:52 PM
  • Thanks Jason.

    Only problem I have now is that i cannot use my Vitrual IP used in my NLB with the 2nd portal as they share same IP and port. Tried a non-secure trunk but again, the IP is the same so I can't activate it.

    I guess I'd need to assign a 2nd IP to the external NICs? Would this cause problems with the NLB?

    Cheers


    • Edited by Mark_Robson Thursday, February 9, 2012 10:04 AM
    Thursday, February 9, 2012 9:56 AM
  • You need to assign an additional VIP and use that for the second Trunk. You can add the additional VIP address from Admin | Network Load Balancing... in the UAG console.

    This assumes you have a spare IP address in the subnet used by the UAG external interfaces...

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk

    • Marked as answer by Mark_Robson Friday, February 10, 2012 5:03 PM
    Thursday, February 9, 2012 10:56 AM
  • You're a gentleman.

    Cheers Jason.

    Thursday, February 9, 2012 10:58 AM