UAG 2010 SP1 - PINSAFE Integration RRS feed

  • Question

  • Hi,

    I'm configuring my UAG box to access a remote PINSafe repository.  I have deployed the revised pages, followed the configuration steps to add an internal site rule and modify parameters etc.  Have confirmed I can get a Turing image via web browser from UAG box, and also access the PINSafe admin web URL on 8080 (TMG is allowing all traffic to PINsafe server).  I had the login page displaying once quite nicely, but now once the Endpoint check is complete and the portal redirects to the logon page (/SecureRemoteAccessPortalHomePage/) but never loads.  I've checked and double checked that login.asp is in the correct place (/customupdate) and that the trunk is pointed at the alternate login page....HELP! :)



    Thursday, June 21, 2012 5:47 AM

All replies

  • OK, so I'm working this out.  Hope this helps someone else.  The problem was the parameter for the new "InternalSite" rule that needs to be created was failing my username, because we use UPNs and the standard regex didn't like "@" and ".".  This in turn stopped the page rendering because "image.asp" couldn't be accessed.  having now fixed the regex I can authenticate nicely.

    BUT. I need to pass authentication to SharePoint servers, and now SSO isn't working the way it did before, so I guess I need to go to Kerberos.  This is OK as the SP farm uses Kerberos.  I know I need to specify an SPN for the application, but I'm a bit stuck to understand if this is a new SPN for the application on UAG, or is it the SPN of the SharePoint application?  I have to admit I don't thoroughly understand Kerberos, so this is probably a stupid question.  any help much appreciated..


    • Edited by wigneys Thursday, June 21, 2012 7:22 AM
    Thursday, June 21, 2012 7:22 AM