none
Application invocation data cannot be generated. System error: 82 RRS feed

  • Question

  • Hi,

    I have a test setup with UAG and get following error:

    Application invocation data cannot be generated. System error: 82

    Browsing thru these posts and the internet I cannot find any additional information or solutions. Can you help?

    Setup:

    Windows 2008 R2 SP1 server with UAG 2010 SP1

    Windows 2008 R2 SP1 server with RDS on it with some applications published.

    UAG server has public certificate remote.companyname.com

    RDS server has internal certificate from domain DC TS1.companyname.local. Certificate is in the store on the UAG server

    The UAG portal as such works fine, I can access the Web Monitor tool without errors

    The RDS works fine also, because before I tested it with TMG which was working OK...

    What am I missing here? I followed all procedures found on the internet...

    Kr,
    Bart

    Friday, August 5, 2011 7:33 AM

Answers

  • When and how do you get this error?
    Ben Ari
    Microsoft CSS UAG/IAG Support
    Sammamish, WA
    • Marked as answer by Erez Benari Friday, August 26, 2011 10:41 PM
    Friday, August 26, 2011 10:41 PM

All replies

  • When and how do you get this error?
    Ben Ari
    Microsoft CSS UAG/IAG Support
    Sammamish, WA
    • Marked as answer by Erez Benari Friday, August 26, 2011 10:41 PM
    Friday, August 26, 2011 10:41 PM
  • This is a tricky one - Rainier+Ran from MSFT and I have had several weeks on this one

    This error seems to be certificate based and I *think* it was the certificate template I used in hindsight.  The issue is the certificate on the RD server not the UAG trunk cert.

    Check/try:
    - Generate your RD server cert with a generic Web Server template
    - Your RD server certificate must either have revocation checks disabled or have a CRL accessible to the client
    - UAG must access the RD server using the FQDN set in the certificate (you can set the DNS entry for this in the host file on UAG if need be) - not because UAG cares but because this name is passed to the client and the client compares it to the cert FQDN

    We progressed from this problem when I set up a totally dummy certificate on my lab and it worked:
    - RD server real name is ts.acme.com (my internal AD domain)
    - ts.contosso.com certificate is created with no revocation requirements using generic web template
    - RD server session host is set to use ts.contosso.com certificate (my web facing domain name)
    - RD RemoteApp (if you need it) signs apps with ts.contosso.com
    - UAG has a host file entry to ts.contosso.com pointing at the ip of ts.acme.com
    - UAG trunk is set to use mysite.contosso.com

    --Zuzzy

    Wednesday, August 31, 2011 1:23 PM