SymptomsWhen end users attempt to access the Forefront UAG portal, they may receive the following message "The trunk name in the received request does not match the expected trunk name." There may also be an event 160 in the event viewer or in the Web Monitor with the description "ADFSv2Site: Authentication request for site [requested_site] does not match the expected trunk name [trunk_name]. Session ID: [session_ID]."

CauseIf you published more than one trunk using federated authentication, an end user may sign in to one trunk and then try to access another trunk from their authenticated session. However, because they have not authenticated to the second trunk, the attempted access will fail.

SolutionIf there are only a few occurrences of this event in the event viewer, you can ignore the events. If you see many occurrences of this event in the event viewer, it could be indicative of malicious user activity.