Thursday, July 7, 2011

TMG 2010 Change Password

Q: We were presented with a Forefront Threat Management Gateway server (TMG) 2010.  It was configured with a Web Listener using FBA, LDAPS auth to a DC (not GC) and when the user's account had the (X) Change password at next login enabled, the user could not authenticate at all.  They were presented with the message "You could not be logged on to ISA Server. Make sure that your domain name, user name, and password are correct, and then try again." We even patched it up to release Version: 7.0.9027.450.
A: Come to find out, the fix for this is the same one as ISA 2006 - KB957859.  This helpful script run against the Listener fixed the issue.

Cscript EnableHotfix957859.vbs /webListener:<listener name> /Value:true

1 comment:

  1. Thank you, i was going crazy since read your post.