Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 2

Microsoft® Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 (SP2) introduces new functionality to Forefront TMG 2010 Standard and Enterprise Editions.

The service pack includes the following new functionality and feature improvements:

New Reports
• The new Site Activity report displays a report showing the data transfer between users and specific websites for any user.

Error Pages
• A new look and feel has been created for error pages.
• Error pages can be more easily customized and can include embedded objects.

Kerberos Authentication
• You can now use Kerberos authentication when you deploy an array using network load balancing (NLB).


Exchange 2010 Virtual directory: disable the kernel mode authentication

In a elevated PowerShell: (example: EWS dir)

cd $env:windir\system32\inetsrv
.\appcmd.exe unlock config "-section:system.webserver/security/authentication/windowsauthentication"
.\appcmd.exe set config "dirpath/ews" "-section:windowsAuthentication" "-useKernelMode:False" /commit:apphost

Quit and run from a standard command line:

iisreset /noforce

and the  Internet Address Management Wizard



%windir%\system32\inetsrv\appcmd.exe set config /section:system.webServer/security/authentication/windowsAuthentication /useKernelMode:false


%windir%\system32\inetsrv\appcmd.exe list config /section:system.webServer/security/authentication/windowsAuthentication