In my environment I have only one server TMG 2010, and two domain controllers.
In this environment does not have NLB.
I have no DMZ
We have no branches
The TMG Server in this same network that DCs
The TMG Server is integrated in the field.
However the traffic LDAP and LDAP GC TMG Server (192.168.0.4) to the DC Server (192.168.0.1), this being blocked.
My question is, how the LDAP query traffic can be blocked if the TMG in this domain?