I'm running array of 2x windows 2008 TMG 2010 SP2 and attempting to publish oma/eas. I've tested this working with username/password authentication but would like client cert authentication.
I've configured the publishing rule to use kerberos constrained delegation to the correct SPN and have configured delegation in AD for the computer accounts of both arrary members. Despite the tmg array and exchange servers all being domain members i' am unable to connect and when running the test button get different errors on each server:
Array Member 1:
Category: KCD error
Error details: Failed to get domain controller name for this published server.
Action: Kerberos Constrained Delegation requires both that the Forefront TMG computer and the published server are members of the same domain.
Array Member 2:
Category: General error
Error details: 1722 - The RPC server is unavailable.
Domain controllers are windows 2003 running at 2003 functional level. OMA webserver is 2003 server.
Appreciate any assistance.
