Hi all,
Have 2 x IIS 8.5 servers internally with .net applications on them
The IIS servers have been configured to use a domain account for their apppool... and credentials are pass successfully from the front end server to the back end server.
When publishing the front-end server via TMG, the front-end web pages show up fine, but the delegated credentials aren't passed to the "back end" pages and a 401 - unauthorised error is presented.
The TMG computer account has the front end and back end http SPN's defined for delegation in its AD account properties.
Is this expected ? is this a limitation of TMG ? or have I simply done something incorrect ?
