Hello,
I have rather a strange issue where I cant seem to find any logs on any of my servers including TMG. I can log in using AD credentials to various sites we have which rely on the same TMG servers and AD servers perfectly fine with all accounts. However when I have an account which the password is going to expire in a month (4 weeks) the users are unable to log in to the OWA site and get a message stating:
"You could not be logged onto the Forefront TMG. Make sure that your domain name, user name, and password are correct, and then try again."
However if I use the same credentials on one of the other sites the account works fine as the account is still active and has not yet expired. The users are in different physical locations and different OU's but on the same AD servers and TMG. The issue is not present with accounts which have had a recent password reset or are out of scope for a password expiration within a month. In other words if they have an expiry date longer than a month they can log in to OWA perfectly fine.
The TMG will log traffic which is authenticated on OWA and I can see this on the IIS servers and DC's as well. However with the expiring account I see nothing on the TMG, IIS or DC's. The same thing happens if I fail authentication purposefully on a live
account (one not expiring in the next 4 weeks). I am not sure where to go as I have no logs to look through so I cant see the issue to resolve it.The other sites which are working as published on the TMG as well which work find regardless of expiration date
approaching.
Does anyone else have this issue or any ideas on where to go?
I hope this all makes sense.
Thanks in advance
James
