Andy Dawson's Blog

The blog of Andy dawson

17. November 2010 14:42
by Andy Dawson
5 Comments

Live Messenger behind TMG cannot log in (error 80072f7d)

17. November 2010 14:42 by Andy Dawson | 5 Comments

We’ve seen some examples of users being unable to log into Windows Live Messenger (both 2009 and 2011) recently with the error 80072f7d being returned.

Users who are able to make a connection to the internet outside our TMG firewall have been successful in logging in, even when they returned to the office and were once again behind the TMG firewall, so it seems to be an initial connection to the Messenger service which is failing when behind the TMG firewall.

Our TMG implementation is using HTTPS inspection, which we have seen cause issues with a number of services and this also turned out to be the case with Live Messenger. Once the URLs listed in KB960820 were excluded from HTTPS inspection, logging into Live Messenger from inside our TMG firewall started working again.

Comments (5) -

Andy
Andy
11/22/2010 12:58:27 PM

what is the solution for this ?
what can i do ??

Andy Dawson
Andy Dawson
11/22/2010 1:29:42 PM

Hi John,

Edit the HTTPS inspection exemption list (Web Access Policy -> HTTPS Inspection -> Destination Exceptions -> Add or edit existing list) and add the HTTPS domains listed in the article to the list.

Andy

Andy
Andy
11/23/2010 1:02:50 AM

Hola me podrias explicar como editar la lista. no le entiendo.


Gracias

Andy Dawson
Andy Dawson
11/23/2010 10:16:11 AM

To edit the list of HTTPS inspection exemptions, follw these steps:

1. Log into the TMG server as a user with enough priviledges to modify TMG settings.
2. Open the Forefront TMG MAnagement console.
3. Click on 'Web Access Policy' in the left pane of the console.
4. Click on the 'Enabled' link next to 'HTTPS Inspection' at the top of the main pane of the console.
4. Select the 'Destination Exceptions tab of the window which opens.
5. Select the list of exceptions you wish to modify and click Edit, or create a new list using the Add... button
6. Click the Add button to add a new entry and type in the domain you wish to exclude from HTTPS inspection (note that this can be a wildcard, such as *.microsoft.com - This should NEVER have a wildcard at the end of the domain however)
7. CLick OK to close the exception list window and OK again to close the HTTPS exception dialogue.
8. Apply the changes you ahve made using the 'Apply' button which is shown at the top of the main pane of the TMG console.

Changes sometimes take a couple of minutes to apply, so give your new configuration a few minutes before testing.

Andy

Andy
Andy
4/21/2011 11:11:27 AM

There's another fix that has now been made available for some situations where a user cannot log onto Messenger, or gain access to some https sites: http://support.microsoft.com/kb/2501650

Andy

Pingbacks and trackbacks (1)+

Add comment

  Country flag

biuquote
  • Comment
  • Preview
Loading