Installing SP2 for Forefront UAG 2010

Applies To: Unified Access Gateway

This section describes how to install Forefront Unified Access Gateway (UAG) Service Pack 2.

Forefront UAG SP2 can be installed only on Forefront UAG SP1 Update 1; including any subsequent hotfixes. To install Forefront UAG SP2, you should install your servers as follows:

  1. Install Forefront UAG with SP1 as a clean installation. See Installing Forefront UAG 2010.

  2. Install Update 1 for Forefront UAG SP1. See Installing Update 1 for Forefront UAG SP1.

  3. Install Forefront TMG SP2. See Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 2.

  4. Install Forefront UAG SP2.

The Forefront UAG SP2 update can be obtained from the Microsoft Download Center (

Installing SP2 as an update

Use the following topics to install SP2 as an update:

Installation recommendations

Before you install SP2, we recommend that you create a system restore point. You do not need to make a backup of your existing Forefront UAG configuration because a backup is automatically created during the installation of SP2; however, we also recommend that you back up your configuration before installing SP2.

Installation known issues

When performing a rollback from Forefront UAG SP2 to SP1 Update 1 and immediately activating Forefront UAG, the following error message appears: “The schema version of the configuration does not match the product schema version…”. To recover from this issue, you must restart Forefront UAG.

Importing configurations

There are three methods to import a configuration into Forefront UAG SP2:

  1. Import the configuration from Forefront UAG SP1 Update 1

    1. Export the configuration from the server running SP1 Update 1.

    2. Copy the configuration file to the server running SP2.

    3. Double click the upgradeschemaUtil.exe file (found under common\bin\).

    4. Use the utility to choose the SP1 Update 1 configuration file that you previously exported.

    5. Enter the password for the file.

    6. Run the utility.

    7. The configuration is imported into the server running SP2.

  2. Perform an in-place upgrade

    1. Run the installer file: UAG-KB2710791-v4.0.2095.10000-ENU.msp.

    2. The configuration from the server running SP1 Update 1 is automatically imported during the installation of SP2.

  3. Import the configuration from an existing server running SP2

    1. Export the configuration from the first server running SP2.

    2. Import the configuration file to the second server running SP2.

    3. Activate the configuration.