Microsoft UAG 2010 File Access is a nice feature to securely publish your internal shares on your UAG Portal for Internet users. To successfully publish your shares on UAG portal and for the File access to work, it requires the following:
- NETBIOS should be enabled, Ports 137-139 should be open and not blocked by any internal Firewall
- Port 445 for SMB should be open so UAG server can access/Locate the shares.
- On the UAG NIC facing the internal Network as well as on your Domain Controllers NICs, make sure to enable the NETBIOS Over TCP from the NIC advanced properties (WINS Tab).
- The File servers should have the Turn On discovery feature enabled (check attached) from the Network card advanced sharing options. By design it will turn off automatically unless you started several services as SSDP and UPnP services, please check this thread for more information http://social.technet.microsoft.com/Forums/en-US/windowsserver2008r2networking/thread/17e7b386-53ea-411c-8d90-cf4a6229ba27
Sometimes its hard to configure all these settings or maybe its restricted by your network policy. To manually add a network share or even DFS share to your UAG file access you need to modify the ShareAccessCfg.xml (This is the core file for the File Access Application). This file is located under ..Microsoft Forefront Unified Access GatewayvonFileAccess
The ShareAccessCfg.xml file can be edited easily using a notepad or any Free XML Editor, one editor that i use frequently is the Microsoft XML Notepad 2007 http://www.microsoft.com/en-us/download/details.aspx?id=7973
To manually add a server or Share you need to add them under the Server section or Share section as shown below
<servers>
<server name=”DomainServer1″ marked=”1″ provider=”MS”/>
</servers>
<shares>
<share name=”DomainServer1Share_name” marked=”1″ provider=”MS”/>
</shares>
After changing and saving the ShareAccessCfg.xml, make sure of the following:
- Restart Microsoft Forefront UAG File Sharing Service
- Open the Application from the UAG Console – Admin – File Access and make sure to hit Apply on each item (Domain, Server and Share)
- Activate UAG
thank you, this answers many of my questions however I have a server with 2 shares, I added them and they activate without error but only one of the shares shows up in the portal file acess. I have verified that it is not a share issue on the server, or permissions issue or browser issue. I can UNC to both shares from the UAG server. Any ideas why the one isn't showing up?