As mentioned previously, whenever a SEG is inserted between the TMG and EAS servers, you need to enable delegation from both the TMG and SEG servers.

To enable delegation from active directory, you need to repeat all the steps in Enable Delegation from Active Directory when using a TMG when using a TMG for the TMG to SEG servers, and then again from the SEG to the EAS servers.

  • Configure AD to Enable TMG for Delegation
  • Enable TMG to Delegate HTTP EAS Traffic to SEG
  • Configure AD to Enable SEG for Delegation
  • Enable SEG to Delegate HTTP EAS Traffic to EAS

Next, you must Create a Service Principal Name (SPN) for the EAS Server.