Microsoft TMG Enterprise Storage Array Connectivity

Why can't TMG connect to the Enterprise storage configuration server on the same LAN? It turns out that it's because of an invalid or missing machine certificate, which is precipitated by the server not requesting one from the CA, or because it overlapped with an old one in the CA and didn't get a new one before TMG was loaded and blocked the requests. The issue with getting the certificate issued from the internal CA (also on the same subnet) appears to be in some way related to the server having multiple adapters, DNS registrations and a general confusion that causes in terms of the machines identity (FQDN). Uninstall TMG, remove the machine from the domain, re-add the machine to the domain, make sure there are no issues with the CA, run "gpupdate /apply" and you will either immediately get the error in the application log that the RPC server could not be reached to get the machine certificate, or it worked. Once the machine has the cert, install TMG and join to the enterprise array.

keywords: ISA, TMG, forefront, enterprise array, EMS, enterprise storage, RPC errors, domain certificate, machine certificates