When you publish SharePoint applications through Forefront Unified Access Gateway (UAG) you can enable rich clients to authenticate using a 401 response or by using Microsoft Office Forms Based Authentication (MSOFBA). When you enable either of these options, you enable SharePoint sites to automatically synchronize SharePoint libraries with Microsoft Outlook. However, end users will be prompted for authentication credentials in Outlook every time it tries to synchronize with the SharePoint library. If you do not use SharePoint library synchronization, you can configure Forefront UAG so that users do not receive these authentication prompts.

If users have configured Outlook with SharePoint libraries, after blocking the automatic synchronization, there will be an error in the Outlook status bar.

To block automatic SharePoint library synchronization

  1. On the Forefront UAG server, open the ...\Microsoft Forefront Unified Access Gateway\von\InternalSite\inc folder and then open the DetectionParams.ini file.

  2. Locate the following code in the file:

      Copy Code
    IF NOT InitializedInSessionMgr THEN
    END IF

    Add the following code:

      Copy Code
    ' Check if it is an Outlook Client
    If ParameterAsBool("OutlookClient") Then
    	Response.Status = "500"
    End If

    Save the file.

  3. Open the ...\Microsoft Forefront Unified Access Gateway\von\InternalSite folder and then open the web.config file.

  4. Add the following detection expression to the file (assuming that users are using Microsoft Outlook 2010):

      Copy Code
    <DetectionExpression Name="OutlookClient" Expression='UserAgent Contains "microsoft office outlook 2010" OR UserAgent Contains "microsoft outlook social connector" OR UserAgent Contains "outlook sts"' DefaultValue="false" />

    Save the file.

  5. Open the ...\Microsoft Forefront Unified Access Gateway\von\Conf\WizardDefaults folder and then open the AgentDefaultParam.ini file.

  6. At the top of the file reduce the number of agents by one.

  7. Locate the agent that is defined with HeaderValue1=Microsoft Office Outlook, delete the agent definition, and save the file.

  8. Activate the configuration.