Enabling Microsoft Update on UAG DirectAccess Servers

I shouldn’t have to say it – but you should always enable Microsoft Update on your UAG DirectAccess servers and arrays. In the third step of the UAG Getting Started Wizard you are given the opportunity to enable Microsoft Update (and also join the Microsoft Customer Experience Improvement Program, something I highly recommend). After you complete the step and activate the configuration, you would expect that the UAG server or array is going to update itself.


The problem is that sometimes (all the time?) Microsoft Updates fail. How to fix this?

One solution is found on the UAG TechNet forum. All you need to do is open an elevated command prompt and enter:

netsh winhttp set proxy localhost:8080

and press ENTER and BAM! Microsoft updates start working.

The most likely reason for this is that the UAG server needs to be configured as a web proxy client of the TMG server running on the same machine. When you run the netsh command, the proxy configuration is set to send web requests to the web listener on the local host network (the local host network is defined as all IP addresses assigned to the TMG firewall – which is the same as all the IP addresses assigned to the UAG DirectAccess server).



Tom Shinder
Principal Knowledge Engineer, Microsoft DAIP iX/Identity Management
Anywhere Access Group (AAG)
The “Edge Man” blog :
Follow me on Twitter: https://twitter.com/tshinder
Facebook: http://www.facebook.com/tshinder

Visit the TechNet forums to discuss all your UAG DirectAccess issues http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag/threads

Stay up-to-date with “just in time” UAG DirectAccess information on the TechNet wiki http://social.technet.microsoft.com/wiki/tags/DirectAccess/default.aspx