Threat Management Gateway 2010 Issues with VMXNET Network Adapters

So I stumbled across an issue worth sharing last week. When installing TMG 2010 for
a Lync 2010 deployment I ran into an issue with TMG not being able to identify
the network adapters.

All servers in this deployment were hosted on VMware. The OS was 2008 R2 x64. I was
able to install TMG with no problems. I was able to define the internal network
(which was pulled from the internal vmxnet adapter, showing TMG did recognize
it at some point). I was given the option to define networks, ranges, IP’s.
Everything finished with the install with no errors, no events of any kind in
the event log showing there is any issue.

Next I launch TMG for the first time. Click on Configure Network Settings. At the
network template screen where you choose your topology of your network you are
given four choices (Edge Firewall, 3-Leg Perimeter, Back Firewall, Single
Network Adapter) problem here is that everything is greyed out. I would get an
error stating that TMG was unable to identify any network adapters. The strange
thing is that clearing during the defining the internal network stage TMG did
find the adapters.

This took place while I had someone from Microsoft onsite to work on some other Lync
2010 issues so between the two of us we could not figure it out. I updated to
Service Pack 1, I updated to Update 1 for SP1 no change. I found a hotfix that
would address an issue if your address was 128.8.x.x which ours were, so I
applied that (hotfix 427944). That did not work. So as a last try I removed the
vmxnet adapters, replaced them with Intel Pro 1000′s and did a reinstall of TMG
and everything worked just fine.

I found a few things on other blogs that point to an issue with the vmxnet 3
adapters and network load balancing but I was not anywhere near getting to that
point of the setup when I was seeing this issue. Just something to help you out
if you are installing TMG 2010 on VMware you may need to use a different
adapter other the vmxnet 3′s. If anyone has seen this issue please drop me a
line I would love to get other’s feedback on this.

Clearing Run History From FIM 2010 with PowerShell

The Run History is stored in the FIM database, and contributes massively to the growth the database. If you don’t regularly delete the Run History, your database files will grow and grow until the disk is full. We all know what happens when your database drive is out of space. Clearing the History also requires large amounts of free space on the volume holding the transaction log file. This file needs to be expanded in the clearing process – and the more you’re trying to clear, the more disk space will be needed. So the best thing to do is keep this under control. It is a simple process but one that gets overlooked sometimes.

You can clear the run history manually in the FIM GUI. I like to clear it using PowerShell. Below is a script I use. Simply add in the date you want to clear up to and the server name. I like to keep 7-10 days of run history but this depends on how often you are doing runs. I try and keep 3 to 5 runs a week, I am working with MA’s that have 3.5 million objects so it is hard to get this run every day. If you want to be hands off you can set this script to automate using task scheduler but I would advise to keep an eye on this to make sure your runs are clearing as expected.

#——————————————————————————————————————–

Clear-Host

$DeleteDay = Get-Date

If($args.count -gt 0)

{

$DayDiff = New-Object System.TimeSpan $args[0], 0, 0, 0, 0

$DeleteDay = $DeleteDay.Subtract($DayDiff)

}

Write-Host “Deleting run history earlier than or equal to:” $DeleteDay.toString(‘MM/dd/yyyy’)

$lstSrv = @(get-wmiobject -class “MIIS_SERVER” -namespace “rootMicrosoftIdentityIntegrationServer” -computer “.”)

Write-Host “Result: ” $lstSrv[0].ClearRuns($DeleteDay.toString(‘yyyy-MM-dd’)).ReturnValue

#——————————————————————————————————————–

Trap

{

Write-Host “`nError: $($_.Exception.Message)`n” -foregroundcolor white -backgroundcolor darkred

Exit

}

#——————————————————————————————————————–