I am publishing Exchange 2013 CU1 through UAG 2010 SP3. Everything is working fine except that OWA and ECP users must log on twice, first through UAG and second through Exchange FBA. FBA and Basic authentication are both enabled on the OWA virtual directory, and the both are enabled as IIS authentication methods. I have tried it with both the logon server and Kerberos Constrained Delegation and the results are the same.
Can this configuration be made to work with a single logon without having to create a separate CAS or a separate web site i