Problems when installing Exchange 2010 Service Pack 1 on a TMG configured for Mail protection

Posted by sumeethevans on September 2 2010, 8:32 PM. Posted in Exchange, ISA, ForeFront.

TMG can be configured in a Mail protection role. In such configurations Forefront Protection for Exchange and Exchange Server (edge transport role) are installed on the same machine as TMG.

We have identified problems when installing Microsoft Exchange Server 2010 Service Pack 1 (SP1) that was released last week on such deployments.

Root cause SP1 made some changes to the SDK including removing some of the existing cmdlets (see more information here).

When Email protection is configured on TMG and Spam Filtering functionality is enabled, TMG uses one of the cmdlets that has been removed (get-antispamupdates) in SP1. As a result, Microsoft Forefront TMG Managed Control service fails to start and the event viewer will contain a message that the service terminated with the following error : %%-2146233088 : What we are doing to address this problem

The TMG team is fully committed to addressing this problem and is working on a fix which will be publically available soon. We recommend refraining from installing Exchange 2010 SP1 on TMG machines until the fix is available. We will publish another blog post when the fix becomes available.

If you are already affected by this problem and need urgent assistance, please contact Microsoft support (