I have donwloaded the TMG VHD from Microsoft's public website to see if it was possible to configure authentication to a non Microsoft LDAP, but it does not appear to be an option. Does anyone know if there is a plan to add support for authenication to anything other than RADIUS, AD or LDAP to AD?
Thumbs up with the IAG support, but it'd be nice if TMG could specify a base DN, search scope and a custom user attribute such as UID to support LDAP v3 servers.... I know now for simplicity's sake it's easy to mask that use via samAccountName, but it'd definitely be an extra string in the bow for external non-AD support.
If you're wanting to do this for inbound access control, then UAG is your future. Few resources going forward will be devoted to TMG for inbound access, as most of those are going toward the UAG. So it would be great to get on board early :)