Error 0xc0040431 When Creating a Forefront TMG 2010 Enterprise Array
When attempting to join a Forefront TMG 2010 enterprise edition firewall to an Enterprise Management Server (EMS) managed array, you may encounter one of the following error messages:
The operation failed. Error: 0xc0040431 Forefront TMG Services failed to start after array join or an array disjoin. Check alerts, fix the configuration, and attempt to restart the services.
The operation failed. Error: 0xc0040410 The file cannot be imported because the enterprise management mode is 2010SP1 in the exported file and 2008-only in the stored configuration.
You may also encounter one of the following error messages when attempting to create a standalone array with two or more Forefront TMG 2010 enterprise edition firewalls:
The operation failed. Error: 0x80004002 No such interface supported
The operation failed. Error: 0xc0040410 The file cannot be imported because the enterprise management mode is in the exported file and in the stored configuration.
Any of these errors can occur when you attempt to join a pre-SP2 Forefront TMG 2010 firewall to an EMS-managed array running Forefront TMG SP2, or when you attempt to create a standalone array with one node running Forefront TMG SP2 and another node running SP1.
To resolve this issue, make certain that Forefront TMG 2010 firewalls are all at the same service pack and update level before joining an EMS-managed array or creating a standalone array. For information about determining which version of ISA or TMG is installed, refer to one of the following blog posts:
https://tmgblog.richardhicks.com/2010/10/11/how-to-determine-tmg-version/
https://tmgblog.richardhicks.com/2010/12/03/more-about-determining-tmg-version-numbers/
For a documented reference of ISA and TMG build numbers, click here.
Connect
Richard Hicks' Forefront TMG Blog 
I have one EMS server and two TMG server which is joined to that EMS before joining the TMG servers to an array i can able to browse to the internet by using any one TMG server proxy address but when i joined it to the array internet stops working plzz tell me is there specific rule that i need to create
Hi Arsalan,
When you create an array, any access rules that were configured will not be carried over unless you explicitly chose that option. To establish Internet access again, open the Forefront TMG 2010 management console, expand the array, then highlight the web access policy node in the navigation tree. In the tasks pane on the right side click the configure web access policy link and follow the prompts.
Thanks!
Does not work for me. I already updated all servers, first EMS followed by all array members to SP2 Update 1 e keep getting the same errors (second and fourth described here).
Anyone have another tip?
Still appears to be a mismatch. Are the EMS and the array members running the same operating system and update as well?
No way. I updated all TMG arrays including the EMS´s OS from 2008R2 to 2008R2 SP1, keeping everything on same level, nothing changes, same errors.
Hicks, do you have another idea?
This article is about Forefront TMG 2010 service packs, not the operating system. Make sure that your TMG firewalls and the EMS are at the same update before joining array members.
Hi Richard, I’m having a similar issue when trying to import my standalone server rules into my EMS server:
The file cannot be imported because the array Kirby Street is of version 2010SP2 in the exported file and version 2008 in the stored configuration.
I get this when trying to import any kind of object, from a single listener all the way up to whole config. The OS & TMG are both the exact same version so I’m not sure what the actual problem is. Any ideas?
I don’t believe that exporting policy and configuration from a standalone Forefront TMG 2010 firewall to an EMS is supported. However, you can accomplish this by simply joining your standalone TMG firewall to an EMS-managed array and selecting the option to bring your existing policy and configuration with you.