The following is applying to TMG too.

If you have an internal certificate authority and a GPO which enables automatic certificate enrollment, you may have the following event logged on the Application event log:

Event ID: 6

Source: CertificateServiceClient-Autoenrollment

Description: Automatic certificate enrollment for local system failed (0x800706ba). The RPC server is unavailable.

image

To solve this issue, you have to open the TMG Management console (even for UAG), right click on Firewall Policy and choose Edit system policy (All tasks\System Policy)

image

Disable Enforce strict RPC compliance (available at Authentication Services\Active Directory)

image