Remove Web Application Proxy Server From Cluster __top__ -

Removes the server's certificate trust relationship with the AD FS federation service.

On your internal ADFS server, run:

If the removed server still appears in the list, purge it by running: powershell

This guide outlines the standard procedures to gracefully decommission a WAP node using PowerShell and Server Manager. 1. Removing the WAP Node via PowerShell remove web application proxy server from cluster

Log into one of your remaining Web Application Proxy servers and check the status of the synchronization: powershell Get-WebApplicationProxyConfiguration Use code with caution.

A successful removal starts long before you execute a single command. Proper planning ensures your applications remain available and your security posture isn't compromised.

Delete the specific host record that contains the IP address of the WAP server you are removing. 4. Step 3: Remove the Web Application Proxy Role Removes the server's certificate trust relationship with the

Watch the logs in real-time to confirm traffic has stopped.

The most effective way to remove a WAP node and clean up its connection to the AD FS configuration database is through Windows PowerShell.

Did you encounter any specific during a previous removal attempt? Share public link Removing the WAP Node via PowerShell Log into

Once traffic has been drained, you must update the cluster's internal configuration to remove the server from the list of active members. The method depends entirely on your environment:

Removing a node might impact external access if your Network Load Balancer (NLB) is not updated to stop sending traffic to the removed IP.

| | Action | Tool/Command | |-----------|------------|------------------| | Current cluster size | Identify how many active WAP nodes exist | WAP PowerShell: Get-WebApplicationProxyConfiguration | | Active sessions per node | Determine if node has long-lived sessions | Load balancer logs or netstat -an | | Backend application health | Ensure target apps have alternate proxy routes | Health check via curl/browser | | AD FS/WAP synchronization | Verify config sync between WAP and AD FS | Event Viewer: AD FS Admin events | | SSL certificate status | Ensure remaining nodes have valid bound certs | Get-WebApplicationProxySslCertificate |