Remove Web Application Proxy Server From Cluster 【2024】

Not all proxies are equal. Determine:

Despite careful removal, issues can arise. Here’s how to handle them:

Remove-WebApplicationProxyEndpoint -ProxyEndpoint <FQDN_of_WAP_node> remove web application proxy server from cluster

Step 2: Unconfigure WAP role on the target node

# On the target WAP server
Uninstall-WindowsFeature Web-Application-Proxy -Restart

Step 3: Clean up AD FS proxy trust (if orphaned entries remain) Not all proxies are equal

# On AD FS server
Get-ADFSWebApplicationProxyRelyingPartyTrust -Name <proxy_node> | Remove-ADFSWebApplicationProxyRelyingPartyTrust

# List all proxy trusts
Get-ADFSWebApplicationProxy
Introduction: The Art of Surgical Infrastructure Removal
In the lifecycle of any production environment, change is inevitable. Scaling down, hardware retirement, traffic pattern shifts, or security overhauls often necessitate the removal of a node from a cluster. While adding resources is exciting, removing a Web Application Proxy (WAP) server from a cluster is a delicate surgical procedure. Done incorrectly, it can orphan authentication requests, break Single Sign-On (SSO), and leave your external users staring at a cryptic 503 error. Step 2: Unconfigure WAP role on the target
WAP, particularly in Microsoft-centric environments (acting as a reverse proxy for Active Directory Federation Services - ADFS), is not a stateless load balancer. It holds specific configuration ties, certificate dependencies, and publishing rules. This guide provides a comprehensive, vendor-agnostic approach with specific emphasis on ADFS/WAP, NGINX, and HAProxy clusters.
By the end of this article, you will understand the prerequisites, the dismantling process, and the post-removal validation steps required to keep your cluster healthy.
# Check trust status with AD FS
Get-WebApplicationProxyConfiguration