Set-WebApplicationProxyConfiguration -ConnectedServersName ((Get-WebApplicationProxyConfiguration).ConnectedServersName -ne 'ServerToRemove.domain.local') Use code with caution. Copied to clipboard
The most critical step is telling AD FS to revoke trust for the specific proxy. This prevents the removed server from authenticating to AD FS in the future.
Step 2: Uninstall the Web Application Proxy Role via PowerShell
: Force the local cleanup by adding the force parameter if available in your environment, or manually strip the registry keys located under HKLM\Software\Microsoft\Windows NT\CurrentVersion\RemoteAccess\ . High CPU or Error Spikes on Remaining Nodes remove web application proxy server from cluster
Verify that all other WAP servers in the cluster are healthy and actively processing traffic.
"It's a simple procedure," his mentor, Jen, had told him earlier. "It’s not like removing a heart. More like… removing a tonsil. It’ll hurt for a day, then everyone breathes better."
reg delete "HKLM\SOFTWARE\Microsoft\Web Application Proxy" /f reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WAPAdminService" /f Step 2: Uninstall the Web Application Proxy Role
Before executing any commands, complete these preparatory steps to safeguard your environment:
✅ after removal. The AD FS proxy trust certificate (default 1-year) does not need immediate reissue, but after a cluster size change, run:
To remove a Web Application Proxy (WAP) server from a cluster, you can use either PowerShell to clean up the configuration or the Server Manager wizard to decommission the server role entirely. "It’s not like removing a heart
Unjoin the server from the Active Directory Domain (if it is being repurposed or decommissioned).
Confirm the server is removed from the backend pool and the load balancer shows "Healthy" for remaining nodes.
Once the cluster no longer recognizes the node, you can safely decommission the machine: