Windows Server 2019 – Requirements for WAP

How to set a static IP address on Windows Server 2019

Unfortunately, the ability to make use of the Web Application Proxy comes with a pretty awkward requirement: you must have AD FS installed in your environment to be able to use ieven to test it, because the WAP configuration is stored inside AD FS. None of the WAP configuration information is stored on the Remote Access Server itself, which makes for a lightweight server that can be easily moved, changed, or added to. The downside to this is that you must have AD FS running in your environment so that WAP can have a place to store that configuration information.

While a tight integration with AD FS does mean that we have better authentication options, and  users can take advantage of AD FS single-sign-on to their applications that are published through WAP, so far this has proven to be a roadblock to implementation for smaller businesses. Many folks are not yet running AD FS, and if the only reason they are looking into implementing AD FS is so that they can use WAP to publish a few web applications to the internet, they may not choose to invest the time and effort just to make that happen.

One thing to keep in mind if you are interested in using WAP, and are therefore looking at the requirement for AD FS, is that AD FS can certainly be used for other functions. In fact, one of its most common uses at present is integration with Office 365. If you are planning to incorporate, or thinking of incorporating, Office 365 into your environment, AD FS is a great tool that can enhance authentication capabilities for that traffic.

Comments are closed.