SOLVED
Home

AAD Connect and WinRM on WAP

%3CLINGO-SUB%20id%3D%22lingo-sub-830918%22%20slang%3D%22en-US%22%3EAAD%20Connect%20and%20WinRM%20on%20WAP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-830918%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20looking%20at%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fhybrid%2Fhow-to-connect-install-prerequisites%23windows-remote-management%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ethese%20WinRM%20on%20WAP%20prerequisites%3C%2FA%3Eand%20not%20sure%20it's%20explained%20well%2C%20so%20have%20couple%20questions%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CEM%3E%3CSTRONG%3E1.%3C%2FSTRONG%3E%20When%20using%20Azure%20AD%20Connect%20%3CSTRONG%3Eto%20deploy%3C%2FSTRONG%3EActive%20Directory%20Federation%20Services%20or%20the%20Web%20Application%20Proxy%3C%2FEM%3E%3C%2FP%3E%3CP%3EI%20am%20not%20using%20AAD%20Connect%20to%20deploy%20ADFS%20or%20WAP.%20Does%20this%20chapter%20still%20apply%20to%20an%20env%20with%20existing%20ADFS%20and%20WAP%20servers%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CEM%3E%3CSTRONG%3E2.%3C%2FSTRONG%3E%20On%20the%20machine%20on%20which%20the%20wizard%20is%20running%3C%2FEM%3E-%20is%20that%20the%20AAD%20Connect%20machine%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CEM%3E%3CSTRONG%3E3.%3C%2FSTRONG%3E%20Set-Item%20WSMan%3A%5Clocalhost%5CClient%5CTrustedHosts%20%E2%80%93Value%20%3CSTRONG%3E%3CDMZSERVERFQDN%3E%3C%2FDMZSERVERFQDN%3E%3C%2FSTRONG%3E%26nbsp%3B%3C%2FEM%3E-Force%20%E2%80%93Concatenate%3C%2FP%3E%3CP%3E%3CSPAN%3E%3CDMZSERVERFQDN%3E%20is%20the%20WAP%20server%3F%3C%2FDMZSERVERFQDN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%3CEM%3E%3CSTRONG%3E4.%3C%2FSTRONG%3E%20On%20the%20target%20machine%20(WAP%20machine)%3C%2FEM%3E-%20does%20this%20need%20to%20be%20done%20on%20each%20WAP%20server%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-830918%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAAD%20Connect%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-850366%22%20slang%3D%22en-US%22%3ERe%3A%20AAD%20Connect%20and%20WinRM%20on%20WAP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-850366%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F70357%22%20target%3D%22_blank%22%3E%40Michele%20Casazza%3C%2FA%3E%26nbsp%3B%20Hello%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E1.%20If%20you%20are%20not%20going%20to%20deploy%20ADFS%20or%20WAP%20in%20your%20environment%20then%20this%20does%20not%20apply.%3C%2FP%3E%3CP%3E2.%20Yes%2C%20the%20machine%20running%20the%20wizard%20would%20be%20your%20AAD%20Connect%20server.%3C%2FP%3E%3CP%3E3.%20Yes%2C%20That%20is%20referring%20to%20the%20name%20of%20the%20WAP%20server%20but%20if%20you%20are%20not%20deploying%20ADFS%20and%20WAP%20no%20need%20to%20worry%20about%20this.%26nbsp%3B%3C%2FP%3E%3CP%3E4.%20Yes%20if%20you%20are%20deploying%20ADFS%20with%20WAP%20then%20you%20would%20need%20to%20do%20the%20action%20on%20all%20WAP%20servers%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThese%20steps%20are%20to%20ensure%20that%20the%20AAD%20connect%20wizard%20will%20be%20able%20to%20execute%20the%20PowerShell%20cmdlets%20necessary%20to%20deploy%20ADFS%20and%20WAP%20servers.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHope%20that%20helps!%3C%2FP%3E%3C%2FLINGO-BODY%3E
Michele Casazza
Occasional Contributor

I'm looking at these WinRM on WAP prerequisites and not sure it's explained well, so have couple questions

 

1. When using Azure AD Connect to deploy Active Directory Federation Services or the Web Application Proxy

I am not using AAD Connect to deploy ADFS or WAP. Does this chapter still apply to an env with existing ADFS and WAP servers?

 

2. On the machine on which the wizard is running - is that the AAD Connect machine?

 

3. Set-Item WSMan:\localhost\Client\TrustedHosts –Value <DMZServerFQDN> -Force –Concatenate

<DMZServerFQDN> is the WAP server?

 

4. On the target machine (WAP machine) - does this need to be done on each WAP server?

1 Reply
Solution

@Michele Casazza  Hello 

 

1. If you are not going to deploy ADFS or WAP in your environment then this does not apply.

2. Yes, the machine running the wizard would be your AAD Connect server.

3. Yes, That is referring to the name of the WAP server but if you are not deploying ADFS and WAP no need to worry about this. 

4. Yes if you are deploying ADFS with WAP then you would need to do the action on all WAP servers

 

These steps are to ensure that the AAD connect wizard will be able to execute the PowerShell cmdlets necessary to deploy ADFS and WAP servers.

 

Hope that helps!

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies