Set-WebApplicationProxyApplication

Modifies settings of a web application published through Web Application Proxy.

Syntax

Set-WebApplicationProxyApplication
   [-ClientCertificateAuthenticationBindingMode <String>]
   [-BackendServerCertificateValidation <String>]
   [-ExternalUrl <String>]
   [-ExternalCertificateThumbprint <String>]
   [-BackendServerUrl <String>]
   [-DisableTranslateUrlInRequestHeaders]
   [-EnableHTTPRedirect]
   [-ADFSUserCertificateStore <String>]
   [-DisableHttpOnlyCookieProtection]
   [-PersistentAccessCookieExpirationTimeSec <UInt32>]
   [-EnableSignOut]
   [-BackendServerAuthenticationMode <String>]
   [-DisableTranslateUrlInResponseHeaders]
   [-BackendServerAuthenticationSPN <String>]
   [-Name <String>]
   [-UseOAuthAuthentication]
   [-InactiveTransactionsTimeoutSec <UInt32>]
   [-ClientCertificatePreauthenticationThumbprint <String>]
   [-ID] <Guid>
   [-CimSession <CimSession[]>]
   [-ThrottleLimit <Int32>]
   [-AsJob]
   [<CommonParameters>]

Description

The Set-WebApplicationProxyApplication cmdlet modifies settings of a web application published through Web Application Proxy. Specify the web application to modify by using its ID. Note that the method of preauthentication cannot be changed. The cmdlet ensures that no other applications are already configured to use any specified ExternalURL or BackendServerURL.

Examples

Example 1: Change the extern URL for a web application

PS C:\>Set-WebApplicationProxyApplication -ID 874A4543-7983-77A3-1E6D-1163E7419AC1 -ExternalUrl https://SP.Contoso.com/

This command changes the external URL to https://sp.contoso.com/ for the web application that has the specified ID.

Example 2: Change the backend server URL and the external URL

PS C:\>Set-WebApplicationProxyApplication -ID 874A4543-7983-77A3-1E6D-1163E7419AC1 -BackendServerUrl https://Portal.Contoso.com/ -ExternalUrl https://SP.Contoso.com/

This command modifies a web application that has the specified ID. The command changes the backend server to be https://Portal.Contoso.com/ and the external URL to be https://SP.Contoso.com/.

Example 3: Change the name of a web application

PS C:\>Set-WebApplicationProxyApplication -ID 874A4543-7983-77A3-1E6D-1163E7419AC1 -Name Test123

This command changes the friendly name of an application that has the specified ID.

Example 4: Disable URL translation in headers

PS C:\>Set-WebApplicationProxyApplication -ID 874A4543-7983-77A3-1E6D-1163E7419AC1 -DisableTranslateUrlInRequestHeaders -DisableTranslateUrlInResponseHeaders

This command modifies the web application that has the specified ID. The command disables URL translation in both request and response headers.

Example 5: Change the certificate thumbprint for a web application

PS C:\>Set-WebApplicationProxyApplication -ID 874A4543-7983-77A3-1E6D-1163E7419AC1 -ExternalCertificateThumbprint FFAFA2422D77BC784D1F48E08F6BDAE32CD109A2

This command changes the external certificate thumbprint for the web application that has the specified ID.

Example 6: Change the time-outtimeout interval for web applicationstime-out

PS C:\>Get-WebApplicationProxyApplication SharePoint* | Set-WebApplicationProxyApplication -InactiveTransactionsTimeoutSec 400

This command changes the inactive transaction time-out for all web applications whose names begin with the string SharePoint.

Parameters

-ADFSUserCertificateStore

Specifies the certificate store for a AD FS user.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-AsJob

Runs the cmdlet as a background job. Use this parameter to run commands that take a long time to complete.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-BackendServerAuthenticationMode

Specifies the authentication method that Web Application Proxy uses when it contacts the backend server. The acceptable values for this parameter are: NoAuthentication and IntegratedWindowsAuthentication.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-BackendServerAuthenticationSPN

Specifies the SPN of the backend server. Use this parameter if the application that the backend server hosts uses Integrated Windows authentication.

Type:String
Aliases:SPN
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-BackendServerCertificateValidation

Specifies whether Web Application Proxy validates the certificate that the backend server presents. The acceptable values for this parameter are:

  • None
  • ValidateCertificate
Type:String
Accepted values:None, ValidateCertificate
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-BackendServerUrl

Specifies the address of the web application. Specify the protocol and host name or IP address. Include the trailing slash (/). You can also include a port number and path. The following examples show the form of an address:

The cmdlet checks that no other applications are already configured to use this URL.

Type:String
Aliases:BackendUrl
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-CimSession

Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.

Type:CimSession[]
Aliases:Session
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ClientCertificateAuthenticationBindingMode

Specifies whether Web Application Proxy verifies whether the certificate that authenticates the federation server authenticates future requests. The acceptable values for this parameter are:

  • None
  • ValidateCertificate
Type:String
Accepted values:None, ValidateCertificate
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ClientCertificatePreauthenticationThumbprint

Specifies the certificate thumbprint, as a string, of the certificate that a client supplies for the preauthentication feature. The thumbprint is 40 hexadecimal characters. This parameter is only relevant when you specify the value of ClientCertificate for the ExternalPreauthentication parameter.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DisableHttpOnlyCookieProtection

Indicates that this cmdlet disables the use of the HttpOnly flag when Web Application Proxy sets the access cookie. The access cookie provides single sign-on access to an application.

Important: by default, HttpOnly is enabled to help ensure network protection. If you disable HttpOnly flag protection, the browser may share this cookie with other components on the client device, such as ActiveX, Java Applets and JavaScript, so they can access this application without the need to perform additional preauthentication.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DisableTranslateUrlInRequestHeaders

Indicates that Web Application Proxy does not translate HTTP host headers from public host headers to internal host headers when it forwards the request to the published application.

Specify this parameter if the application uses path-based information.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DisableTranslateUrlInResponseHeaders

Indicates that Web Application Proxy does not translate internal host names to public host names in Content-Location, Location, and Set-Cookie response headers in redirect responses.

If the proxy does not translate host names in the Content-Location or Location response headers, subsequent client requests resolve incorrectly. If the proxy does not translate the host name in the Set-Cookie response header, the published web application might not use cookies properly.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-EnableHTTPRedirect

Indicates that this cmdlet enables HTTP redirect for Web Application Proxy.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-EnableSignOut

Indicates whether to enable sign out for Web Application Proxy.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ExternalCertificateThumbprint

Specifies the certificate thumbprint, as a string, of the certificate to use for the address specified by the ExternalUrl parameter. The thumbprint is 40 hexadecimal characters.

The certificate must exist in the Local Computer or Local Personal certificate store. You can use a simple certificate, a subject alternative name (SAN) certificate, or a wildcard certificate.

Type:String
Aliases:ExternalCert
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ExternalUrl

Specifies the external address, as a URL, for the web application. Include the trailing slash (/).

The cmdlet checks that no other applications are already configured to use this URL.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ID

Specifies the GUID of a web application. To obtain the GUID of a web application, use the Get-WebApplicationProxyApplication cmdlet.

Type:Guid
Aliases:ApplicationID
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-InactiveTransactionsTimeoutSec

Specifies the length of time, in seconds, until Web Application Proxy closes incomplete HTTP transactions.

Type:UInt32
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Name

Specifies a friendly name for the published web application.

Type:String
Aliases:FriendlyName
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PersistentAccessCookieExpirationTimeSec

Specifies the expiration time, in seconds, for persistent access cookies.

Type:UInt32
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ThrottleLimit

Specifies the maximum number of concurrent operations that can be established to run the cmdlet. If this parameter is omitted or a value of 0 is entered, then Windows PowerShell® calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer. The throttle limit applies only to the current cmdlet, not to the session or to the computer. Do not specify a value for this parameter greater than 1.

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-UseOAuthAuthentication

Indicates that Web Application Proxy provides the URL of the federation server that performs Open Authorization (OAuth) when users connect to the application by using a Windows Store app.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

Inputs

String

SwitchParameter

UInt32

Guid

Outputs

Object