Add method of the CIM_WebApplicationProxyApplication class

Publishes a web application through Web Application Proxy.

Syntax

uint32 Add(
  [in] string  Name,
  [in] string  ExternalPreauthentication,
  [in] string  ClientCertificateAuthenticationBindingMode,
  [in] string  BackendServerCertificateValidation,
  [in] string  ExternalUrl,
  [in] string  ExternalCertificateThumbprint,
  [in] boolean EnableSignOut,
  [in] uint32  InactiveTransactionsTimeoutSec,
  [in] string  ClientCertificatePreauthenticationThumbprint,
  [in] boolean EnableHTTPRedirect,
  [in] string  ADFSUserCertificateStore,
  [in] boolean DisableHttpOnlyCookieProtection,
  [in] uint32  PersistentAccessCookieExpirationTimeSec,
  [in] string  BackendServerUrl,
  [in] boolean DisableTranslateUrlInRequestHeaders,
  [in] boolean DisableTranslateUrlInResponseHeaders,
  [in] string  BackendServerAuthenticationSPN,
  [in] string  ADFSRelyingPartyName,
  [in] boolean UseOAuthAuthentication
);

Parameters

Name [in]

The friendly name of the application.

ExternalPreauthentication [in]

The type of pre-authentication used by Web Application Proxy to identify the application.

This parameter can be set to one of the following values.

PassThrough

Do not perform pre-authentication.

ADFS

Use Active Directory Federation Services (AD FS).

ClientCertificate

Validate the client certificate.

ADFSforBrowsersAndOffice

Use Active Directory Federation Services (AD FS) for browsers and Microsoft Office clients.

Windows Server 2012 R2: This value is not available before Windows Server 2016.

ADFSforOAuth

Use Active Directory Federation Services (AD FS) for OAuth.

Windows Server 2012 R2: This value is not available before Windows Server 2016.

ADFSforRichClients

Use Active Directory Federation Services (AD FS) for rich clients.

Windows Server 2012 R2: This value is not available before Windows Server 2016.

ClientCertificateAuthenticationBindingMode [in]

Indicates whether Web Application Proxy validates the client certificate during subsequent requests.

This parameter can be set to one of the following values.

"None"

Do not validate the certificate.

<Any other value>

Validate the certificate.

BackendServerCertificateValidation [in]

Indicates whether Web application proxy validates the certificate of the backend server.

This parameter can be set to one of the following values.

"None"

Do not validate the certificate.

<Any other value>

Validate the certificate.

ExternalUrl [in]

The fully qualified domain name (FQDN) that is used as the external address of the application.

ExternalCertificateThumbprint [in]

The thumbprint of the certificate for the ExternalUrl parameter. The certificate must be stored in the computer store and must be one of the following types:

  • simple certificate
  • subject alternative name (SAN) certificate
  • wildcard certificate

EnableSignOut [in]

Whether sign-out is enabled for this application.

Windows Server 2012 R2: This parameter is not available before Windows Server 2016.

InactiveTransactionsTimeoutSec [in]

The interval, in seconds, after which incomplete HTTP transactions are immediately ended.

ClientCertificatePreauthenticationThumbprint [in]

The thumbprint of the client certificate to use for pre-authentication.

EnableHTTPRedirect [in]

Whether the web-application proxy should provide a redirect from HTTP URL to this URL.

Windows Server 2012 R2: This parameter is not available before Windows Server 2016.

ADFSUserCertificateStore [in]

The certificate store to use when collecting certificate data for applications that are ADFS for rich clients. If not specified the DRS certificate store as indicated in ADFS configuration is used.

Windows Server 2012 R2: This parameter is not available before Windows Server 2016.

DisableHttpOnlyCookieProtection [in]

True to disable the HttpOnly flag for the access cookie; otherwise, false.

Windows Server 2012 R2: This parameter is not available before Windows Server 2016.

PersistentAccessCookieExpirationTimeSec [in]

The interval, in seconds, to persist the web-application-proxy-access cookie. You can use this parameter to enable single-sign-on for non-web-client applications.

Windows Server 2012 R2: This parameter is not available before Windows Server 2016.

BackendServerUrl [in]

The corporate network address of the web application in the format: <protocol>://<hostname or IP address>[:port]/[path]/. For example:

DisableTranslateUrlInRequestHeaders [in]

True to disable the translation of HTTP host headers from a public host header to an internal host header when the request is forwarded to a published application; otherwise, false.

DisableTranslateUrlInResponseHeaders [in]

True to disable hostname translation in HTTP redirect responses that are sent from internal hostnames to public hostnames; otherwise, false. Hostname translation is performed on the Content-Location, Location, and Set-Cookie response headers.

BackendServerAuthenticationSPN [in]

The service principal name (SPN) of the back end server.

ADFSRelyingPartyName [in]

The name of the relying party configured on the AD FS server.

UseOAuthAuthentication [in]

True to enable OAuth authentication for users that connect to this application with a Windows Store app; otherwise, false.

Return value

Returns 0 on success, otherwise returns a WMI error code.

Requirements

Minimum supported client
None supported
Minimum supported server
Windows Server 2012 R2
Namespace
Root\Microsoft\Windows\WebApplicationProxy
MOF
AppProxyPSProvider.mof
DLL
AppProxyPSProvider.dll

See also

CIM_WebApplicationProxyApplication