Uninstalling AD FS in Windows Server 2012

In my post Uninstalling AD FS 2.0 (and deleting the databases) I described how to uninstall AD FS 2.0 from Windows Server 2008 or 2008 R2.  While the process is fundamentally the same there are some subtle differences in Windows Server 2012 that mean the instructions in the previous post won’t work.  I felt I should post the differences and cover how to uninstall AD FS 2.1.

The two changes that tripped me up were the Windows Internal Database (WID) connection string and the location of the WID data files.  You connect to WID on Windows Server 2012 using the string:

\\.\pipe\MICROSOFT##WID\tsql\query

The default data file directory for WID on Windows Server 2012 is:

C:\Windows\WID\data

So you delete the AD FS database files using:

del C:\Windows\WID\data\adfs*

Otherwise the process is essentially the same:

1. Retrieve the certificate sharing container (assuming you’re using auto certificate rollover feature)

   (Get-ADFSProperties).CertificateSharingContainer | clip
   

2. Uninstall AD FS

   Remove-WindowsFeature adfs-federation
   

3. Remove the databases from WID

   I downloaded SQL Server 2012 Express Management Tools to connect to WID and execute the T-SQL DML.

   • Connect:

     \\.\pipe\MICROSOFT##WID\tsql\query

   • Delete:

     use master;
     go
     sp_detach_db 'adfsconfiguration';
     go
     sp_detach_db 'adfsartifactstore';
     go
     

4. Delete the data files

   del C:\Windows\WID\data\adfs*
   

5. Uninstall WID

   Note that the name has changed in 2012. In Windows Server 2008/R2 the ServerManager name for WID was Windows-Internal-DB. In Windows Server 2012 it is Windows-Internal-Database!

   Remove-WindowsFeature windows-internal-database
   

6. Clean-up IIS

   • Open IIS manager.  Expand <server> | Sites | Default Web Site | adfs
   • Right-click on ls and click Remove
   • Right-click on adfs and click Remove
   • Be sure to remove LS and then ADFS and don’t just remove ADFS otherwise you’ll be in the applicationHost.config deleting XML elements.
   • Click Application Pools (further up the tree) and right-click on ADFSAppPool and click Remove.
   • Lastly delete the folders and files.

     del c:\inetpub\adfs –Recurse
     

7. Uninstall IIS?

   The previous task is not required if you uninstall IIS.

   Remove-WindowsFeature web-server
   

8. Clean-up AD DS

   $delme = New-Object System.DirectoryServices.DirectoryEntry(
   "LDAP://CN=42bc22f5-e636-412f-9175-ba75912d4b4a,CN=ADFS,CN=Microsoft,CN=Program Data,DC=rnd,DC=litware-inc,DC=com")
   $delme.DeleteTree()
   

You can one-line that deletion too…

Check the previous post for a more thorough description.