Skip navigation
All Places > Education > Blog > 2017 > August > 11


August 11, 2017 Previous day Next day

GIS Day is drawing near!  This year, it will be held on 15 November 2017.  I wanted to share 6 things about GIS Day with you.


  1. What is GIS Day?  The theme of GIS Day is "Discovering the World Through GIS".  GIS Day provides an international forum for users of geographic information systems (GIS) technology to demonstrate real-world applications that are making a difference in our society.  The first formal GIS Day took place in 1999. Esri president and co-founder Jack Dangermond credits Ralph Nader with being the person who inspired the creation of GIS Day. He considered GIS Day a good initiative for people to learn about geography and the uses of GIS. He wanted GIS Day to be a grassroots effort and open to everyone to participate.

  2. Host an event at your organization -- school, community or technical college, university, nonprofit organization, library, private company, government agency, or even in a park outside--sometime during or close to GIS Day week (15 November 2017).  Post an announcement about your event on  It doesn’t have to be elaborate or something that consumes a lot of your employees’ time, but something where you open a section of your organization to the community, other departments in your organizations, or local schools, universities, community colleges, and clubs, to showcase what GIS is and what you are doing to make a positive difference in the world using GIS.  It doesn’t have to even be on the actual GIS Day; the point is that your event is promoting the benefits GIS brings to communities, your organization, and society.  Or, look at the map on the GIS Day website to find an event near you that you can attend!

  3. Find resources on the website  Together with a few other good people at Esri, I have made about 75 changes to the website since last GIS Day.  The resources improved on the website include story maps, hands-on activities, videos, strategies on how to work with students and the general public, and much more. Stay tuned for updates of the press releases, and so on.
  4. Get some geo-swag!  The first 250 organizations that register for GIS Day this year around the world will receive 1 box of some wonderful GIS-related items that you can use for promoting your event.  
  5. Be a GIS champion!  I am seeking organizations who are GIS and GIS Day champions around the world to highlight the good things they are doing, to be featured in articles on GeoNetArcNews, and other outlets.  Videos too!  If you know of an organization that should be included, or think that yours should be, please let me know via
  6. Questions?  Please email  I am on the receiving end of those emails and respond to these on a daily basis.


I hope this is helpful.  Thank you for promoting and supporting GIS Day!


--Joseph Kerski 


Kids and adults celebrating GIS Day!

ArcGIS Enterprise can be deployed on many different platforms, both on internal infrastructure and in the cloud.  This blog will describe a series of items to keep in mind as one launches ArcGIS Enterprise in Amazon Web Services (AWS).  The steps outlined below can be considered for various implementations of the ArcGIS Platform, regardless of the infrastructure it is installed on.


The main purpose for launching ArcGIS Enterprise in this example was to provide access to a portal to be used by students in a MS in GIS program, along with access to Insights for ArcGIS.


There are a number of System Requirements that we need to keep in mind as we implement ArcGIS Enterprise. First, we would start with a base ArcGIS Enterprise deployment, which includes an ArcGIS Server, Portal for ArcGIS, ArcGIS Data Store and two ArcGIS Web Adaptors. Then add additional server sites, as needed, to support additional capabilities.  


NOTE: This is just an example of an implementation, there are many possible variations for the outlined steps.  


  1.      Launch an AWS ArcGIS Enterprise instance (one of the available Esri AMIs).
    •      Ensure it fulfills the system requirements for ArcGIS Server and Portal for ArcGIS – as a start m4.2xlarge, 32GB, 8 virtual cores system was used.
    •      A new security group was created in a VPC with all required ArcGIS ports (see ports used by ArcGIS Server, Portal for ArcGIS, ArcGIS Data Store). Using a launch-wizard or default security groups is generally not recommended, because they will allow all traffic in. 
    •      Once the instance was launched, the windows password was retrieved using a .pem file, and a remote desktop connection was made.
    •      A few logistical items were done, such as removing IE Enhanced security configuration, set default browser of preference, and install any programs of interest, such as ArcGIS Pro, Notepad ++, etc.
    •      The World Wide Web publishing service (Windows service) was started, then set to Automatic start.
    •      The ArcGIS Data Store and Portal for ArcGIS Windows services were started as well. The startup was changed to Automatic, versus manual. Why do this? Some of the components of ArcGIS Enterprise run under a dedicated Windows service (Arc GIS server, Portal for ArcGIS and ArcGIS Data Store). These services need to be running.


  1.      Work with IT to secure the following:
    •      Have a preferred domain in mind, i.e. IT department was contacted with the preferred domain name and the internal IP address of the instance. This is how eventually the DNS entry for the website was setup, that will map a domain name, such as, to the IP address of the AWS instance. This would work for internal access, then IT setup a NAT for external access.
    •      Add the machine to Active Directory domain (IT staff with proper permissions performed this) and confirm that the proper DNS records updated.
    •      Add a desired account to the local Administrators group, that way that person could login to the AWS instance using their university credentials, versus the local Administrator account.
    •      The university’s IT practice recommended against using Elastic IPs – on premises DNS was used. They focus on setting up internal access only first and then using a NAT for external access (one of the next steps).


  1.      Request SSL certificates (CA certificate) issued to the domain.
    •      University IT departments use various services. Some of the common ones are GlobalSign, Comodo, DigiCert, others.  
    •      Certificate Signing Request (CSR) was created.
    •      Once certificate was received, it was installed and configured. An example is here.
    •      Certificate was bind to the website.


  1.      Request Public IP NAT.
    •      At this point, the IIS Welcome URL ( ) was able to be reached while on the university network, but not outside of the network.
    •      IT created a Public IP NAT, then updated the DNS entry with the Public IP address.
    •      After NAT records were updated with the Public IP, was able to be accessed from anywhere (good indicator one could proceed).
    •      In a nutshell, all traffic was coming through an internal networked IP – the AWS machine was hidden from the outside world. Note that this is just one possible scenario of networking and implementation.
    •      RDP port was not open on the NAT. This means that one had to be on the university network to make a remote desktop connection to the instance.


  1.      Follow the Deploy Portal for ArcGIS on AWS
    •      Ensure that Portal for ArcGIS, ArcGIS Server and ArcGIS Data Store services are running and startup is Automatic.
    •      When creating the Portal Administrator Account, ensure there is proper storage on the drive where the components are installed. There have been issues with users trying to do the installation with small amount of space, for example 10GB, left. Also, proper permissions are needed for the windows account under which the Portal and Server windows services are running.
    •      NOTE: Make sure step 19 of the Deploy Portal for ArcGIS on AWS documentation is done to set the portal’s system properties in the Portal Administrator Directory.
    •      IMPORTANT: Follow this workflow to avoid redirect errors – the Web Adaptor URL has to be changed to in the Portal Administrator Directory.


  6.  Request enterprise logins, commonly referred to Single Sign On (SSO).  

  •      Worked with IT to configure a SAML-compliant identity provider with the portal.
  •      In this particular case, IT staff requested that a portal account with Administrator privileges be created for them, and they enabled SSO.  
  •      This step is very important to save time when it comes to user management – this means that no additional logins for students had to be created, and they could just login to the portal and the Insights for ArcGIS app using their student credentials.


Any comments or additions are welcome.

Filter Blog

By date: By tag: