Hello,
I need some help understanding my Enterprise Portal identity store. I have manually set up groups in Enterprise Portal (10.8.1) that roughly correspond to the Active Directory user groups within the organization (Parks, Police, Fire, Assessing, Engineering etc). The Portal is configured for single sign-on where users are simply presented with the blue ESRI sign in button and their AD credentials are passed to the Portal. Additionally, the Portal is configured to automatically create user account if they have not yet signed in. This is the thing I want to work on.
My goal is to automatically place new users into Portal groups based on AD groups they are a part of, but this is where I get a little confused (I wasn’t primarily responsible for setting this up when we initially rolled out our Portal). So clearly there is some relationship between our Portal sign in configuration and our Windows AD. In the organization’s security settings, the login redirect hits our AD server, I can download the metadata xml, all that. But when I looking at the Identity Store config in the PortalAdmin directory, it shows that the Portal is configured with the type BUILTIN. I must not understand completely because it doesn’t seem to make sense that user store configuration would be built in if there is such a relationship with the actual AD.
How do I appropriately configure the Portal to allow for automatic group placement when a new member signs in for the first time (without removing any currently existing Portal users in the process, if at all possible)? I’m not sure if I’ve provided enough/the right info for anyone to help out, so let me know if there’s anything else I can provide.
Thanks!
