Federate Server to Portal

GisNavy · ‎03-11-2021

Hi everyone,

I have some difficulties to federate an ArcGIS Server(10.7.1) to the ArcGIS Portal(10.7.1) by using the REST API ('https://developers.arcgis.com/rest/enterprise-administration/portal/federate-servers.html'). Both are installed on the same machine and both have their proper's WebAdaptor.

However when I use the /portaladmin page the federation works well. ( I guess this means that I have the good URL for the configuration).

The error response is :

{ 'code 500', 'message': "Failed to federate ArcGIS Server site 'https://fqdn:6443/arcgis/' with Portal for ArcGIS. Failed to update security configuration for ArcGIS Server 'https://fqdn:6443/arcgis/'. The server at 'https://fqdn:6443/arcgis/admin/security/config/update' returned an error. Failed to update the security configuration. Cannot update security configuration to federate with Portal as server is not registered with Portal. "}

For further precision I generate the token and inserted it in the request.

I don't know what I have missed, any help would be grateful 😁.

Ethan

GisNavy · ‎04-20-2021

We find a solution to this problem:

The problem was in the post request itself. We discover with fiddler that there is a difference between the "gui" request and the "python" request that we did. In the "gui" request there is a header "referrer". We add it and it worked !!

Thanks you everyone 🙂

View solution in original post

Todd_Metzler · ‎03-11-2021

Hello,

1st. Go Navy! What's your OS and web server? Have you paid very close attention to the SSL requirements and authentication methods settings on your web server and between the ArcGIS components? Have you opened up all the required ports between the components in your firewall(s)? Have you deployed a CA certificate chain on all the components (web server, Portal, Server, Data Store)? Are you accessing the web interface on the computer that is hosting the application stack? Is your web server also on the same computer and the web adaptor and named the default "/arcgis"? Is your Server web adaptor configured to allow administrative access?

Lot's of questions, I know, but it's difficult to provide solution up front without understanding your environment.

Todd

GisNavy · ‎03-13-2021

Hi Todd

I use windows 10 and iis as web server all ports are configured as ssl requiremerements.

I have deployed the CA on all my components.

My webadaptor is on the same machine as the web server and named the default indeed for the server but for the portal "/arcgisportal"

I don t allow administrative access.

Did I have to restart my server if I allow it?

Tom_Merhige · ‎03-19-2021

@GisNavy Hope all is well. Can you check the Portaladmin > system > properties and is there an entry with "localHttpPort":"80","localHttpsPort":443","portalLocalHostname":.....?

The above properties could be causing the issue with portal redirecting and communicating with the DNS alias.

If that entry exists, please try the following:

1) Go to https://webadaptor.domain.com/webadaptor/portaladmin > system > properties > update properties > remove everything in the update properties > update.

2) Then click on the update properties again and enter the following:

{

"WebContextURL": "https://webadaptor.domain.com/myorg""

}

We are following the documentation below: https://enterprise.arcgis.com/en/portal/latest/administer/windows/using-a-reverse-proxy-server-with-...

3) Sign out and sign back in to make sure that the properties was updated.

4) Go to https://portal.worldwater.today/portal/home > my organization > edit settings > server > add server

Please let me know if this helps!

GisNavy · ‎04-18-2021

Hi Tom, sorry for the late.

I tried but it didn't work.

Besides my goal is to federate a server with the REST API in python

So, I succeed to register the server to the portal with this request : "URL:https://root/portals/[portalID]/servers/register(POST only)" but I didn't manage to update the security configuration of the server (The request I used is: "https://config-url/update (POST only)")

The error that I get is : "one or more properties required for Portal federation are missing". I defined all the properties of the "portalProperties" except the "referrer" properties that I don't know how to fill and if it's necessary (I used the requestip when I generate the token of the portal and the server)

GisNavy · ‎04-20-2021

We find a solution to this problem:

The problem was in the post request itself. We discover with fiddler that there is a difference between the "gui" request and the "python" request that we did. In the "gui" request there is a header "referrer". We add it and it worked !!

Thanks you everyone 🙂

p_torio · ‎03-03-2023

For anyone in the future that also encountered this and have also put the "referrer" in the header. you also need to add the value of the referrer header when generating a rest token.