Is it possible to install and configure Portal for ArcGIS on a standalone virtual machine?

JonathanBailey · ‎12-15-2017

For a demo, I'm trying to set up a base deployment of ArcGIS Enterprise 10.5.1 on a standalone virtual machine using the ArcGIS Enterprise Builder. The ArcGIS Enterprise Builder configuration failed when configuring the web adaptor for the portal. Through trial-and-error, I've been able to successfully configure the ArcGIS Server instance and its web adaptor, including SSL via a self-signed certificate.

However, I'm still experiencing problems getting the Portal configured. For one, I can't figure out how to properly configure the Portal to work with a self-signed certificate. Most importantly, however, I'm not having success configuring the Web Adaptor to work with the Portal. When I try to configure the Web Adaptor to work with the Portal, I'm just specifying the machine name (i.e., http://<machine-name>:7443), since it's not on a domain, but I get an error indicating that I need to specify a fully-qualified domain name for the Portal. Then, I came across this part of the installation documentation, which seems to suggest that the portal needs be on a domain. So, is it even possible to configure portal to work on a machine not connected to a domain?

JonathanQuinn · ‎12-18-2017

So if the machine name is "abcd-efg-hijk", the certificate in IIS should be set to "abcd-efg-hijk.local" with a SAN set to the same host.

The certificate for 7443 will be set to "abcd-efg-hijk" so you should use https://abcd-efg-hijk:7443 whenever you need to use the machine URL directly. You can check the certificate by going to Portaladmin > Security > SSL Certificates > portal certificate. The CN should be set to "abcd-efg-hijk". You can also use the Dev tools in Chrome or click on the certificate information in IE to make sure what the CN is set to.

The web adaptor registration page should be accessed over https://abcd-efg-hijk.local/portal/webadaptor/portal and https://abcd-efg-hijk:7443 should be used as the Portal URL during registration.

Under http://abcd-efg-hijk:7443/arcgis/sharing/rest/portals/self, take a look at the portalHostname property and see if it machines abcd-efg-hijk.local/portal. That would be an indication that the Portal recognizes that the WA is correctly registered.

JonathanBailey · ‎12-18-2017

Hi Jonathan,

Thanks, this is helpful. I've created a new certificate with the SAN and installed it in IIS. It appears to be working (though Firefox complains that no organization is specified -- IE and Chome are fine).

I've accessed the web adaptor registration page via https://abcd-efg-hijk.local/portal/webadaptor/portal. However, when you indicate that I should use the portal URL https://abcd-efg-hjik:7443 during registration, this is where I'm getting the "Portal configuration requires fully qualified domain name in the Portal URL" error. Shouldn't this also have the ".local" domain extension as discussed previously?

JonathanQuinn · ‎12-18-2017

Ah, yes, you're right. The problem now is that the machine name is "abcd-efg-hijk", but you need it to be "abcd-efg-hijk.local". Since they don't match exactly, you may run into some problems, but here are a couple of next steps:

1) Generate a new certificate, issued to abcd-efg-hijk.local

2) Set the new certificate as the certificate for 7443.

Now, you won't run into certificate mismatch problems, but the machine name you'd use to reach the Portal doesn't match the machine name the Portal knows itself as. I would try to register the WA using "abcd-efg-hijk.local" and then see if things work out, (federation, etc). If not, then go through the following:

1) In the C:\Windows\System32\drivers\etc\hosts file, add an entry to associate the IP address of the machine with the hostname you want to use:

Ex.

10.0.0.1 abcd-efg-hijk.local

2) Uninstall and reinstall all components. Now each machine will know itself as abcd-efg-hijk.local.

3) Set up the ArcGIS Enterprise.

The ArcGIS Enterprise Builder will honor whatever entry is in the \etc\hosts file so you can use the AEB to set everything up.

JonathanBailey · ‎12-18-2017

Hi Jonathan,

Actually, even before doing that, I think I'm pretty close. The web adaptors now appear to be working correctly, and I've federated my ArcGIS Server site.

Through the portal, I've tried adding a shapefile and creating a hosted feature layer using the shapefile. It seems that the portal is stuck on loading the page for the new item (see screen capture below)

I can see the hosted feature layer in the ArcGIS Server Manager, but you'll notice from the icons that the state seems indeterminate.

If I open the item page here, only the General and Item Description tabs are available, and when I try to add the item to a map back in portal, the extent is correct, but I get an error that the layer cannot be added to the map.

So, it looks like I'm pretty close, but not quite there yet. Do I really need to uninstall / reinstall everything, or is there a last adjustment that I can make to get it working?

Thanks,

Jon.

JonathanQuinn · ‎12-18-2017

What do the Server logs show after you try to create the hosted feature service? You can also use Fiddler or the browsers Dev tools to monitor the traffic and see if the job is failing.

JonathanBailey · ‎12-18-2017

OK, this is interesting. I get a number of error messages as follows:

ArcGIS Data Store has detected an issue with machine: ABCD-EFG-HIJK.LOCALDOMAIN

followed by:

ArcGIS Data Store encountered too many problems. Failover may be invoked in standby is configured.

and, finally:

Data store machine 'ABCD-EFG-HIJK.LOCALDOMAIN' has failed.

etc.

So, I wonder if LOCALDOMAIN needs to be added to the SAN as well?

JonathanQuinn · ‎12-19-2017

If you were to go to

https://<server>:6443/arcgis/admin/data/items/enterpriseDatabases/<dsName>/machines/<dsID>/validate

Does it go through successfully? This tells the ArcGIS Data Store to validate itself. Next, you can validate the Data Store either in Manager, or click on the REST button at the https://<server>:6443/arcgis/admin/data/items/enterpriseDatabases/<dsName> page and paste that into the Item parameter in the https://<server>:6443/arcgis/admin/data/validateDataItem page. This tells Server to validate the Data Store. If both go through, then I'm not sure why you're seeing errors. Were you able to check the logs for any errors during publishing?

JonathanBailey · ‎12-19-2017

Hi Jonathan,

When I try to validate the data store, I get the following error:

Server machine 'https://ABCD-EFG-HIJK:2443/arcgis/datastoreadmin/machines/ABCD-EFG-HIJK/validate' returned an error. 'Invalid token.'

JonathanBailey · ‎12-19-2017

Hi Jonathan,

I got past this error -- the data store was using an untrusted certificate, which I added to the Trusted Certificates Store. I'm no longer getting any SSL errors -- I think that we've won that battle.

Now, I'm getting the Portal to hang when I try to create a new hosted feature layer by uploading a zipped shapefile. If I look at the hosted feature layer in Server Manager, it doesn't look right. I'm going to try restarting the VM to see if that fixes everything. Failing that, I might try uninstalling and reinstalling the data store to see if that fixes things, unless you've got any other suggestions in the interim.

JonathanBailey · ‎12-19-2017

OK, well, I spoke too soon. I restarted the VM and everything broke. The web adapter is no longer configured for the portal, and I'm getting SSL errors everywhere now with the portal.