Wasn't sure whether to put this in the Portal community or the Python community.
Have a user account setup on a recent upgrade to portal 11.1. Scripts using the account have no problem accessing the portal if they use arcpy.SignInToPortal() but scripts fail if they attempt to login via arcgis.GIS(). The scripts work fine on portal 10.9. Checking if this is a bug or possibly an upgrade setting miss somewhere.
User is Creator type, publisher role. However, user ID used on 10.9 was Pro Advanced. Did have someone test it on 11.1 with another ID as pro advanced and still got the login failure.
from arcgis import GIS
import arcpy
portal_url = 'https://portal.ourportal.com/portal'
usr = 'username'
gis = GIS(portal_url,usr)
>>>Enter password:
# VERSUS
arcpy.SignInToPortal(portal_url, usr, pw)
TRACE DUMP...
Traceback (most recent call last):
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 1948, in _check_product
res = self.get(
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 871, in get
return self._handle_response(
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 1008, in _handle_response
self._handle_json_error(data["error"], errorcode)
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 1031, in _handle_json_error
raise Exception(errormessage)
Exception: User not allowed for this account
(Error Code: 403)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\__init__.py", line 585, in __init__
raise e
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\__init__.py", line 524, in __init__
self._portal = _portalpy.Portal(
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_portalpy.py", line 205, in __init__
self.con = Connection(
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 354, in __init__
self._product = self._check_product()
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 1954, in _check_product
res = self.get(baseurl + "info", params={"f": "json"})
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 871, in get
return self._handle_response(
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 1008, in _handle_response
self._handle_json_error(data["error"], errorcode)
File "d:\ESRI_conda\envs\arcgispro-py3-clone\lib\site-packages\arcgis\gis\_impl\_con\_connection.py", line 1031, in _handle_json_error
raise Exception(errormessage)
Exception: User not allowed for this account
(Error Code: 403)
VERSIONS:
portal 11.1
arcgis 2.1.0.2
arcpy 3.1
What version of Pro are you using? We recently upgraded our Portal to 11.1 and everything worked fine until we pushed Pro 3.1.2. After that we could still use the Python API to log into AGOL, but not our Enterprise Portal. When we rolled back to Pro 3.0.1 the authentication error went away. We have a case with ESRI about it but we believe it has to do with the Python environment in 3.2.1 not playing nice with 11.1
Our error was different though, it had to do with a ',' delimiter being expected.
Yes, using Pro 3.1.2 for this. Will test with 3.0.1.
Could only find 3.0.3 in the downloads on My Esri. Still no joy on the portal access after wiping former Pro/python version and reinstall.
More info... got fiddler running during the exchange... see pic below...
Something similar happens to me with ArcGIS Enterprise: arcgis.gis and api rest.
VERSIONS:
portal 11.2
arcgis 2.2.0
It works fine using the Rest API:
URL= 'https://www.domainname.com/portalgis'
ARCGIS_USER = 'oneuser'
ARCGIS_PASSWORD = 'onepassword'
from arcgis.gis import GIS
import requests
import jsonheaders = {'content-type': 'application/form-data'}
payload = {
'f': 'json',
'username': ARCGIS_USER,
'password': ARCGIS_PASSWORD,
'client': 'referral',
'refer': URL,
'expiration': 21600
}requests.post('{}/sharing/rest/generateToken'.format(URL),data=payload, verify=False)
token = json.loads(req.content.decode('utf-8'))
token = token['token']
print ('--> TOKEN {}'.format(token))gis = GIS(referer=URL, token= token, verify_cert=False)
And return's error "Exception: User not allowed for this account" using username with the code
gis = GIS(url=URL, username=ARCGIS_USER, password=ARCGIS_PASSWORD, verify_cert=False)
Hi @CassKalinski. It worked for me:
Connect without webadaptor. Post [url]
"Does your Portal use Integrated Windows Authentication? If so, try replacing the URL with the fully qualified domain name and port number. (https://portalMachine.domain:7443/arcgis/home) You should not be automatically authenticated as the viewer account when using this URL.
-Josh"
This is: https://machinename: port/arcgis.