I am trying to set up Portal to accept both Active Directory and Portal Authentication users. The problem occurs when I try to log in as a Portal user. I can't do it. I am logged into my machine through Active Directory, but when I browse to the portal homepage, I have no option to log out. I can't get an interface to log in.
I am afraid that there will be an OR in this statement:
You either set up an Active Directory, automatic login environment, OR, an Active Directory/Portal Authenticated set up where you must manually sign in every time with your credentials.
Am I correct, or is there a special way to set up a way to log in with a Portal Authenticated User while set up for AD auto-login?
I talked to Matt at Esri Support. He explained that I could set up another Web Adaptor specifically for Anonymous and Portal based users - call that "/open". That adaptor would just have anonymous access enabled. The adaptor for Single Sign-On is set up for Windows Authentication only - call that "/portal"
Give the anonymous and portal based users the https://company.com/open link.
Give the Single Sign-On users the https://company.com/portal link.
Thank you all!
I'm a bit confused by this. It's my understanding that you can only install & setup one Web Adapter (WA) per Portal instance.
Plus the WA for AGServer, which can have multiple WAs (one for normal usage and one for admin for instance.)
So while AGS can have multiple WAs, I though Portal could only have the one.
Have you been able to install a second one for Anon access?
Apologies for the late reply, I had to check into this item with some folks on the Portal Dev team.
Portal for ArcGIS is only designed to work with one Web Adaptor as an entry point. In some cases, such as deploying Portal high availability, you could use multiple Web Adaptors - but you would need to have a 3rd party load balancer in front of this deployment. FYI, help topic: Configuring a highly available portal—Portal for ArcGIS (10.4.1) | ArcGIS for Server
@Adam: I know you've said that you got your deployment working properly, but I am not certain that is the case. I suggest you please check and verify that everything is working correctly, as I am told this is not a supported deployment.
Regarding your reference to the 'Web Adaptor" help topic (where you note the 's') - we've found some inconsistencies and are working to correct its content to make it more clear and concise.
Hope this helps,
Yup. The process of registering a Web Adaptor with a Portal will fail if another web adaptor has been previously registered. The registration screen will throw an error indicating the issue. The Server Web Adaptor must set at anonymous if federating through that web adaptor.
Everyone contributing to this thread:
This has nothing to do with the AGS Web Adaptor and Federation. That WA is already set up and working with anonymous login specifically for AGS.
This is for users accessing Portal.
Configure multiple ArcGIS Web Adaptors -- (notice the "s" at the end of the word "Adaptor")
After seeing that link, I just needed a little help provided by Esri Support.
I now have two web adaptors for incoming Portal users. One for Single Sign-On and the other for Portal Based accounts/anonymous users. It works - really, it does.