Supporting a mix of public and secured services using IWA and Portal with DMZ web adaptor

353
0
09-13-2023 05:06 AM
DMOB17
by
New Contributor II

Currently utilizing Enterprise version 10.9.1. 

I'm looking for any advice on configuring our enterprise deployment moving forward. Would it be possible to host a mix of public and secured services if using IWA on an ArcGIS Server/Portal machine that is configured with a web adaptor located on a DMZ machine?

Essentially what's happening is that we're trying to move away from AGOL and begin utilizing our ArcGIS portal as the authoritative source of a lot of different data. Our enterprise deployment is currently pretty underutilized as we are a small city and don't have a ton of services. 

We already have employees setup with AGOL accounts and everyone has long-since gotten used to their usernames and passwords. I'm trying to avoid having to re-create GIS usernames and passwords for everyone in our portal but am running into problems of not being able to share services on our portal publicly because it is configured with a web adaptor on a DMZ network machine. We configured the web adaptor this way because we a couple some layers like our address information that needs to be accessed by the public without logging into anything.

Sorry for the long winded question but I am essentially wondering if it is possible to have our ArcGIS Portal (and federated server), that is currently configured with a web adaptor on a DMZ machine, utilize IWA for secured services so our internal employees can log in using their domain accounts but we can still allow anonymous access to services shared publicly? 

And if the answer to the above is no, is the best practice to have an entirely separate ArcGIS Server/portal set up specifically for internal only services?

Thanks for any advice!

0 Replies