We are doing a security review of the ArcGIS Portal for Server 10.3 environment. We currently have a sandbox Portal environment setup on some developement/test servers in house. One of my security guys asked me where the Portal user and security information is stored. I did not know the answer, I assumed that it was some sort of flat file on the server somewhere.
When a user visits our Portal for the first time, a named user account is created for them. That appears to be Portal data right (not ArcGIS server data). I did some casual searching, but I could not determine where this data is being stored. Can someone tell me?
Additionally, Portal Groups can be linked to Active Directory groups. Do you know where that data is stored too?
Thank you.
--Rick
Solved! Go to Solution.
Greetings Rick,
The Portal Security is actually not stored within a flat file. Instead it is held within a PostgreSQL database.
It sounds as if you have automatic account creation enabled. Therefore, the end user account that is created is Portal data and not ArcGIS Server data. If you were to federate ArcGIS Server with Portal you'd have the following benefits:
Additional information about federation can be found at the following link:
Lastly the link between Portal Groups and Active Directory Groups is also stored within the PostgreSQL database. You could think of it as a redirect. You created the group in Portal but it's actually being redirected to the Active Directory group.
I hope this information helps.
Greetings Rick,
The Portal Security is actually not stored within a flat file. Instead it is held within a PostgreSQL database.
It sounds as if you have automatic account creation enabled. Therefore, the end user account that is created is Portal data and not ArcGIS Server data. If you were to federate ArcGIS Server with Portal you'd have the following benefits:
Additional information about federation can be found at the following link:
Lastly the link between Portal Groups and Active Directory Groups is also stored within the PostgreSQL database. You could think of it as a redirect. You created the group in Portal but it's actually being redirected to the Active Directory group.
I hope this information helps.
Thanks Dustin!