Federate ArcGIS server with ArcGIS portal

1258
5
10-20-2020 05:43 AM
ahmadhasan3
New Contributor II

I have ArcGIS server and ArcGIS portal with 2 web adapter for each of them, before i added ArcGIS server  to ArcGIS portal i was able to access ArcGIS portal from public address ,when I added ArcGIS server to act as hosted server to ArcGIS portal, i tried to login to ArcGIS portal and the login page was pointed to local server address, before it was pointing to the public address, the question is how to make ArcGIS portal authentication service pointing to the public address ?

this behavior happening only when ArcGIS portal communicate with ArcGIS server to get any resources, otherwise i can access login to ArcGIS server without any issues

0 Kudos
5 Replies
ShaneMiles
Esri Contributor

Hi ahmad hasan‌, 

During federation of the ArcGIS Server with Portal did you ensure you were using the "public" web adaptor address of portal or portaladmin? In additon to this did you ensure you you used the ArcGIS server web adptor for both Services and Administration URLs? I would also check the certificates loaded into ArcGIS Portal, ArcGIS Server and IIS manager,  ensuring root, intermediate and web hosting certificates are allowing trusted communication. 

Shane

ahmadhasan3
New Contributor II

Hi Shane Miles,

did you ensure you were using the "public" web adaptor address of portal or portaladmin? Yes I did , but i don't know why in the web adaptor configuration page its showing the local address, please see following picture. I think the issue is here.

Server web adaptor

And the same thing for Portal web adaptor

Portal web adaptor

 

In additon to this did you ensure you you used the ArcGIS server web adaptor for both Services and Administration URLs? Yes

I would also check the certificates loaded into ArcGIS Portal, ArcGIS Server and IIS manager,  ensuring root, intermediate and web hosting certificates are allowing trusted communication? I think everything is fine here i have public certificate and its bind to IIS , and Arc GIS Portal 

ShaneMiles
Esri Contributor

Hi ahmad hasan‌, 

Thanks for the screenshots . Yeah i'd say this may be causing some issues. When your configuring the web adaptor to both Portal and Server did you adjust the web adaptor URL to utilise the FQDN or machine name?  Once installation of the Webadaptor has successfully been completed a web browser will automatically open pointed to: https://localhost/portal/webadaptor/. Did you adjust this URL prior to configuration? 

I would also ensure that the certificate has been ingested into ArcGIS Sever as this may be required for some hosting functionality and bound to https on port 443 in IIS.  

Shane

0 Kudos
MatthewBrown7
Esri Contributor

Hi ahmad hasan

The following workflow may be useful for your situation, where the public URL to access the server has changed after federation: 

Update the administrator URL for the federated server. Log in to the Portal Sharing API (https://mywebadaptormachine.mydomain.com/portal/sharing/rest/portals/ ) as an administrator. From your user page, click the link for Org ID. Under the Child Resources section, click Servers, then select the Server ID of your federated server. Click Update Server. In the dialog box, enter the fully-qualified Server Admin URL of your new machine. Click Update.

this avoids having to unfederate / refederate (which breaks all services on that ArcGIS server in the process).

ahmadhasan3
New Contributor II

Hi Matthew Brown,

I did this , i used that link before and it didn't solve the issue, i can see in the ArcGIS portal in the servers setting it is pointing to the public address but when i go ArcGIS Server admin in the /arcgis/admin/security/config i can see the following parameters in the portal properties :

  • portalUrl : pointing to local server
  • PrivatePortalUrl: "https://localaddress:7443/arcgis "
  • "portalMode": "ARCGIS_PORTAL_FEDERATION",
    "serverId": "",
    "serverUrl": Pointing to Public Address
    "privateHostingServerUrl": "https://Localaddress:6443/arcgis"