Community
Select to view content in your preferred language

Arcgis Server Unauthorized Access with valid credentials

7019
12
06-13-2021 04:53 PM
MHojati
by
Emerging Contributor
‎06-13-2021 04:53 PM

Hello, 

I have used cloud builder to install a single machine arcgis portal and server. I can easily login and modify arcgis portal using my credentials. However I cannot login to the 

 

 

https://URL/server/manager/

 

 

and it will redirect me to the 

 

 

https://URL/server/manager/unauthorized.html

 

 

Is there any way to find the logs or figure out what is wrong with it? I tried to login to the server using ssh but could not find any logs on the server (under arcgis user). I was wondering what options do I have to fix my main problem with logging into the server manager. 

CloudPlatform:AWS

EC2 type :Ubuntu

ArcGIS Version: 10.8.1

Deployment Type: Single Machine

Thanks

12 Replies
Scott_Tansley
by MVP Regular Contributor
MVP Regular Contributor
‎06-13-2021 05:41 PM

the logs are saved on disk, try C:\arcgisserver\logs and see if you can read them with notepad.  

Also if you're RDP'd onto the machine you can use https://localhost:6443/arcgis/admin you will be prompted to login, I'm assuming cloud builder uses the Portal credentials here.  Assuming you get in there, then you can use the API view of the logs...

Scott Tansley
https://www.linkedin.com/in/scotttansley/
MHojati
by
Emerging Contributor
‎06-14-2021 09:51 AM

Thanks for your help. I am on the linux, so I guess I cannot use rdp. I checked this url http://www.domain.com:6443/arcgis/admin and it does not work. Also can you please let me know where is log directory on linux? Is it in var/logs? I checked there but does not seem to be esri related logs

0 Kudos
Scott_Tansley
by MVP Regular Contributor
MVP Regular Contributor
‎06-14-2021 01:17 PM

I'm not sure where the logs on on Linux, sorry I don't use it, only Windows.  The 6443 issue will be because of AWS firewalling.  In windows you can RDP, then use localhost.  It's a get out of jail methodology.  Sorry, I've never used Linux in anger so can't help you.  

 

Scott Tansley
https://www.linkedin.com/in/scotttansley/
Scott_Tansley
by MVP Regular Contributor
MVP Regular Contributor
‎06-14-2021 01:18 PM

Out of interest are you able to sign in to the Enterprise Portal?

 

Scott Tansley
https://www.linkedin.com/in/scotttansley/
MHojati
by
Emerging Contributor
‎06-14-2021 09:15 PM

Yes I can easily login to the portal

0 Kudos
JonSwoveland
by
Frequent Contributor
‎06-18-2021 10:09 AM

ArcGIS Server's administrative endpoint (:6443/arcgic/admin)  presents two ways of authenticating.  The first is a username and password, the second is with a token obtained from Portal.   The username and password ARE NOT credentials of a Portal Identity.  Only an ArcGIS Server user will work here.  The problem that I've run into with the builder apps, is they  don't create an ArcGIS Server PSA (Primary Server Admin) user account (or they do, but it's secret). 
Fret not, there is  a solution! The solution is to use ArcGIS Server's command line passwordreset tool to reset the PSA account password. This tool also has an option to display the PSA's username.

This is (just) one of the reason's I've given up using any of the builder apps.  In my experience, they've been more trouble than they're worth. 

If you're new to deploying Enterprise, I'd encourage you to also read up on Enterprise's default backup mechanisms, as well as how to configure the WebGISDR utility.  I don't know if Esri has made any changes in their later releases, but I've seen multiple deployments fail because, by default, ArcGIS Enterprise does automated Data Store backups without regard to available drive space.  Ultimately this leads to a full drive and possibly a corrupted Portal and/or database.  It's bad.

0 Kudos
JayantaPoddar
by MVP Esteemed Contributor
MVP Esteemed Contributor
‎06-13-2021 09:55 PM

Is your ArcGIS Server site federated with ArcGIS Portal? Then, ensure you login to the Server Manager with a (Portal) role of Publisher or Administrator or equivalent custom role.



Think Location
MHojati
by
Emerging Contributor
‎06-14-2021 09:52 AM

I used single machine build. so It seems to be federated. The login I am using is Administrator (the same login I made during setting up things using cloud builder)

0 Kudos
ChristopherPawlyszyn
by Esri Contributor
Esri Contributor
‎06-14-2021 06:42 AM

In line with @JayantaPoddar's comment, for a federated ArcGIS Server site you'll need to access the Server Manager page using the Administrative URL defined during federation. This is due to how the OAuth2.0 authentication mechanism keeps tabs on the approved redirect URIs.

 

Reference:

"If you are connecting directly to ArcGIS Server, the URL is formatted https://gisserver.domain.com:6443/arcgis/manager. If the site includes multiple GIS servers, this will be the URL of the machine you specified for the Administration URL when federating your site.


If you are connecting through ArcGIS Web Adaptor, you'll need to ensure administrative access is enabled on ArcGIS Web Adaptor. The URL you'll use to connect is formatted https://webadaptorhost.domain.com/webadaptorname/manager."


From https://enterprise.arcgis.com/en/portal/latest/administer/linux/administer-a-federated-server.htm


-- Chris Pawlyszyn