How to fix valid server adding as hosting in portal ArcGIS enterprise Base deployment configures?

6302
8
Jump to solution
12-08-2017 03:43 PM
FranciscoCosta1
Occasional Contributor

The question: Hi, i have installed single machine base ArcGIS deployment and everything worked well, after until the step of hosting server, because despite validating the arcgis server site in portal, it returns a database error, how to fixing this, so it's possible to host webscenes and layers in portal here?

Input: 

Services URL: https://<fqdn>/<webadaptor_servername>/rest/services
Administration URL: https://localhost:6443/arcgis

Results:

Unable to set <fqdn>/<webadaptor_servername>/rest/services as the hosting server.

Failed to update federated server 'localhost:6443 (id: EoYNqaL209NGVt9B)'. Failed to validate the server managed database '/enterpriseDatabases/AGSDataStore_ds_2dhls6f5'.

‍‍‍‍‍‍‍‍‍

Observations:

i) skipped the https configuration self signed certificate but all seemed to work fine i can navigate in portal and arcgis managers, if there would be a problem with this i wouldn't be able i guess.

ii) installed the content directories of arcgisserver, arcgisdatastore, arcgisportal, not in C:\ but in c:\users\<username_without_spaces>\ArcGIS\Enterprise\ for personal organization were no spaces were used.

Legends:

<fqdn> - fully qualified domain name, basically it's my windows computer name followed by the first 4 digits of my local OS username: <machine_name>.<first_digits_of_osusername>, i don't use Windows OS authentication of arcgis server, basically relying in domain authentication since goal here is to be able to configure ArcGIS Pro sharing as hosted with ArcGIS Portal. 

Step-by-step of the configuration:

ArcGIS Enterprise - Single Machine Deployment - according to http://server.arcgis.com/en/portal/latest/install/windows/tutorial-creating-your-first-web-gis-confi...m
i) Prepare Fresh Install
- remove deprecated files by clean c:\Program Files\ArcGIS\Portal, c:\Program Files\ArcGIS\Server, c:\Program Files\ArcGIS\DataStore
ii) Install and Configure Portal for ArcGIS
a. Install
- Unpack setup files to c:\install_portal\
- launch setup.exe
- install directory: c:\Program Files\ArcGIS\Portal
- install directrory: %userprofile%\ArcGIS\Enterprise\arcgisportal\
- Specify accounts:
account name: #####
password: ######
- authorization options: I have received an authorization file 
- Click ok and finish installation.
b. Configure
- After installation it can take 10 minutes or a restart for portal URL to be available https://localhost:7443/arcgis/home/ or https://<fqdn>:7443/arcgis/home/.
- Choose to create a new portal. Create the so called: initial administrator account, and specify the content directory for the portal.
First Name: ###
Last Name: ###
E-mail: #####
Username: #####
Pass: #######
Content Directory: C:\Users\<username>\ArcGIS\Enterprise\arcgisportal\content
- Account created, it takes couple of minutes for portal restarting, now install web adaptor and configure with portal using with the initial administrator account, after which is possible to sign in with that admin account specifically using web adaptor URL, for example https://<fqdn>/arcgis/home.
~completed after 3 hours.
iii) Enable HTTPS on the server as explained in enable https tutorialhttp://server.arcgis.com/en/portal/latest/install/windows/enable-https-on-your-web-server-portal-.ht....
Each web server has its own procedure for loading a certificate and binding it to a website. There are three types of certificates—CA-signed, domain, and self-signed. For prototyping only it's chosen self signed certificate. But for initial setup it's ok to skip this step but everytime you have to click ok when browsing for https.
~0,25 hours
iv) Install the Web Adaptor - IIS server - for portal.
- Since this prototype setup will include two Web Adaptors, name this one portal. Configure the Web Adaptor with your portal using the initial administrator account.
- run setup compress install and unpack install files into c:\install_webadaptor_iis\
- launch setup.exe
- accept license and click yes
- port: 443
- name: webadaptor_portal
- click ok and wait for restarting https://localhost/webadaptor_portal/webadaptor
- Product configuration: portal
- Portal URL: https://<fqdn>:7443
- Use the portal initial administrator account for configuration:
Admin Username: ####
Password: #####
And Click configure accordingly.
- It should output - Use the following URL to access your portal application:
https://<fqdn>/webadaptor_portal/home
- The Initial Administrator Account is the core account, if necessary to delete this and create a new administrator, now create a new account for administrator, now sign in with initial administrator, change the ownership of the Featured Maps and Apps group into the new one, and when done give it administrator priviledge, sign in with the new admini and delete the initial admin.
After you delete the account, the Web Adaptor continues to work with the portal. It is not necessary to reconfigure the Web Adaptor with your portal using the credentials of the new administrator account.
Restart the computer and wait 5 minutes for all services to download, which is required for this computer because it will act as server.
~1,5 hours
v) Install and authorize ArcGIS Server. Ensure that you license the server as ArcGIS GIS Server.
a. Install ArcGIS Server
- remove c:\Python 2.7 install if it is available because it's preferable to have an install by ArcGIS Server because it accesses it for geoprocessing tools.
- run setup compress install and unpack install files into c:\install_server\
- run setup.exe and accept install of c:\python27
- install into c:\Program Files\ArcGIS\Server
- specify account for ArcGIS Server admin:
ArcGIS OS ServerAccount: #####
Pass: ####
- After installation finish authorize using file
- Click ok and it will popup the wizard: https://localhost:6443/arcgis/manager/
By create a site, one cluster is automatically created and your machine is added to the cluster.
b. Configure ArcGIS Server
- Create new ArcGIS Server site in wizard: https://localhost:6443/arcgis/manager/
- Configure primary site administrator account (which is different from ArcGIS Server OS account before provided).
Username: ####
Pass: ####
- Specify paths:
Root Server Directory: C:\Users\Francisco\ArcGIS\Enterprise\arcgisserver\directories
Configuration Store: C:\Users\Francisco\ArcGIS\Enterprise\arcgisserver\config-store
- Here there is a problem, i.e. ArcGIS Server create new site command can hang up in https://localhost:6443/arcgis/manager/, give it 2 hours and then test after this long if https://<fqdn>:6443/arcgis/admin/ and https://<fqdn>:6443/arcgis/manager/ works then it is done.
Also observe that arcgisserver creates c:\arcgisserver\logs for logs and c:\arcgisserver\local\machine\ for information regarding configures.
~3 hours
vi) Install a second Web Adaptor named server and configure the Web Adaptor with your ArcGIS Server.
- Use the install_webadaptor_iis unpacked files if they are still available.
- Use HTTPS for the URL you provide when registering the Web Adaptor. You do not need to enable administrative access.
- accept install
- port: 443
- Name for the ArcGIS Web Adaptor: webadaptor_server
- What product to configure ? Choose ArcGIS Server.
- Specify URL using the primary site administrator account accordingly:
ArcGIS Server URL: https://<fqdn>:6443
Administrator Username: #####
Administrator Password: #####
Leave unchecked the administrative access as recommended to let both ArcGIS Server manager and Admin access directly URL from one of the servers of the site.
- Wait for the success manage.
Use the following URL to access the Services Directory:
https://localhost/webadaptor_server/rest/services
~1 hour
vii) Install ArcGIS Data Store and create a relational data store to be used with your ArcGIS Server site.
a. Install dataStore
- unpack compressed file into c:\install_datastore and launch
- install in c:\Program Files\ArcGIS\DataStore
- setup primary administrator account:
ArcGIS Data Store Account: ####
Password: ####
- When complete it will display the configuration wizard: https://localhost:2443/arcgis/datastore
b. Configure DataStore
- Go in wizard and complete https://localhost:2443/arcgis/datastore
ArcGIS Server URL: https://<fqdn>:6443
Administrator Username: ####
Administrator Password: ####
- Specify content directory used to store data, logs, backup files and more.
Content Directory: C:\Users\<username>\ArcGIS\Enterprise\arcgisdatastore
Choose Relational
Choose Tile Cache
Leave SpatioTemporal unchecked since it is usually installed in another machine for performance besides the Relational and Tile Cache machine.
- Wait for the configuration status success:
The following component(s) of ArcGIS Data Store are configured with ArcGIS Server site(s).
Relational
Tile Cache
~2 hours
viii) Federate ArcGIS Server with Portal.
To complete the configuration process, you must now federate the ArcGIS Server site with your Portal and set it as the hosting server.
- Please sign in to your Portal as an administrator (usually the primary portal administrator account not the OS of course) and navigate to My Organization > Edit Settings > Servers. Use the Add Server option to federate the site.
Services URL: https://localhost/webadaptor_server/
Administration URL: https://<fqdn>/arcgis/
User: ####
Pass: ####
Click in Add Server. It will show after a checkmark before the server administrator URL.
- Then set the site as the hosting server and click Save.
When done it should send back to My Organization > My Content page automatically.
~1 hour
ix) Test if working
- To test whether your deployment is working properly, add your zipped shapefile to the portal. Navigate to the map viewer by clicking Map. Click Add > Add Layer from File and browse to the location of the .zip file. Click Import Layer, and the shapefile contents should appear on the map.
- Share it and open it with its id in mozilla.
Done Enjoy!

1 Solution

Accepted Solutions
JonathanQuinn
Esri Frequent Contributor

First thing that comes to mind, I wouldn't federate using localhost. You should use the machine name.

Second, what is returned when you validate the ArcGIS Data Store from either Manager or the Admin API?

View solution in original post

8 Replies
JonathanQuinn
Esri Frequent Contributor

First thing that comes to mind, I wouldn't federate using localhost. You should use the machine name.

Second, what is returned when you validate the ArcGIS Data Store from either Manager or the Admin API?

FranciscoCosta1
Occasional Contributor

You were right and i fixed it! I managed to share a shapefile using My Content > Add ITem. Now the issue is that i got somehow 2 instances of the same machine, displaying in the available hosting drop box. 

So, thought to unfederate both instances and federate one again. It's when occurred a different issue: 

Failed to unfederate server 'fqdn:6443 The server at 'https://fqdn:6443/arcgis/admin/mode' returned an error. Could not decrypt token. Token may not be valid.

I guess the error must be somewhere here:

-> In ArcGIS Server site Properties Admin URL i have changed from: https://FQDN:6443/arcgis/admin  to https://FQDN:6443/arcgis/ to match the Admin URL i used in Portal to federate as Admin URL.

-> Generated a new selfsignedcertificate with CN =FQDN, and SAN=DNS:FQDN, then went in certmgr.exe and added the exported cer into Root Trusted Certificates and into Personal Certificates, then went to IIS and binded into 443 something that resembled the aformentioned certificate

JonathanQuinn
Esri Frequent Contributor
FranciscoCosta1
Occasional Contributor

Hi, i suppose 0123456789ABCDEF is the portal id right if yes where do you get it or you just use that string? because i found out <serverID> and the result was:

You do not have permissions to access this resource or perform this operation.

Error: 403

 only replaced the web adptor and serverID in there

UPDATE:

I don't know if this was a bug, but when i unfederated one instance of two of the same server in the same machine, somehow the federated server that was left with portal changed it's authentication tier despite being federated to GIS SERVER+, so i changed it back to ARCGIS_PORTAL+ in https://localhost:6443/arcgis/admin/security/config that made portal take control again of the ArcGIS Server token, and when i tried the usual procedure to unfederate a server using portal admin, it worked!!

Now can share shapefiles etc in My content of Portal it's working.

QUESTIONS?

I) If everything is working why https://localhost:2443/arcgis/datastore/  is not connecting ? Do i need to reconfigure it again it makes no sense since the Portal is actively hosting.

II) is 0123456789ABCDEF literally to be included or is it a portal ID.

ACKNOWLEDGE:

Really Jonathan Quinn your ideas helped a lot finding solution.

0 Kudos
JonathanQuinn
Esri Frequent Contributor

In a multi-machine site, the servers all share the same security mechanism, so unfederating/resetting the security on one machine should do the same on the other machine(s).

For your questions:

1) You should either validate the federation in Portaladmin or validate the ArcGIS Data Store in Manager or the Admin API.  That should give you a detailed error.

2) All on-premises portals have 0123456789ABCDEF as the org ID.

FranciscoCosta1
Occasional Contributor

If someone knows those 2 related questions' answers do post so we can close this topic as fully answered here.

0 Kudos
FranciscoCosta1
Occasional Contributor

Ok actually with answer which was shown along can be considered that question was well answered here. Again thanks.

0 Kudos
MatloobAhmed
New Contributor

I am Matloob Ahmed from karachi 

i want to install gis portal on my laptop and gis server on windows server. can i do that or not if not what could be the reason on the my email '' matloobahmed786@gmail.com" 

0 Kudos