We have a federated ArcGIS Enterprise Environment, with two web adaptors(one each for portal and server) installed.
To make it accessible to all users we configured NLB on top of the web adaptors.
So, originally we have server services web adaptor URL:
https://test.test.net/server/rest/services/
After NLB this URL is changed to:
https://arcgis.test.com/server/rest/services/
But it fails to access the services using this new NLB URL and if we access services on Portal Web Maps, the request's sent are to the server URL with domain name which user's can't access making it non useful for the users to access services using NLB URLs.
Any thoughts would be highly appreciated.
Thank you!!
Solved! Go to Solution.
It is mentioned within Esri documentation that adding a DNS alias or reverse proxy after an ArcGIS Server site has been federated with your portal ...
If you're in a test environment, you could unfederate and follow the steps in this documentation to setup your deployment with NLB. When re-federating, make sure you use the intended services URL.
If you don't have a requirement for Integrated Windows Authentication (IWA), you might want to re-think if you even require Web Adaptors in your architecture.
When you say "it fails to access the services," what exactly is happening? Giving specific error types and codes is helpful.
Thank you @JoshuaBixby
Please excuse if my explanation is not accurate, but there is no error.
In the below screenshot we can see that I can access portal web maps and services using the NLB URL. But, the backend request to server is not through the NLB configured on server web adaptor. Its the root domain server URL which end users does not having access to making it un-useful. The users must access the server services using NLB configured URL for ArcGIS Server.
An ArcGIS enterprise (portal and federated servers) can not be referenced by one alias. Internal and external users must all use a single subdomain like.
https://gis.domain.com/portal/home
typically we design for external usage and use split DNS to creates internal and external aliases. It is impossible to have different names, so if you have existing content on an internal alias you either need to start again or use the internal name on the web (probably not a good idea). Esri professional services have a way of changing existing content to use a single new alias, but otherwise it’s unsupported.
ultimatelu it all comes down to not being able to have a single webcontexturl in the portaladmin properties.
It is mentioned within Esri documentation that adding a DNS alias or reverse proxy after an ArcGIS Server site has been federated with your portal ...
If you're in a test environment, you could unfederate and follow the steps in this documentation to setup your deployment with NLB. When re-federating, make sure you use the intended services URL.
If you don't have a requirement for Integrated Windows Authentication (IWA), you might want to re-think if you even require Web Adaptors in your architecture.