Background
I'm in the process of moving to new SQL Servers and migrating a bunch of SDE databases. So I'm having to update lots of SDE references for map services, FME workbenches, projects. I'm noticing some confusing behavior when trying to register datastores (SQL Server databases) with a Federated ArcGIS Server (10.6). Wondering if it has to do with the way Portal/Enterprise handles Integrated Windows Authentication (IWA).
Steps taken
- Tried running ArcGIS Server Manager on my local machine - https://webadaptor.domain.com:6443/arcgis/manager - and registering a new Managed Database by importing an existing .sde file that works everywhere else. As soon as I click 'Import', I'm bounced back to the login screen where no set of credentials will log me back in. Refreshing the page in the browser shows me as logged in.
If I try https://gisserver.domain.com:6443/arcgis/manager, I get the following notification:
- When I tried the same on the actual ArcGIS Server machine, strangely, I was able to register one (1) new datastore in this manner. As soon as I tried to register another, I got bounced back to the login screen as above.
- When I try it in ArcCatalog - make an admin server connection to the federated server, then go to ArcGIS Server Properties - I can register new datastore without any issues by importing my .sde files. So for now, this is the only way to make this work. I imagine it can be done through Pro as well.
- I've also tried it using arcpy, but when I try the code below:
import arcpy
serverConn = <path_to_my_current_DOT_AGS_file>
sdeConn = <path_to_my_DOT_sde_file>
arcpy.AddDataStoreItem(serverConn, "DATABASE", "what_i_want_my_connection_to_be-called", sdeConn)
all I get is this error:
RuntimeError: Cannot open AGS server connection.
QUESTION:
Is any of this expected behavior? Is IWA not working right? Why do I have to have privileges or am able to do it through the application but not in the browser?