Hi all,
I'm having trouble configuring windows users with the portal for arcgis.
I´m using the JSON below, from documentation:
{ "type": "WINDOWS", "properties": { "userPassword": "xxxx", "isPasswordEncrypted": "false", "user": "xxxx\\xxxxx", "userFullnameAttribute": "cn", "userEmailAttribute": "mail", "caseSensitive": "false" } }
All user from my AD appear in list correctly. I can setup the role and user type for them.
The connection work properly, but in portal, in the last window, the user can´t add. A red message appear in top of portal.
the following member cannot be added: user @ DOMAIN.
Why this happens?
Thank´s
Hello Sorato Marques,
It would be a good way to switch ArcGIS Enterprise Portal's Logging level to "DEBUG" and then reproduce the issue. This will allows up to understand more about what is happening and look into more details depending on that.
Can you share logs, would help in understanding the cause.
Follows the logs files.
I can to connect the identity store outside Arcgis Server!
Thank´s
Any firewall between the portal machine and your domain controller?
No, there is no firewall between the portal machine and domain controller.
Thanks for sharing the logs. There are several points, I think we can look at. I did some digging on the ports shown in the logs in regards to when these would be used, kindly find the doc URL below:
https://support.microsoft.com/en-in/help/179442/how-to-configure-a-firewall-for-domains-and-trusts
As asked by Jonathan Quinn, I think, running a check for firewall and the ports could help.
Additionally, searching ESRI docs, I found only one mention of "Connectivity issue" which actually does not have the same error message, kindly find the doc below:
Common problems and solutions—Portal for ArcGIS (10.8) | Documentation for ArcGIS Enterprise
The reason I think that the issue could be associated to this is "As mentioned in the initial post The connection work properly, but in portal, in the last window, the user can´t add. A red message appear in top of portal. "
This makes me think that ArcGIS Enterprise Portal is able to connect to AD but that seems to be breaking (not sure of the reason). Hence, if possible you can try adding the parameter "domainControllerAddress" and "domainControllerMapping" and check if this helps
Hope it helps!