Register SAML-compliant identity provider with Portal 10.7

1222
2
07-04-2019 12:42 PM
PhilippeVan_De_Vreken2
New Contributor III

Hi all,

When trying to register an OAM IDP with Portal for ArcGIS 10.7 through a metadata.xml file, I get the following error: "Unable to register identity provider. Unable to register idp 'test' for account '0123456789ABCDEF', 'Invalid user license type.'. "

Nothing to see in the Portal logs.

There's nothing wrong with the metadata.xml file, because importing the same file in Portal 10.6.1 works fine.

I also tried to use an URL to provide the metadata of the IDP but I get the same error.

Any ideas?

Best regards

Phil

0 Kudos
2 Replies
HarroldSompotan
Esri Contributor

Thanks for sharing the error. For some reason this error is hitting the internal Portal Organization ID which is set to 0123456789ABCDEF, which is the case for all Portal for Arcgis, and not authenticating the "test" account, which I assume is the Active Directory account that is trying to log in. 

The the licensing model has changed in 10.7 by applying the JSON file, can you check and confirm in Portal admin, that you have the appropriate license and that the attempted user has been invited or that the automatic creation account has been enabled? 

https://enterprise.arcgis.com/en/portal/latest/administer/windows/automatic-registration-of-enterpri...

0 Kudos
DanielUrbach
Occasional Contributor II

Hello Phillipe,

Can you confirm that you have a default user type and role set in your Organization Settings > Member Roles tab?

It's possible that this was set incorrectly or your licensing was changed since that was set, causing the error you reported.

If the Default role for new members had been previously set to a custom role that no longer exists, you will want to update the default to an existing one.

-Danny

0 Kudos