Community
Select to view content in your preferred language

Signing In to Software and Apps with Enterprise Logins

8676
20
Jump to solution
03-04-2014 03:57 AM
JoeFlannery
by
Honored Contributor
‎03-04-2014 03:57 AM
We have implemented ADFS as the identity provider for Enterprise Logins in ArcGIS Online for Organizations (AGOL).

With enterprise logins, we cannot ???Sign In??? to AGOL on:
- ArcGIS for Desktop
- ArcGIS Explorer for Desktop
- ArcGIS App for Smartphones/Tablets

When will we be able to ???Sign In??? to AGOL in the applications listed above with enterprise logins?
Tags (2)
Preview file
89 KB
0 Kudos
20 Replies
BrianCulpepper
by
Occasional Contributor
‎10-28-2014 01:44 PM

hi Russell,

We have enabled Enterprise Login's within our University but are unable to log in via ArcGIS Collector (10.2.7 iOS).

So i feel like this is related to our Shibboleth / LDAP configuration, but i've been unable to find any specifics online or

within geonet.  We can access our accounts via Enterprise Logins if we're using a web browser (desktop) but not

from mobile apps or the iOS Safari browser.

Our campus security team is looking into it but any tips you may have would be greatly appreciated.

best regards,

brian culpepper

0 Kudos
RussRoberts
by Esri Notable Contributor
Esri Notable Contributor
‎10-28-2014 02:04 PM

What error are you seeing with Shibboleth enterprise logins? We have one known issue with Shibboleth logins right now that ends up preventing the credentials being accepted and an error page is displayed.

Russ

0 Kudos
BrianCulpepper
by
Occasional Contributor
‎10-28-2014 04:25 PM

Russ,

The message we get says:  You have asked to log in to: Unspecified Service Provider

Our enterprise logins work from a desktop web browser, so we only see this error message when

we attempt to log in from the ArcGIS Collector app (iOS 8.0.2).   we've not attempted connections

from Android or other iOS versions yet.

Our security team initially thought the issue was related to Collector not redirecting to an https://

url when prompting for our university credentials.  Any ideas?

thank you Russ!!

best,

brian culpepper

image2.PNG

0 Kudos
JoeFlannery
by
Honored Contributor
‎10-28-2014 07:35 PM

Brian:

Have you tried Collector 10.2.7?  Collector was updated today.

Collector.JPG

.

0 Kudos
BrianCulpepper
by
Occasional Contributor
‎10-28-2014 08:18 PM

Joe,

yes, i just tried again with the updated Collector app; even restarted my iPhone and tested again, but i

still receive the same error.

thanks for the suggestion though!  we'll keep at it until we resolve this issue; with some help from our friends

best,

brian culpepper

0 Kudos
FrankPotempa
by
Regular Contributor
‎10-29-2014 11:11 AM

We discovered our issue with external access by the following tests;

-use internal wifi, not public or cellular network, with iOS devices and laptops to confirm devices can connect on internal network. Login through browser to AGOL org site on both, then try Collector .

-Then use external wifi, public or cellular network, with iOS devices and laptops to confirm devices can connect on external network.

Review any and all possible logs and security settings in reverse proxy, if applicable, and other web servers in configuration. In  the end we discovered that access was only working inside and the only way to tell this was to connect the iOS device to the internal wifi which it then worked.

My environment;

Microsoft ADFS

IIS 7

AGS 10.2.2

Good luck
Frank

0 Kudos
RussRoberts
by Esri Notable Contributor
Esri Notable Contributor
‎10-29-2014 01:13 PM

We currently have a logged issue in for some Shibboleth enterprise logins failing in Collector iOS app. I can update the thread when I have more information on when we will have a fix ready.

Russ

DonFaulkner
by
Deactivated User
‎10-30-2014 02:30 PM

Hi Russ,

I work with Brian Culpepper. my team manages the Shibboleth environment. We're happy to assist in troubleshooting if it will help.

We've noticed some additional error messages referring to SOAP in our application logs. If you'd like more detail, feel free to reach out to me directly.

0 Kudos
JoeFlannery
by
Honored Contributor
‎03-04-2014 07:41 AM
Russ:

Thank you for this information.

Esri is pushing ArcGIS Online mapping in the cloud, hard.  It's a great platform and we have bought in.  The capability to leverage our Active Directory Federation Services with AGOL is wonderful.  However, it seems that legacy software (ArcMap and ArcGIS Explorer Desktop) and web store apps (Windows/Android/iOS) have not been updated to allow for enterprise login to AGOL.  I'm wondering when (or maybe I should ask if) Esri plans to update these software and apps to allow enterprise login to AGOL.  Sometime in 2014?  It seems like a critical missing piece for communication between AGOL and desktop/mobile applications.

Thank you for your time and input.
0 Kudos
RussRoberts
by Esri Notable Contributor
Esri Notable Contributor
‎03-04-2014 10:29 AM
For Desktop this is what I do:
ArcGIS Administrator > Advanced >Manage Portal Connections > add and then enter your full URL for your organization and then choose to connect to this new URL and save the change. When you launch desktop and choose to sign in you will see the option to use your enterprise login or your ArcGIS.com account like the Collector app. I am not sure how you would do this for Explorer. I would post this question in their forums.

Russ
0 Kudos