Hi,
When accessing our internal portal through the iOS Survey123 app we are prompted for the username and password to gain access.
Conversely when accessing the app via the desktop it uses Activity Directory, also if we access the portal page directly via the iOS phone it uses AD as well.
Username and password is not an option for our users, can anyone advise me on what can be done to use the AD authentication for our users when connecting to out internal portal?
Thanks for any help.
Regards,
Elliott
Hello Elliott Carson,
This is as expected as only Windows can support Single Sign On when using IWA.
The reason for this is because the client computer needs to belong to the domain in order for the user to not be challenged for credent.... Since IOS and Android devices are not Active Directory aware clients users will need to enter their Active Directory credentials in order to authenticate.
I am a little unsure when you noted you can hit your ArcGIS Enterprise environment in a web browser it automatically passes along Active Directory credentials to log in. When I test this on my end I am prompt to enter my AD credentials in Safari and Chrome. Is the device configured to allow for active directory to be used and automatically submit credentials?
In your screen capture it looks like you are not connected to a VPN when accessing your ArcGIS Enterprise Environment, is your environment publicly available and configured with IWA?
Thank you,
Zach
Hi Zachary Sutherby,
We are experiencing something similar with Collector where we are presented with a domain credential challenge when a user opens a web map on a mobile device outside our network. We are using a standalone AGS deployment with web adaptor and IWA web tier authentication. The device has a VPN on it logged in with the users domain credentials. Is it possible to avoid this domain credential challenge? It sometimes occurs multiple times for one web map.
Thank you.
Hello Jamie Leitch,
If the ArcGIS Server is publicly available you can store credentials for the service that way the Portal credentials would suffice for the proxy item.
If the ArcGIS Server is not publicly available I would suggest posting on the ArcGIS Collector GeoNet page or creating a case with Esri Technical Support as they will be able to dig deeper into all possible options.
Thank you,
Zach
CC Colin Lawrence