I'm trying to update the ArcGIS Server Security source of users and roles using the arcgis/admin/security/config/updateIdentityStore web service over Python, but I'm getting the error message "Failed to update the identity store configuration. One or more server machines could not be updated with new user or role store configurations". Going into the GUI, it appears like things get saved correctly, but I can't get into the roles using the credentials.
def updateIdentityStore(token, serverName, serverPort):
securityProperties = dict(adminUserPassword = 'MY#DOMAIN#PASSWORD', adminUser = u'MYDOMAIN\MYDOMAINUSERNAME', domainControllerAddress = "MYDCIPADDRESS")
securitySettings = dict(type = "WINDOWS", properties = securityProperties)
# Serialize directory information to JSON
securitySettingsJSON = json.dumps(securitySettings)
# Construct URL to create a new site
createNewSiteURL = "/arcgis/admin/security/config/updateIdentityStore"
# Set up parameters for the request
params = urllib.urlencode({'token': token, 'userStoreConfig':securitySettingsJSON, 'roleStoreConfig':securitySettingsJSON, 'f': 'json'})
headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain"}
# Connect to URL and post parameters
httpConn = httplib.HTTPConnection(serverName, serverPort)
httpConn.request("POST", createNewSiteURL, params, headers)
# Read response
response = httpConn.getresponse()
if (response.status != 200):
httpConn.close()
print "Error while creating the site."
return
else:
data = response.read()
httpConn.close()
# Check that data returned is not an error object
if not assertJsonSuccess(data):
print "Error returned by operation. " + str(data)
else:
print "Security updated successfully"
return
Solved! Go to Solution.
Hi Ray,
I added an "encrypted=false" parameter as well as the roleStoreConfig parameter. I added a snippet below that shows the payload creation and request. You can adapt this and still use the dictionaries used in your script.
serverName= "localhost"
serverPort= "6080"
updateURL = "/arcgis/admin/security/config/updateIdentityStore"
encrypted = "false"
roleStoreConfig= {"type": "BUILTIN","properties": {}} #if you want your roles to use the built in store
userStoreConfig= {"type": "WINDOWS","properties": {"adminUserPassword": "password","adminUser": "domain\\username","domainControllerAddress": "[DC IP addres]"}}
data = {'f': 'json',
'userStoreConfig': userStoreConfig,
'roleStoreConfig': roleStoreConfig,
'encrypted': encrypted,
'token': token}
encoded_args = urllib.urlencode(data)
urllib.urlopen("http://"+serverName+":"+serverPort+updateURL, encoded_args)
Philip
Could you format your code Ray... It isn't possible to tell if improper indentation is the result of copy and paste issues
Done. My bad. First time posting.
Another little wrinkle to this - it works fine with the user account from the GUI, so I installed Fiddler on the machine and ran things through the GUI, since it should be using the same web service behind the scenes to actually process the change.
The GUI is sending the same API call, except it appears to be encrypting the userStoreConfig first, and passing an encrypted userStoreConfig parameter with another encrypted=true parameter. Other than that, the request looks the same as mine - passing a token and json formatted.
Hi Ray,
I added an "encrypted=false" parameter as well as the roleStoreConfig parameter. I added a snippet below that shows the payload creation and request. You can adapt this and still use the dictionaries used in your script.
serverName= "localhost"
serverPort= "6080"
updateURL = "/arcgis/admin/security/config/updateIdentityStore"
encrypted = "false"
roleStoreConfig= {"type": "BUILTIN","properties": {}} #if you want your roles to use the built in store
userStoreConfig= {"type": "WINDOWS","properties": {"adminUserPassword": "password","adminUser": "domain\\username","domainControllerAddress": "[DC IP addres]"}}
data = {'f': 'json',
'userStoreConfig': userStoreConfig,
'roleStoreConfig': roleStoreConfig,
'encrypted': encrypted,
'token': token}
encoded_args = urllib.urlencode(data)
urllib.urlopen("http://"+serverName+":"+serverPort+updateURL, encoded_args)
Philip