Latest Contributions by LanceCole

@Todd_Metzler, You note that with SAML authentication should help resolve the issue we are experiencing.  Can you please elaborate on that a little further? We went ahead a configured our SAML identification provider with ArcGIS Enterprise and AGOL.  However, we still are not able to store a credential on AGOL to access secured services on our Enterprise deployment.  I believe SAML also does not use token based authentication to allow this to occur unless I missed something in configuring the authentication. ... View more

@RyanUthoff, Thanks for the quick reply.  I to have not been able to find anything in the ESRI documentation.  It does state that when using portal-tier authentication that SSO will not function.  However, why can not you use a domain\user to access portal items from AGOL and why do they disable the save credentials when using web-tier authentication.   I also tried making services from a AGOL-Portal collaboration public but have the same results. ... View more

Thanks, @John_Tyll  and @Scott_Tansley for your input and feedback. I ended up using the following configuration after coordinating with our IT department and ESRI Support. 1) The external.domain.com is passed through the external firewall on port 443 to the IIS server in the DMZ via NAT and a Web Application Firewall.  The IIS server hosts the Portal and server web adapters using a CA-issued certificate for the external domain.  However, the IIS server is a member of the internal domain but on a different subnet. 2) The Web Adapters were set to the external 443 port on the IIS server and configured using the external URLs https://external.domain.com/portaladaptername/webadapter  and https://external.domain.com/serveradaptername/webadapter. These are pointed to the internal Portal and Server names - https://portalserver.domain.local:7443 and https://arcgisserver.domain.local:6443. 3) We set up a Split-DNS on our internal domain for external.domain.com.  This directly directs the internal request to the IIS web adapters in the DMZ.  The external DNS directs the external IP to our network edge where the external firewall uses NAT to the internal DMZ IP. 4) We use SSL certificates from our internal domain CA on all internal ArcGIS and Portal Servers.  These were requested and installed on each server in place of the self-signed certificates.  We also added our domain CA root and intermediate certificates to these servers.  We could have added each server's certificate to each ArcGIS server, but this quickly gets complicated with multiple servers.  The IIS server is using a commercial CA for the external domain name.  5) At this point, everything was working, and we integrated Portal using IWA.  This allowed us to set up a domain administrator account on Portal before federating.  All the existing services were referenced into Portal under the domain account used to federate. 6) We chose to go ahead and federate the Portal with our ArcGIS server site.  We logged onto Portal using https://external.domain.com/portaladaptername/home.  For the Services URL we used https://external.domain.com/serveradaptername.  We have multiple ArcGIS GIS servers running on our ArcGIS Server site; therefore, the same URL was used for the Administration URL rather than one of the 6443 URLs.  I missed this requirement the first time - thank goodness for hourly server snapshots.  This does require Administration to be enabled on the server web adaptor.   https://enterprise.arcgis.com/en/portal/latest/administer/windows/federate-an-arcgis-server-site-with-your-portal.htm      ... View more

I ended up Integrating after Federating the Portal.  The only downside is all the existing content on the ArcGIS Servers was assigned to the portal account used when Federating.  It was not too hard to use the "Transfer Content"  option on the member's list to assign the content to the appropriate domain user. ... View more

Looks like @StefanUseldinger  had the correct date on this one.  Enterprise 11.1 documentation started showing up this morning and the software is available for download on my.esri download links.  I guess I know what I will be building next weekend. ... View more

@DavidPike, Thanks. Yes, it looks like the MAPX is the best option.  Just slow to load when there are a lot of feature classes. ... View more

Thanks, @Robert_LeClair.  That is what we attempted; however, when you open the APRX file on another system or open a shortcut to the APRX file ArcGIS Pro creates the APRX, GDB and ATBX files in the folder (or desktop) where the APRX was opened. For example, I clicked on the Wards.aprx - shortcut saved on my desktop and ArcGIS Pro created the additional files.     ... View more

@AdrianWelsh , With AppBuilder and Javascript API 3.x being retired in July 2024, I would use Experience Builder. You could save your chats to a database table and connect them together using a 1:M relationship class through a static Global ID on the point feature to a GUID on each chat thread.  In Experience builder, you can connect widgets together using actions as outlined in the ESRI document Add and connect widgets. ... View more