POST
|
Well...this was a classic case of user error. It helps if you create the database sequences in the correct database. Once I created the test sequences in the appropriate geodatabase...it worked like a charm. Thanks folks!
... View more
01-28-2022
01:01 PM
|
0
|
0
|
470
|
POST
|
Hello everyone, We are currently working to migrate some versioned editors using SQL Server / replication and ArcGIS Desktop, to ArcGIS Pro and feature service. This group uses Attribute Assistant, so I'm working to migrate this functionality to Attribute Rules. So far everything is going pretty well. I have hit one snag though... I'm trying to create an attribute rule that will: We've created a database sequence for each locality using the naming convention s+FIPS for each locality. For example s011 for a sequence for a FIPS code with 011. Perform a spatial intersect (when user creates a new polygon) to return the locality that polygon is within's FIPS code. (working). We then take the returned FIPS code and concatenate it with s+FIPS to match the applicable sequence ID / Name. Then, we want to pass the new Sequence ID variable value (for example s011) into the NextSequenceFunction to ultimately return the next sequence value for any locality. This ultimately will populate the SEQUENCE field in the feature class/table. The issue I'm having is general evaluation failure when trying to execute the rule upon an edit as formatted below. The expression validates and saves without issue however. I know everything up to and including line 24 is working as we get th expected "s011" value which should match the sequence name/ID. // Value to copy from the intersected feature
var intersecting_field = "FIPS";
//Field rule is assigned to in the Attribute Rule
var feature_field = $feature.SEQUENCE;
// Create feature set to the intersecting class using the GDB Name
var intersecting_featset = FeatureSetByName($datastore, 'VA_COUNTY_BOUNDARY_STG', [intersecting_field], true);
var search_feature = $feature;
var intersected_feature = First(Intersects(intersecting_featset, search_feature));
// Check to make sure there was an intersected feature, if not, return the original value
if (intersected_feature == null)
{
return $feature.FIPS;
}
// If the intersected feature is null, return the original value
if (IsEmpty(intersected_feature[intersecting_field]))
{
return $feature.FIPS;
}
var sequenceID = 's'+intersected_feature[intersecting_field];
var id = NextSequenceValue(sequenceID);
return id Apologies as I'm still somewhat new to Arcade- but it is not possible to pass a variable value into a function? We have around ~130 sequences based off of FIPS so listing them out individually would be...not ideal. Thank you for any help or tips you can provide!
... View more
01-28-2022
10:10 AM
|
0
|
1
|
523
|
POST
|
Hello @RandallWilliams, I was wondering if it'd be feasible to include language that Esri is still investigating this issue (45105) (and/or any relevant updates) in the public-facing bulletin? In particular in regards to Enterprise components? Our IT oversight agency is becoming more alarmed as we approach the holiday weekend and it would be ideal to provide them some sort of update for our GIS servers for this CVE. I noticed the WAF language, however that's not managed at our level (actually by the oversight agency). Thanks as always for any updates you can provide!
... View more
12-22-2021
12:26 PM
|
0
|
2
|
1604
|
POST
|
Hello @RandallWilliams I just wanted to confirm that the current mitigations scripts don't remedy the newly discovered CVE-2021-45105 ? Does Esri plan to update the current scripts to perform the mitigation measures for this new DOS vulnerability? It looks like the mitigation options (aside from upgrading to the new 2.17 version is): In PatternLayout in the logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC). Otherwise, in the configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability. Also note that Apache Log4j is the only Logging Services subproject affected by this vulnerability. Other projects like Log4net and Log4cxx are not impacted by this. This hits just keep coming with this one don't they? Hope you and others are getting a little sleep at least! https://logging.apache.org/log4j/2.x/security.html
... View more
12-19-2021
07:47 AM
|
0
|
4
|
1450
|
POST
|
Hey Tom, Python 3.x is already installed with ArcGIS Server and the executable resides in that directory. So, all you are doing in command prompt is pointing the python executable in that location, to the python script file you downloaded, and providing a command for the script(--list or --delete) for example (assuming you have CD'd to the same folder/directory where Esri's log4shellmitigation.py script resides): List the .jar files: "C:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\bin\Python\envs\arcgispro-py3\python.exe" log4shellmitigation.py --list "c:\Program Files\ArcGIS\Server" Delete the offending code in the identified .jar files: "C:\Program Files\ArcGIS\Server\framework\runtime\ArcGIS\bin\Python\envs\arcgispro-py3\python.exe" log4shellmitigation.py --delete "C:\Program Files\ArcGIS\Server" I hope this helps! Example of the list command being run via the script:
... View more
12-15-2021
08:58 AM
|
3
|
1
|
1528
|
POST
|
I just ran these scripts in our Dev environment and all worked well...now moving on to our other environments. Huge thanks to @RandallWilliams and the rest of the dev and security teams for making these scripts available so quickly!
... View more
12-15-2021
08:25 AM
|
2
|
0
|
1562
|
POST
|
Hey Thomas- I posted a video link a few comments down. Hope it's helpful. -Rex
... View more
12-14-2021
07:52 AM
|
3
|
1
|
1689
|
POST
|
EDIT: As Randall has mentioned below, it looks like Apache has retracted their mitigation suggestion of adding the LOG4J_FORMAT_MSG_NO_LOOKUPS environment variable. Therefore, this won't be an effective (at least not fully) technique to mitigate risk. From Apache as of this evening: Other insufficient mitigation measures are: setting system property log4j2.formatMsgNoLookups or environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true for releases >= 2.10, or modifying the logging configuration to disable message lookups with %m{nolookups}, %msg{nolookups} or %message{nolookups} for releases >= 2.7 and <= 2.14.1. The reason these measures are insufficient is that, in addition to the Thread Context attack vector mentioned above, there are still code paths in Log4j where message lookups could occur: known examples are applications that use Logger.printf("%s", userInput), or applications that use a custom message factory, where the resulting messages do not implement StringBuilderFormattable. There may be other attack vectors. The safest thing to do is to upgrade Log4j to a safe version, or remove the JndiLookup class from the log4j-core jar. Original: I can post screen shots if you'd like, but I think this video covers the workflow pretty well. Just ensure to restart the ArcGIS Enterprise (Server/Portal/Data Store) Services under Services on each server following the creation of the variable (this video shows them restarting other services at the end). This assumes you are running ArcGIS Enterprise on a Windows Server. https://www.youtube.com/watch?v=CoUi4Hk6P3Y&t=0s
... View more
12-14-2021
07:49 AM
|
7
|
1
|
1878
|
POST
|
I'm not speaking authoritatively, but when I created the system environment variable on our servers, I restarted each Windows Service associated with ArcGIS Enterprise (ArcGIS Data Store, ArcGIS Portal, and ArcGIS Server). A server restart should do the trick as well as a more blanket approach.
... View more
12-14-2021
06:33 AM
|
4
|
0
|
1832
|
POST
|
Hey @ThomasColson @RochelleWolfe et al., Did you ever learn more about the state of this Chrome issue in regards to Esri Web Apps? We are seeing similar SameSite and Schemeful cookie warnings in our web apps and hear our organization will be implementing a Chrome update that makes these (previously experimental) features default / always on towards the end of January. I'm unsure right now as of the level of impact that this will actually have to users of our apps. I have tried going into the chrome://flags settings page and setting all of these (currently) experimental settings to "Enabled" and our apps appear to still load and function fine within Chrome. Thanks for any updates and info you can share!
... View more
01-07-2021
07:48 AM
|
0
|
0
|
3371
|
POST
|
Hey @codergrl did you ever figure this out or hear from Esri? We are seeing very similar errors in our console for apps deployed to our servers created in Web AppBuilder Developer... and our organization is apparently rolling out the Chrome update that will make SameSite / Schemeful cookie blocking default / mandatory. I'm unsure if this will have any detrimental affect to users of our apps or not at this time. Thanks for any info you can provide!
... View more
01-07-2021
07:43 AM
|
0
|
2
|
817
|
POST
|
Hello @Anonymous User and @ThomasHervey1 - I hope everyone had a great Holiday Season. I wanted to take a moment to post a little update on something I noticed today that I'm sure is related to the behavior noted in the first post just in case it's helpful. I noticed today while reviewing a couple of our downloadable Data Hub layers, that the dataset metadata (last updated and record count...along with (I presume) the map) is out of date / synch with the underlying data both within the service REST endpoint, and even within the attribute table in the Hub Data Page. Below are a couple of examples. For both of these datasets, manually going into the item, and checking for updates (I also recreated the download files...because why not?) resolved the issue. However this gets back to the manual vs automated update problem. I'm guessing this will be addressed in the 2021 enhancement you noted but thought this was good to mention just in case. Here, we can see that there was a record updated on 12/31/20, and the actual record count should be 2,159. The layer metadata is showing it was last updated 2 months ago (incorrect) and is missing at least the latest record (2,158 records). Again, this can be pretty misleading both to our internal editors / data users, and external consumers of our datasets. The next example is also a little perplexing... In this example, there were several updates on 12/30/20 and the metadata shows a last update of 4 days ago...which is at least close- but the record count is seriously off- by almost 60. Again, a manual update seems to have refreshed things: Thanks again for continuing to look into the Hub / Open Data update issues and any help you can provide!
... View more
01-04-2021
12:49 PM
|
0
|
0
|
3154
|
POST
|
Thanks again for the help Robert. After further troubleshooting I've arrived at the same conclusion. I'll kick off a ticket and update this thread if we ever find the resolution / culprit.
... View more
01-04-2021
12:39 PM
|
0
|
0
|
1731
|
POST
|
Thank you John- this was perfect! Also, a huge shout out to @BlakeTerhune who drafted the code that that got my app working. Below is the final snippet that got me up and running. You all rock! 👍 var view = new MapView({
container: "viewDiv",
map: map,
});
const urlParams = new URLSearchParams(window.location.search);
let coords = urlParams.get("coords").split(",").map(Number);
let zoomLevel = urlParams.get("zoomLevel");
console.log(`zoom level ${zoomLevel} at ${coords}`);
view.goTo({
center: coords,
zoom: zoomLevel
});
Update- Edited as pointed out by Blake below. Thanks again folks!
... View more
12-30-2020
11:42 AM
|
1
|
2
|
2246
|
Title | Kudos | Posted |
---|---|---|
1 | 12-08-2022 10:18 AM | |
1 | 12-08-2022 10:29 AM | |
2 | 11-03-2022 08:27 AM | |
2 | 11-10-2022 11:50 AM | |
1 | 11-16-2022 09:24 AM |
Online Status |
Offline
|
Date Last Visited |
12-29-2023
02:56 PM
|