AnsweredAssumed Answered

Failed to update the identity store configuration

Question asked by jareds22 on Nov 21, 2014
Latest reply on Oct 10, 2017 by jhead@lakeworth

Hello GeoNet,

 

My GIS department has been having trouble with our GIS server. Here is some background on our problem and environment:

 

We are running ArcGIS for Server 10.2.2. It's installed on a virtual machine using Windows Server 2008 R2 Enterprise. Our User Store is using Windows Domain, our Role Store is using ArcGIS Server Built-In, our Authentication Tier is GIS Server, and our Authentication Mode is ArcGIS Tokens.

 

It started sometime yesterday. I don't have the exact details for how it started, as I was out sick. I came into the office today and the other two GIS admins said that their users were having problems with their Flex apps and layers not loading properly. They told me that some updates ran the night before and they were experiencing problems when they got in yesterday. I did some troubleshooting and discovered that some sublayers were not showing up in the REST API as being published I learned that all of the layers that were using a UNC path for the data source were having issues. I created a temporary folder on the server and tried to register that temporary folder via a UNC path to my server and got an error message saying that the data item is inaccessible.

 

Next, I checked the logs from ArcGIS Server Manager. I found the following message repeated many times:

 

Failed to update the identity store configuration. Failed to refresh the identity store configuration. Could not connect to the identity store as one or more of the connection parameters is incorrect. Verify that you can connect to the identity store outside of ArcGIS Server using the same parameters. [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]

 

Next, I went to mygisserver/arcgis/admin/security/config/updateIdentityStore to see what I could find. Under User Store Configuration, I found something that looked like this:

 

{

  "type": "WINDOWS",

  "properties": {

    "adminUserPassword": "[password]",

    "adminUser": "[username]"

  }

}

 

I don't have a whole lot of experience with the identity store, so I hit the update button to see what would happen. I got the following error message:

 

Failed to update the identity store configuration. One or more server machines could not be updated with new user or role store configurations.

 

I noticed that after hitting the update button, the value for adminUserPassword changed. Pressing update again gives the following error message:

 

Failed to update the identity store configuration. Could not configure the identity store as one or more of the supplied parameters is incorrect. Verify that you can connect to the identity store outside of ArcGIS Server using the same parameters.

 

It makes sense that I'm getting this message because my password would now be incorrect, given that it changed after hitting the update button. My question is why is this happening? It seems to me that from the server logs and these error messages that there's something wrong with our identity store, but I haven't been able to find any solutions.

 

Does anyone have any suggestions as to what I should try to look at next?

Outcomes