BLOG
|
In order to build full trust within your environment it is important to have all your machines trust each other. This is especially important if Portal, Server, Data Store and Web Adaptor are all on different machines as within most environments the communication will be terminated if there is invalid trust which is caused by invalid certificates. This blog will be short, sweet and to the point. You will need the following to put inside of portal and server sslcertificate store if --> You have an external environment: Domain CA root certificate (.cer) Domain CA intermediate certificate (if you have one) (.cer) Public CA root certificate (.cer) Public CA intermediate certificate (if you have one) (.cer) Domain CA end/server certificate for each machine (if you have two or more server machines you need one for each then one for the portal machine) (.pfx) You have an internal environment: Domain CA root certificate (.cer) Domain CA intermediate certificate (if you have one) (.cer) Domain CA end/server certificate for each machine (if you have two server machines we need one for each then one for the portal machine) (.pfx) Then import each certificate into the server/portal internal web server through the admin endpoint starting with both Public CA and Domain CA Root Certificates - then all the Public CA and Domain CA intermediate certificates - then importing the domain CA pfx certificate for that specific machine to be used in order for valid certificate trust when accessing portal/server through the port (7443/6443) You can also import the Domain CA certificate into the Data Store however most of the time this is not necessary. How to import certificates into Portal, Server & Data Store: Portal --> Import a certificate into the portal—Portal for ArcGIS (10.7 and 10.7.1) | ArcGIS Enterprise Server --> Configure ArcGIS Server with an existing CA-signed certificate—ArcGIS Server Administration (Windows) | ArcGIS Enterpris… Data Store --> Replace ArcGIS Data Store SSL certificate—Portal for ArcGIS (10.7 and 10.7.1) | ArcGIS Enterprise A little bit about why this is important: Security best practices—Portal for ArcGIS (10.7 and 10.7.1) | ArcGIS Enterprise Best practices for configuring a secure environment—ArcGIS Server Administration (Windows) | ArcGIS Enterprise Directly from the above documentation --> "Like ArcGIS Server, the ArcGIS Enterprise portal also comes with a preconfigured self-signed certificate. If you'll be federating your site with a portal, you should request a certificate from a trusted CA and configure the portal to use it. Configuring a certificate from a trusted authority is a secure practice for web-based systems and will also prevent users from encountering any browser warnings or other unexpected behavior. If you choose to use the self-signed certificate included with ArcGIS Server and the ArcGIS Enterprise portal during testing, you will experience the following: Warnings from your web browser, from ArcGIS Desktop, or from ArcGIS Pro about the site being untrusted. When a web browser encounters a self-signed certificate, it will typically display a warning and ask you to confirm that you want to proceed to the site. Many browsers display warning icons or a red color in the address bar for as long as you are using the self-signed certificate. The inability to open a federated service in the portal's Map Viewer, add a secured service item to the portal, log in to ArcGIS Server Manager on a federated server, or connect to the portal from ArcGIS Maps for Office. Unexpected behavior when configuring utility services, printing hosted services, and accessing the portal from client applications. Caution: The above list of issues you will experience when using a self-signed certificate is not exhaustive. It's imperative that you use a CA-signed certificate to fully test and deploy your portal."
... View more
12-03-2019
06:19 AM
|
6
|
0
|
2345
|
POST
|
What if the ArcGIS Server account is a local account and Catalog is on a different machine than the ArcGIS Server machine?
... View more
02-07-2019
08:06 AM
|
0
|
0
|
509
|
POST
|
My customer is having this issue right now and I have found the following information: https://community.esri.com/thread/15421 https://community.esri.com/thread/4071 https://community.esri.com/thread/51989 -"This problem came for both Mapserver and Geodataserver. I made a mistake of not giving the GDB/MXD file the required permissions (ie ArcGISSOC & ArcGISSOM)." https://community.esri.com/thread/9870 I have yet to figure this out though my customer has a local account running ArcGIS Server and catalog is on a different machine In my experience when the ArcGIS Server account is a local account you need to create identical accounts on other machines that the server needs access to those files on those machines My customer has a UNC file share to the sde connection with the ArcGIS Server local account granted full access HOWEVER we are accessing this connection through a UNC on the client machine (different machine than ArcGIS Server) where there is no identical ArcGIS Server account for the client machine I am thinking that we need to create an identical account on the client machine and grant security (and sharing?) to that file with this newly created identical account I think it should work then however I have not tested this I will reply when we do solve this Any help would be appreciated
... View more
02-07-2019
08:01 AM
|
0
|
0
|
747
|
POST
|
Hey Derek, if the ArcGIS Server account is a local account then would you need to create an identical local account with the same password on the client machine that has Catalog installed and grant access to that shared file path for the client machine identical username as arcsoc account on that permissions as well? What is the protocol when you have a local account running ArcGIS Server and Catalog is on a different machine than ArcGIS Server?
... View more
02-07-2019
07:59 AM
|
0
|
0
|
355
|
POST
|
What did you give permissions to precisely to get this to work? I am a little confused on what specifically you granted permissions to and what user that you granted those permissions to. Any response would be much appreciated
... View more
02-07-2019
07:53 AM
|
0
|
0
|
476
|
POST
|
Which version of collector have you tried? 18.0.2, 18.0.3 or Aurora? Are you using iOS or Android?
... View more
12-13-2018
11:12 AM
|
0
|
5
|
2244
|
POST
|
You have close out of ArcMap then to go to the program "ArcGIS Administrator" on your ArcMap machine and go to Advanced > Manage Portal Connections > Add > Connect > Save Then open ArcMap again and you should have the option to sign into your Portal now under File > Sign In
... View more
12-04-2018
11:08 AM
|
3
|
1
|
4098
|
POST
|
What do the developer tools in Console and Network say? Any red errors? Open dev tools then try to add the layer again and see what errors pop up in Console and Network
... View more
07-05-2018
01:09 PM
|
0
|
0
|
776
|
POST
|
Correct, this is a parameter that we had to add to this JSON, it was not already there.
... View more
05-01-2018
12:27 PM
|
0
|
0
|
6181
|
POST
|
Make sure to have the correct capitalization or it will not respect the parameter: "pointZoomScale"
... View more
04-26-2018
07:36 AM
|
0
|
2
|
6181
|
POST
|
I also want to clarify it is not possible for Survey123 to work against against two separate sub-layers within a feature service.
... View more
04-23-2018
07:23 AM
|
0
|
1
|
2633
|
POST
|
yvesle "items added form ArcGIS for Server" simply means any service from ArcGIS Server (no matter where it was published from)
... View more
04-10-2018
09:28 AM
|
0
|
0
|
469
|
POST
|
Map Services will work just as well as Feature Services to be able to query that data: "The following layers are searchable with Query capability enabled: Hosted feature layers ArcGIS Server feature service layers ArcGIS Server map service layers" However if the "SHAPE" field is turned off in the layer before publishing then there will be issues with this search functionality. If the "SHAPE" field has been turned off then the layer may still be able to be queried however it will not zoom to the layer or open the popup related to the item. This is expected behavior. We have a built in function with our analyzation before publishing that will warn the user regarding this: 24048: Shape field is not visible: In order to properly draw queried map features it is required that the shape field be visible. The shape field contains geometry for the corresponding feature. We also have a bug related to moving around the shape fields and how it can corrupt the ability to perform popups. At the end of the day, when it comes to the "SHAPE" field do not turn this off before publishing, make sure this field stays on. Regarding the format, stray away from rearranging or turning off the "SHAPE", "Shape.STArea()", and "Shape.STLength()" fields from their original format or it could result in the same behavior or corruption. The "OBJECTID", "SHAPE", "Shape.STArea()", and "Shape.STLength()" fields are hidden by default when adding the item to an ArcGIS Online or Portal Map Viewer. No matter what fields can be turned off using one of our client applications with the configure popups in the Map Viewer or using one of the Widgets in Web AppBuilder such as the Attribute Table or Smart Editor. Please let me know if you have any questions!
... View more
03-21-2018
11:24 AM
|
2
|
0
|
1056
|
POST
|
SUSE 12 is supported at 10.6 https://support.esri.com/en/technical-article/000017062 --> http://downloads.esri.com/Support/downloads/other_/DEPRECATED%20FEATURES%20PLAN%20FOR%20ARCGIS%2010.6%20and%20ArcGIS%20Runtime%20SDK%20100.x%20Year-end%202017%20v1.pdf Support for SUSE Linux Enterprise Server 11 ArcGIS Enterprise 10.6.x will be the last major release series to support SUSE Linux Enterprise Server 11. The next major release after ArcGIS Enterprise 10.6 will continue to support SUSE Linux Enterprise Server 12.
... View more
01-18-2018
10:24 AM
|
1
|
1
|
473
|
POST
|
BUG-000096814: The warning, “Query performance on layer is suboptimal and will impact user experience” appears in the Data Manager tab for items added from ArcGIS for Server, even if performance is adequate and other identical items do not have the same warning. The warning may spawn due to how the Feature Service was added as an item in ArcGIS Online: Entire Feature Service .../FeatureServer (Error appears more this way) Individual Feature Layer .../FeatureServer/0 Be aware that when adding the Individual Feature Layer, the description, tags, and thumbnail are not populated automatically. Unless you or other users are seeing performance issues then this warning can be ignored.
... View more
11-01-2017
05:30 AM
|
1
|
2
|
469
|
Title | Kudos | Posted |
---|---|---|
1 | 11-01-2017 05:30 AM | |
1 | 01-18-2018 10:24 AM | |
2 | 03-21-2018 11:24 AM | |
6 | 12-03-2019 06:19 AM | |
3 | 06-30-2017 05:43 AM |
Online Status |
Offline
|
Date Last Visited |
05-24-2021
03:34 PM
|