Migrate Built-In Named User accounts to Enterprise Named User accounts (Active Directory/SAML) in ArcGIS Enterprise/ArcGIS Online

@JakeSkinner great script! I think there might be one minor thing you've overlooked: the user's Group role (Member or Group Manager) in a group. For example, in "ArcGIS Online - Migrating User Content and Groups.py", around line 175, you would want to check the group role of the user's built-in online account, and assign the same group role to the user's enterprise account when you add them to the group (usernames = Member and admins = Group Manager.)

Also, for anyone using this script to process a very large lists of accounts, you run the risk of exceeding the operations rate limit, and the possibility of the script failing part way through processing a user. For such a case, I would highly recommend sticking a 5-second sleep in between processing each user.

@PeterKnoop good catch on adding the users to Groups.  I've updated the scripts to add them as either users/managers.

@JakeSkinner  Thank you for the script!

We are coming across issues connecting to our Enterprise portal in the Get Built-In Users Script. We tested several variations of our portal's url but we have been getting errors. We are trying to run the script on a virtual machine in our ArcGIS Enterprise environment. When using our portal url and portal admin credentials we are getting this error:  "Exception: User not allowed for this account (Error Code: 403)". We tried adding the ':7443' port to the url and it times out and gives us the same error. 

Example of what we have been using: gis = GIS(url="https://gis.organization.com/portal", username="username", password="password", verify_cert=False)

We also tried to add portal server's IP address in combination with the port number which looks something like :

gis = GIS(url="https://Portal IP Address:7443/arcgis", username="username", password="password", verify_cert=False)

but we get the following error:

"Exception: A general error occurred: Could not login. Please ensure you have valid credentials and set your security login question."

Any guidance or suggestions would be greatly appreciated as we cannot seem to get past the initial step of connecting to the portal url in the built-in users script that you have shared. 

@ErikNelson1 what type of account are you using to connect to Portal?  Do you know if it's a built-in, active directory, or SAML?  SAML is not currently supported.

@JakeSkinner we are using a built-in admin account to connect to the Portal. 

@ErikNelson1 do you have a security question set for the built-in account you are using?

@JakeSkinner yes, we do have a security question set for the built-in account we're using

@ErikNelson1 ,

1.  Are you able to sign into Portal with the credentials you are providing in the script?

2.  Do you have any reverse proxies in place?

3.  Is there another built-in admin account you can try?

@JakeSkinner 

• Yes, we are able to sign into our Portal with the admin credentials we've entered in the script.
• We do not have reverse proxies in place.
• We tested creating another built-in Portal admin account, setting the security question, and using those admin credentials in the script but we're still encountering the same errors. 

@ErikNelson1 can you test the below code on another machine that has ArcGIS Pro installed:

from arcgis.gis import GIS
gis = GIS(url="https://gis.organization.com/portal", username="username", password="password", verify_cert=False)

@JakeSkinner  we determined that our python environment did not match our 10.9 Portal version. 

The script ran successfully after running it in a python environment that was compatible with our Enterprise version.