Community

WEBGISDR Failed due to PortalAdmin and ServerAdmin having different passwords.

353
4
03-14-2024 08:39 AM
Clint_Lusk
by
New Contributor II
‎03-14-2024 08:39 AM

I don't know if anyone else has seen this, but I wanted to post this here in case someone else runs into this issue.  

(Edit: Enterprise 11.1.0)

This is in a multi-machine deployment with separate machines for Portal, Server, Imagery Server, the data store, and other registered data sources etc.

We run a batch process every night to take a new backup using the WEBGISDR tools.  Recently we changed both our PortalAdmin and ServerAdmin for security reasons, and we made them different passwords.  In the past they were the same.  We changed the password in the WEBGISDR tool, but then it quit taking a backup for the ArcGIS Server.  The other components worked, but not the ArcGIS Server.  Way too much trouble shooting later, we changed the ServerAdming password to match the PortalAdmin and the WEBGISDR tool worked successfully again.

I scanned through the batch properties and tool properties and could not find anything detailing why or if there was a place to insert separate passwords etc.  All I know is it works now.  

I hope this helps someone else if they run into the same problem with a multi machine deployment.

Tags (1)
0 Kudos
4 Replies
CodyPatterson
by
Occasional Contributor III
‎03-14-2024 08:48 AM

Hey @Clint_Lusk 

I was curious which version of Enterprise you are using? I am currently using 11.2 and I have different passwords for Portal and Server, I have changed them before and haven't noticed this issue. I'm wondering if it may be something related to the version, and if there's a bug opened for it or similar.

Cody

0 Kudos
Clint_Lusk
by
New Contributor II
‎03-14-2024 11:10 AM

We're running 11.1.0.   And other than relating our experience... I just know that our WEBGISDR backups stopped working, and I know what our fix looked like.

0 Kudos
JonathanQuinn
by Esri Notable Contributor
Esri Notable Contributor
‎03-20-2024 12:35 PM

There is no requirement that the credentials for each component are different. In fact, we don't store the credentials used in federation in Portal, otherwise organizations wouldn't be able to take advantage of best practices for security and either disable the account or update the credentials at a regular cadence. If your security posture is that Server and Portal either don't use the same credentials, or you'd need to update them, and are finding that it breaks other workflows, then Support Services should take a look.

0 Kudos
Scott_Tansley
by MVP Regular Contributor
MVP Regular Contributor
‎03-14-2024 09:00 AM

Personally I disable the primary site administrator.  It’s then forced to use the portal password.  The PSA should always be closed as part of best practices.  It only gets used during build and upgrade in my sites.  I’ve never had an issue with this, but so far not used 11.2.

Scott Tansley
https://www.linkedin.com/in/scotttansley/
0 Kudos