High Availability ArcGIS Server and Portal federated and using ADFS for authentication

Hi dlaw-esristaff

But we do need Web Adaptor if we use IWA in Portal and federated Server. correct?

Hi Azin,

> But we do need Web Adaptor if we use IWA in Portal and federated Server. correct?

Yes. Please review this help topic,

Use Integrated Windows Authentication with your portal—Portal for ArcGIS (10.5.x) | ArcGIS Enterpris... 

Hope this helps,

From everything I have read and heard, you must have one and only one web adapter associated with Portal.  And, just fyi, if you federate, Portal takes over all the security for ArcGIS Server, therefore if you have multiple web adaptors for Server, those a no longer in play.

ArcGIS Web Adaptor is a required component of Portal for ArcGIS which allows you to integrate your portal with your existing web server and your organization's security mechanisms. You cannot deploy Portal for ArcGIS in your organization without the Web Adaptor.

from About the ArcGIS Web Adaptor—Installation Guides (10.5) | ArcGIS Enterprise 

FYI, you can have two web adaptors in an HA environment, as long as you have a Web Context URL defined.

Deployment scenarios for a highly available ArcGIS Enterprise—Portal for ArcGIS (10.5.x) | ArcGIS En... 

I think it's more accurate to say you can only have one entry point to your Portal, however that's defined, (load balancer, reverse proxy, web adaptor, etc)

I also think that multiple web adaptors for Server can be configured, but only the one that's used as the services URL can be used to access secure services.  Additional ones can probably be used to access services shared with everyone, (as there's trust defined between Server and Portal based on the services URL, and Portal won't know about the other web adaptors).  Only a theory, I'll try to test that if I have time.