Geodatabase Manager XI – Configuration Guide

Federate an ArcGIS Server Site with Portal for ArcGIS

Federating an ArcGIS Server site with Portal for ArcGIS integrates the security and sharing models of your Portal with one or more ArcGIS Server sites.

NOTE: Refer to Esri’s Federate a server site article to federate your server site.

After you finish federating your server site with Portal for ArcGIS, you need to consider communication protocols and security. By default, both ArcGIS Server and Portal for ArcGIS happen to be configured to communicate using HTTP and HTTPS. You can force HTTPS for all calls (HTTPS-only) or allow the server to use either protocol (HTTP and HTTPS). The protocol chosen does not have to match that of your Portal, except in the following scenarios:

  • If you are using Integrated Windows Authentication with your Portal or you require HTTPS for all communication in your organization, you must configure ArcGIS Server and Portal for ArcGIS to communicate using HTTPS-only.

  • If you are configuring the server as your Portal's hosting server, the communication protocol chosen should match that of your Portal. For example, if your Portal is HTTPS-only, then the hosting server should be configured as HTTPS-only. If your Portal supports HTTP and HTTPS, then the server protocol should be configured as HTTP and HTTPS.

Change ArcGIS Server Communication Protocol

Follow these steps to change the ArcGIS Server communication protocol, if needed:
  1. Open the ArcGIS Server Administrator Directory and log in as a user who has administrative permissions. The Administrator Directory URL is formatted https://gisserver.domain.com:6443/arcgis/admin.
  2. Click Security > Config > Update.
  3. On the Operation - Update page, select one of the following from the Protocol drop-down:

    • If you require HTTPS for all communication in your organization, select HTTPS-only.
    • If you use Integrated Windows Authentication with Portal for ArcGIS, you must select HTTPS-only.
  4. Click Update. Your ArcGIS Server site is restarted.
  5. Wait for the server to restart completely before proceeding.
  6. Log out of the Administrator Directory.
TIP: It takes ArcGIS Web Adaptor approximately one minute to recognize changes to the communication protocol of your site.

Configure Server Federation within Portal for ArcGIS

If you are federating an ArcGIS Server that uses a wildcard security certificate, import the root certificate into Portal for ArcGIS before federating. If Portal for ArcGIS has only a wildcard certificate for the federated server, it cannot validate the certificate CNAME, and thus can’t publish services nor perform some other operations.
  1. Sign in to the Portal for ArcGIS website as an administrator and browse to Organization > Edit Settings > Servers.
    IMPORTANT: In this step, you must connect to the website through the Web Adaptor URL (such as https://webadaptorhost.domain.com/webadaptorname/home). Do not use the internal URL on port 7443.
  2. Click Add Server.

  3. Provide the Services and Administration URLs, the Username and Password, then click Add.
    • Services URL: this is the URL used by external users when accessing the ArcGIS Server site. If the site includes the Web Adaptor, the URL includes the Web Adaptor address, for example, http://webadaptorhost.domain.com/webadaptorname. If you've added ArcGIS Server to your organization's reverse proxy server, the URL is the reverse proxy server address (for example, http://reverseproxy.domain.com/myorg). If your organization requires HTTPS for all communication, use https instead of http. Note that the federation operation performs a validation check to determine if the provided Services URL is accessible from the server site. If the resulting validation check fails, a warning is generated in the Portal for ArcGIS logs. However, federation does not fail if the Services URL is not validated, as the URL may not be accessible from the server site, such as is the case when the server site is behind a firewall.
    • Administration URL: this is the URL used for accessing ArcGIS Server when performing administrative operations on the internal network, for example, http://gisserver.domain.com:6080/arcgis. If your organization requires HTTPS for all communication (such as when using Integrated Windows Authentication), use https://gisserver.domain.com:6443/arcgis.
    • Username: This is the name of the primary site administrator account that was used to initially log in to Manager and administer ArcGIS Server.
    • Password: This should match the password for the username above!

  4. Click Save.

A green check next to the ArcGIS Server URL confirms that the server is validated.

You can read more about this authentication method in Esri’s documentation about federating an ArcGIS server with Portal for ArcGIS.

QR Code is a registered trademark of DENSO WAVE INCORPORATED in Japan and other countries.

Was this helpful?

Contact Information
Legal Information
Privacy Policy
Change your cookie settings