When managing authentication with your chosen identity store in Portal for ArcGIS, authentication can be configured at the Portal tier, the Web tier, or the External tier. The primary differences from a user experience perspective being Portal tier requires credentials to be provided to sign in and it does not support a Single Sign On (SSO) experience. Web tier can be configured to utilise the ArcGIS Web Adaptor, Microsoft Internet Information Services (IIS), and Integrated Windows Authentication (IWA) for a SSO user experience.
If using an enterprise identity store with Portal tier authentication, by its nature it requires a closer integration with your Microsoft Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) compatible identity store.
In any enterprise environment, it is crucial that services are able to restart/recover automatically in the event of disruption or failure. In the example of this blog post, this would be if there is a power outage or the server reboots unexpectedly.
When your services are not able to automatically recover, this can cause long outages for your users, especially if you are not actively monitoring your underlying infrastructure.
Do you need to incorporate newly purchased ArcGIS Enterprise named user licenses or Add-ons to your existing environment?
The following workflow will guide you on how to update your existing license file and import your new licenses seamlessly:
When you need to incorporate new ArcGIS Enterprise User Types or Add-on licenses (eg. Creators, Editors, ArcGIS Pro, Drone2Map) to an ArcGIS Portal instance, the existing license file can be edited so that the new user types or add-ons are updated in your license file. A new copy of the license file is then created in JSON format (by My Esri) and is then imported into ArcGIS Portal. This updates the user licenses in the environment or instance.
Workflow:
Log into My Esri as a user with ‘take licensing actions’ permissions, and then navigate toLicensing > License management > then select the tab ‘Portal for ArcGIS and Pro’. (see below).
From here, review your existing license files and locate the license that relates to your current ArcGIS Portal environment from the list.
Once you have identified the correct file, Select the Edit Licensing File icon on the right side of the page, and agree to the Terms and Conditions for a replacement license file to be created.
This will allow you to edit the Named User and Add-on license quantities. You may select any additional items that you wish to add or remove from your existing license file (from the available licenses).
If applicable, you may also update ArcGIS Pro in Enterprise Named User Licensing (as further detailed here:
Once editing is completed and all licenses you want in your ArcGIS Portal are present, you can select the “Next” button. You will be prompted to check and confirm your contact details on the following page and choose how you wish to receive the license file (by download or email). You may then select the “Create File” button.
Once you have received the updated JSON file this can be imported into Portal by logging into the ArcGIS Portal site as an administrator by Navigating to Organization > Licenses > Import License and browse to the new JSON file. This will update in Portal and the additional users applied to the instance. If you require ArcGIS Pro in Enterprise Named User Licenses, these will need to be added to the ArcGIS License Server too, as detailed here.
For further information on licensing named users in ArcGIS Enterprise, see the following links.
ArcGIS Enterprise Cloud Builder for Microsoft Azure is an application you install on your local Microsoft Windows machine to deploy ArcGIS Enterprise and stand-alone ArcGIS Server sites on Microsoft Azure. Depending on what role you want the site to fill, Azure Cloud builder provides several deployment options.
This blog will discuss the workflow of deploying multi-machine ArcGIS Enterprise (non-HA) with each component of base Enterprise deployment – Portal for ArcGIS, ArcGIS GIS Server, Data Store and App Gateway – installed on its own dedicated servers. One thing to note, starting from Azure Cloud Builder 10.8 for Microsoft Azure, the base ArcGIS Enterprise deployment is no longer accessed through a load balancer and reverse proxy. The 10.8 version of ArcGIS Enterprise Cloud Builder for Microsoft Azure creates ArcGIS Enterprise deployments that use a single Azure Application Gateway to access the portal and all federated servers – this is referred to as a version 2 (V2) deployment type.
Esri Australia Technical Blog 