Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configure ArcGIS Server to use Active Directory #60

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Configure ArcGIS Server to use Active Directory #60

wants to merge 1 commit into from

Conversation

mu88
Copy link

@mu88 mu88 commented Feb 6, 2017

This commit enables the Cookbook to set the ArcGIS Server's identity store to an Active Directory. For the authentication against the Active Directory, the following parameters out of webgis-windows.json are used:

  • node['arcgis']['run_as_user']
  • node['arcgis']['run_as_password']

To enable the coupling, the parameter node['arcgis']['server']['configure_active_directory'] within webgis-windows.json has to be set to true.

Furthermore, the ArcGIS Server's administrators and publishers can be bound to Active Directory groups. For this, the parameters node['arcgis']['server']['active_directory_groups_administer'] and node['arcgis']['server']['active_directory_groups_publisher'] have to be set within webgis-windows.json. These parameters are arrays, so several Active Directory groups can be set as administrators or publishers.

The new functionality is encapsulated within the recipe server_active_directory which is not enabled by default within 'webgis-windows.json' - this can be done on demand.

@kirankc
Copy link

kirankc commented Apr 4, 2017

@mu88, this is very helpful. I hope ESRI accepts this commit and merges it to the base as a lot of organizations could benefit from this.

@jonathanan jonathanan requested a review from pbobov April 4, 2017 16:46
pbobov
pbobov reviewed Apr 4, 2017
View reviewed changes
Copy link
Contributor

@pbobov pbobov left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This functionality (with a few changes to make it more generic) will be available in the next release of arcgis-enterprise cookbook.

@kirankc
Copy link

kirankc commented Apr 4, 2017

@pbobov that's good to hear. Any rough estimate on when the next release would be? Also, I am assuming you are referring to 10.5.1??

@pbobov
Copy link
Contributor

pbobov commented Apr 4, 2017

@kirankc Yes. The plan is to release ArcGIS Chef Cookbooks 3.1.0 with release of ArcGIS 10.5.1.

@mu88
Copy link
Author

mu88 commented Apr 4, 2017

@kirankc Great to hear that it would help you. Just keep in mind that my enhancement only supports ArcGIS Server's basic Active Directory support, so no nested Active Directory groups are supported. For this, I've also implemented Esri's ASP.NET Provider within Chef.
So if you're interested in this or other things (I've also implemented stuff like registering data sources (SDE and folders) in ArcGIS Server or create backups of ArcGIS Server / Portal) please let me know and I'll try to provide another PR to Pavel.

@kirankc
Copy link

kirankc commented Apr 4, 2017

@mu88 would love to see them. Please share the goodies with the community and @pbobov - I am particularly interested in the backup pieces. And, thank you for the heads up on nested AD groups - curious to see what ESRI has in cookbooks 3.1.0 towards this.

@mu88
Copy link
Author

mu88 commented Apr 5, 2017

Good morning everybody,
I've provided all my enhancements:

I hope you find it useful!
Regards and have a nice day =)

@kirankc
Copy link

kirankc commented Apr 6, 2017

Thank you @mu88 for sharing your hard work with the community. This is good stuff and something we all could benefit from.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pbobov pbobov pbobov left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mu88 @kirankc @pbobov