Feedback on this topic? Back to Top. Note: If you'll be adding an ArcGIS Server site to your portal and want to use web-tier authentication with the site, you'll need to disable web-tier authentication basic or digest and enable anonymous access on the ArcGIS Web Adaptor configured with your site before adding it to the portal.
Sign in to the portal website as an Administrator of your organization. Click Organization and click the Settings tab, then click Security on the left side of the page.
Click Save to apply your changes. Alternatively, you can update the following sample with user information specific to your organization. The default is arcgis. In the Home panel, double-click Authentication. Select Anonymous Authentication and click Disable. Select Windows Authentication and click Enable.
Open the portal website. Verify that you are prompted for your enterprise account credentials or automatically signed in using your enterprise account. The Service Principal Name SPN is what the user Kerberos agent will use to create the right Kerberos ticket which will allow the IIS server to impersonate the user when it hands off the request to the next service.
Is it important that the webservice uses the credentials of the logged in user? Open method to supply a fixed set of credentials to the web service? Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Learn more. Which account does ASP classic run under when integrated windows authentication is on?
Ask Question. Asked 12 years, 6 months ago. Active 12 years, 6 months ago. Viewed 14k times. Does this indicate that we need to get the ASP process running under a domain account? Improve this question. Can someone please tag this as [asp-classic]? I'm over here from StackOverflow but have no reputation to create a new tag.
Add a comment. Active Oldest Votes. Edit: Per your comment, then, as stated above the server is going to have no credentials with which to authenticate the user because Integrated Windows authentication gives the server no plaintext password to pass on to other servers or itself, which is another server in this case.
Three things you could try: If you can get WebService. Improve this answer. Evan Anderson Evan Anderson k 18 18 gold badges silver badges bronze badges.
If possible, specify an account whose password does not expire. In the rare case where your Windows Active Directory is configured to be case sensitive, set the caseSensitive parameter to true.
The account you specify for the user parameter only needs permissions to look up the names of Windows groups on the network. These parameters include restricting whether groups are refreshed automatically when an organization-specific user signs in to the portal, setting the membership refresh interval, and defining whether to check for multiple user name formats. See Update Identity Store for details.
By default, organization-specific users can access the portal website. However, they can only view items that have been shared with everyone in the organization. This is because the organization-specific accounts have not been added to the portal and granted access privileges. Add accounts to your portal using one of the following methods:. It's recommended that you designate at least one organization-specific account as an Administrator of your portal.
You can do this by choosing the Administrator role when adding the account.
0コメント