Don’t Go Rogue with Your Enterprise Deployment

Do you ignore the instructions when putting together furniture and end up with extra pieces? While you won’t have extra pieces left over with your Enterprise deployment, you won’t have a fully functioning deployment. Below are some areas where you shouldn’t go rogue with your deployment.

When planning to deploy ArcGIS Enterprise make sure you follow Esri’s instructions. Esri has defined steps on how you should deploy things. Your Enterprise deployment is not the time to improvise or skip steps. Here are areas where going rogue can go wrong.

SSL Certificates from a Reputable Source

A Secured Socket Layer (SSL) Certificate is standard security technology for creating an encrypted link between a web server and browser. Without an SSL Certificate from a reputable source, browsers like Google will flag your Portal site as not being secure.

By default, your web server only communicates using HTTP. Once you apply a CA signed SSL you are then able to communicate using HTTPS. Without an SSL Certificate, browsers like Google will flag your site as not being secure, this includes your Portal site. The SSL certificate allows for a secure connection with users so that they can safely browse and interact with you.

There is a cost associated with getting an SSL signed by a CA. It is important to remember that SSL Certificates signed by a reputable CA establish trust.

View SSL certificate in IIS Manager (image credit: Esri Canada)
View SSL certificate in IIS Manager (image credit: Esri Canada)

Configure Identity Store, Then Federate

If you federate your Portal with your Server before configuring your identity store you are in for a permissions nightmare. When you federate, Portal’s security store takes over and controls all access to the server.

Without the Identity Store configured Portal doesn’t know who has permission to access your data. This is why it is important to configure the Identity Store first. It allows you to link users to your Portal without having to add them all manually.

Create the portal and ArcGIS Server sites (image credit: Esri)
Create the portal and ArcGIS Server sites (image credit: Esri)

Don’t Unfederate

There may be times when you need to unfederate. Like when you know a Server should no longer be federated to Portal. While upgrading Portal or Server it is strongly recommended that you don’t unfederate while doing the upgrade!

If you unfederate, hosted service items will remain in your Portal, even though they are disconnected from the corresponding service in Server. Members won’t be able to access, use, or share any of the items in Portal. Any existing services that you imported during federation will be removed from Portal and will no longer be available. Until you explicitly delete services using ArcGIS Server Manager or a similar program, the services will remain in Server.

Bonus Tip: Keep Notes About Your Deployment.

As you go through the steps for your deployment, keep track of what you are doing and how you are configuring things. You never know when you may need to start over or explain your configuration to someone. Having a cheat sheet for your deployment will make it easier to troubleshoot.

Need assistance with your next Enterprise deployment? Contact us for more information.

See Also:

Jr Solution Engineer

Michelle is a passionate and self-starting GIS professional looking to change the world with mapping. She works with our Enterprise team, supporting the daily operations of our GEOPowered Cloud.