PROBLEM
Members of enterprise groups configured with an enterprise identity provider (such as Active Directory) lose access to shared content, and appear missing from a group's member list.
Users may report the issue resolves itself within 24 hours, or after signing out and signing back in.
This is caused by the domain controller losing access to the enterprise identity provider and group store servers.
By default, Portal for ArcGIS is configured to refresh the enterprise identity provider and group store at 24-hour intervals, and upon user login. This re-establishes access to these servers, and resolves the issue.
To circumvent the default refresh interval, the following workarounds can be used to:
Force Portal for ArcGIS to refresh the enterprise identity provider and group store via the portaladmin endpoint
Note: Refreshing group membership may be time-consuming for organizations with large group structures. For better performance, refresh the membership of the affected enterprise users by navigating to Security > Users > Refresh Membership instead.
Force Portal for ArcGIS to refresh the enterprise identity provider and group store via ArcGIS API for Python
from arcgis.gis import GIS, admin # Sign in to Portal for ArcGIS using administrator credentials. gis = GIS('https://', 'DOMAIN\\USERNAME', 'ADMIN PASSWORD', verify_cert=False) groupManager = gis.admin.security.groups # List comma-separated STRING of groups. This is a requirement of the ArcGIS REST API, and must not be a Python list. groupList = 'GROUP1,GROUP2,GROUP3' # This command calls the ArcGIS REST API to refresh all groups within groupList. groupManager.refresh_groups(groupList)
from arcgis.gis import GIS, admin # Sign in to Portal using Portal for ArcGIS administrator credentials. gis = GIS('https://', 'DOMAIN\\USERNAME', 'ADMIN PASSWORD', verify_cert=False) userManager = gis.admin.security.enterpriseusers # List comma-separated STRING of users. This is a requirement of the ArcGIS REST API, and must not be a Python list. userList = 'user1,user2,user3' # This command calls the ArcGIS REST API to refresh all users within userList. userManager.refresh_users(userList)
Reconfigure Portal for ArcGIS to refresh the enterprise identity provider and group store at shorter intervals
Get help from ArcGIS experts
Download the Esri Support App