How To: Administer ArcGIS Server on Unix using a Windows Domain for authenticating accounts


Instructions provided describe how to configure ArcGIS Server on Unix to use a Windows Domain for authenticating user accounts.


ArcGIS Server running on Unix supports user authentication using a Windows Domain.

At 9.0.1 and 9.1, the Server on Unix authenticates its users using the RemoteSA service running on Windows. This service can typically be run on a standard Windows machine that may or may not be the Primary Domain controller for the Windows¡¯ domain. Users specify the IP address of the machine running this service, its hostname and the shared password associated with this service when running the ArcGIS Server post install.

This article addresses cases where the RemoteSA service is set up on a Windows machine that is not the Primary Windows Domain controller itself and domain user accounts are used instead of local user accounts.

In this case, to allow DOMAIN users to administer and access the Unix Server perform the following:

  1. During the ArcGIS Server Post Install, at the DCOM Security settings panel, set the PDC Hostname property to the Domain name.
  2. Set the IP and password to match the IP and shared password of the Windows¡¯ machine running RemoteSA.

    This allows anyone that uses domain accounts to access and administer the Unix SOM machine, provided these accounts exist as NIS or local accounts on UNIX with the same username and password and belong to the agsusers and agsadmin groups on the SOM machine.

    Only one domain can be specified as PDC Hostname. If a Domain does not exist, the input string is resolved as the machine name.