Problem: Failed access to Portal for ArcGIS using a LDAP or Active Directory identity store
Using enterprise identity stores (such as a Lightweight Directory Access Protocol [LDAP] or Active Directory) to authenticate Portal for ArcGIS 10.2 fails to function.
The account used to authenticate against the enterprise identity store (Windows Domain/LDAP) is no longer valid, or the account’s password has been modified.
Solution or Workaround
- Stop running Portal for ArcGIS.
- In the appropriate drive, navigate to the ArcGIS > Portal > etc > portal-config.properties file. Open the file with a text editor.
- Edit the appropriate section of the portal-config.properties file:
- Edit lines 65 and 66 in the portal-config.properties file to reflect the correct LDAP user attributes and password for an account with read access to the LDAP database.
- Edit line 67 to change the idp.userpassword.encrypted flag to ‘false’ (no quotes).
For Windows/Active Directory
- Edit lines 75 and 76 in the portal-config.properties file to reflect the correct user name and password for an account with read access to the Windows identity store.
- Edit line 79 to change the idp.userpassword.encrypted flag to ‘false’ (no quotes).
- Restart Portal for ArcGIS.
- Verify users can access Portal for ArcGIS 10.2 using enterprise credentials.
- Once Portal for ArcGIS is restarted, the passwords for the user accounts used to read the identity store become encrypted.