漏洞
If an existing user is deleted from Portal for ArcGIS that is configured with Integrated Windows Authentication (IWA) users and groups with enableAutomaticAccountCreation set to true and refreshUserMembershipDuringLoginEnabled set to true, and re-added to the organization within a small amount of time, that user loses access to items that are previously shared through the existing enterprise group until some time or until a manual membership refresh is executed.
| 漏洞 ID 编号 | BUG-000120606 |
|---|---|
| 已提交 | March 7, 2019 |
| 上次修改时间 | June 5, 2024 |
| 适用范围 | Portal for ArcGIS |
| 找到的版本 | 10.6.1 |
| 操作系统 | Windows OS |
| 操作系统版本 | 2012 R2 |
| 状态 | Known Limit |
附加信息
This is a known limitation. If the administrator delete and add a user immediately, the administrator must wait an hour (not a whole day) before the permissions take effect. Since deleting and adding a user immediately is not a common user workflow in production, this issue is not addressed.解决办法
1. Run the Refresh Group Membership operation from the admin endpoint if this happens and the user will be able to see the shared content- https://webadaptordns.esri.com/portal/portaladmin/security/groups/refreshMembership
重现步骤
漏洞 ID: BUG-000120606
软件:
- Portal for ArcGIS
当漏洞状态发生变化时获得通知
发现关于本主题的更多内容
搜索相关信息
查找与此主题相关的培训
探索想法并提供反馈
获取来自 ArcGIS 专家的帮助
下载 Esri 支持应用程序