Unable to register with Portal. The remote server returned an error: (401) Unauthorized.

[MantalopePG]

I am working through the process of installing ArcGIS Enterprise with Chef and the program is failing at: “Configure Web Adaptor with Portal” I am getting the error: “Unable to register with Portal. The remote server returned an error: (401) Unauthorized.” I noticed in the output the following: Files\ArcGIS\WebAdaptor\IIS\10.7.1\Tools\ConfigureWebAdaptor.exe" /m portal /w "https://PC187.csnt.princegeorge.ca/portal/webadaptor" /g "https://PC187.csnt.princegeorge.ca:7443"

We have a valid CA signed wildcard certificate, however, I think the subdomains may be the root cause of the issue. Can anyone confirm this or offer possible solutions? Thanks

[Nickolaitc]

Hey @MantalopePG,

The error you have provided is not providing a username/password (unless you had removed these). If the username/password was in there, can you confirm these are the same used for deploying your Portal?

Are you able to manually access the Web Adaptor configuration via a Browser and configure it with Portal?

[MantalopePG]

I did strip out the username and password. When I go to register the portal manually I hit the expected page that says: A server is not configured with your Web Adaptor A portal is not configured with you Web Adaptor When it says which component to you want to configure with your Web Adaptor? If I choose ArcGIS Server, it directs me to an ArcGIS page that looks correct however if I choose Portal for ArcGIS it redirects me over to the Windows Admin Center

[Nickolaitc]

Thank you for getting back to me @MantalopePG we definitely should not be sent to Windows Admin Center when we select Portal.

When running the chef role, did we enable the run_list "recipe[esri-iis]"? Is the system we are deploying Enterprise on already have IIS enabled and configured? Do we have a 443 binding enabled in IIS?

[MantalopePG]

Hey Nickolaitc, Thanks for your help on this, I am running this on a brand new virtual server. The Recipe[esri-iis] ran with no issues and all the bindings look correct to me although I am admittedly no expert on IIS

Since our cert is for *.princegeorge.ca do you think my initial guess of the issue being the subdomains i.e. PC187.csnt.princegeorge.ca could be the problem or is it likely something else?

[Nickolaitc]

Hey @MantalopePG the bindings do look proper. The certificate from first glance does not appear to be questionable. Could you perhaps provide us a screenshot of the web adaptor when you select "Portal" and hit next (so we can see this re-direct)?

Also, could you open the "Authentication" tab on the "Default Web Site" in IIS and confirm Windows Authentication is disabled and Anonymous is enabled?

[MantalopePG]

Here's what happens when I go to configure the web Adaptor

when choose the radial button for portal it tries to go to: pc187.csnt.princegeorge.ca/portal/webadaptor/portal but I end up here:

windows Authentication is disables and Anonymous is enabled

[Nickolaitc]

@MantalopePG Okay so when you selected the "ArcGIS Server" option, in reality, it still utilizes "localhost", but, with Portal it will redirect to the hostname/portal/webadaptor. The issue here is it appears perhaps your IIS is directing pc187.csnt.princegeorge.ca to the Windows Admin Center.

If you select the "ArcGIS Server" option and hit next and then manually change "localhost" to be the hostname, you could very well see this same behavior.

At this point, I do not believe this is an actual Chef issue, but an IIS/Windows Admin Center issue.

[MantalopePG]

OK thanks for your help anyways

[Nickolaitc]

@MantalopePG We could connect if you would like to provide me your email or you can have a case created with Esri Technical Support.