Support Server role "Federated Server With Restricted Publishing"

lorenzmeyer77 commented 2 years ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request

Module Version

3.2.0

Affected Resource(s)

ArcGIS_Federation

Configuration Files

# Copy-paste your DSC JSON configurations here - for large configs,
# please use a service like Dropbox and share a link to the ZIP file.

Currently no config available for server role "federated server with restricted publishing"

Expected Behavior

Configure a federated server with restricted publishing rights and the servers is federated with this role.

Actual Behavior

Currently it is not possible to configure the server role "Federated Server With Restricted Publishing". Only "HOSTING_SERVER" or "FEDERATED_SERVER" is supported

Steps to Reproduce

Important Factoids

References

lorenzmeyer77 commented 2 years ago

@scma-esrich

pfoppe commented 2 years ago

We also have this requirement. We did test setting this manually after the PSDSC execution. Unfortunately what happens during a subsequent run it will set it back to the "FEDERATED_SERVER".

...then we would manually set it back to "Federated Server With Restricted Publishing" but what happens is that it creates a second set of server publisher and server administrator items (duplicates). These items cannot be deleted through the portal GUI (but we did find a work around through the AGO Assistant tool).

Lastly, another important nugget of info is that there is an Esri BUG where setting up 2 federated servers with restricted publishing that are hosted at the same domain - https://support.esri.com/en/bugs/nimbus/QlVHLTAwMDEwOTYyMw== EX - https://www.example.com/server1/rest/services & https://www.example.com/server2/rest/services

Our implementation around this is to manually create a group for the publishers and share the server publisher item with that manually created group. Not saying PSDSC needs to fix this issue, however its a known bug that the second server group does not get created. The groups and items are also not named very uniquely in this situation.

Thanks

cameronkroeker commented 2 years ago

@pfoppe and @lorenzmeyer77 the latest release of the ArcGIS Module, v4.0.0, now supports federating additional servers with restricted publishing.

Use the following attribute in your json config file:

ConfigData.Federation.RestrictedPublishing = true.

Example:

"Federation": {
      "PortalHostName": "portalwebadaptor.domain.com",
      "PortalPort": "443",
      "PortalContext": "portal",
      "PortalAdministrator": {
            "UserName": "portaladmin",
           "Password": "portaladmin"
       },
      "RestrictedPublishing": true
}

Esri / arcgis-powershell-dsc