SAML Azure AD

[widsuoids]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request

Module Version

4.1.0

Question

Is it possible to configure SAML (Azure AD) https://github.com/Esri/idp using arcgis powershell dsc?

[cameronkroeker]

Hi @widsuoids,

The PowerShell DSC ArcGIS Module does not support configuring SAML authentication with ArcGIS Enterprise, and isn't on the current or immediate roadmap.

From my understanding there are two main steps; configuring ArcGIS metadata with the Idp, and configuring the Idp metadata with ArcGIS. Often times the ArcGIS metadata may need to be uploaded into the Idp first before configuring ArcGIS with the Idp metadata, however ArcGIS needs to be installed/configured in order to obtain the metadata.

This presents a challenge with how the module is currently constructed, and would require a disruption in the automation workflow (for example, once ArcGIS Enterprise is installed/configured, there would need to be a manual step of downloading the ArcGIS metadata.xml and upload into the Idp, before configuring ArcGIS Enterprise with the Idp metadata.)

Thanks, Cameron K.

[pcsswamin]

@cameronkroeker - Could this functionality be considered for a separate mode rather than part of the installlicenseconfgure or install mode with some clear prerequisites? As you know, many of us are trying to get to an idempotent fully automated installation and the SAML configuration now presents a significant hurdle in progressing towards that goal.

[cameronkroeker]

Hi @pcsswamin,

This is something we will take into consideration, and will continue evaluating all possible or viable solutions.

Thanks, Cameron K.