Before publishing a service, you need to create the GIS resource that the service will reference. GIS resources can be maps, globes, geodatabases, or address locators, and you always use ArcGIS Desktop to create them. When you first create a GIS resource, you'll save it on your local file system. Client applications will not be able to view the resource until you publish it as a service.
In many ways, creating a resource that will be used in a service is no different than creating an ordinary resource; you use the appropriate ArcGIS Desktop application, such as ArcMap, to select data for the resource and set your preferred properties. However, if you know that a resource will be published as a service, you'll want to follow these extra guidelines:
Each server object container (SOC) machine in your ArcGIS Server deployment needs to be able to access your GIS resource and all of the data it contains. For example, when you publish a map document as a service, the map document and all of the data for its layers must be accessible to all SOC machines.
When you save your data to a local path, for example "C:\data", and create a service from it, other SOC machines will not be able to work with the service unless they have their own copies of the data residing at "C:\data". Although loading an identical copy of your data into an identical path on each SOC machine can be beneficial for performance, it is not a practical solution for large or frequently-changing datasets.
The easiest way to make one copy of your data available to all SOC machines is to use the operating system tools to share the directory in which the data is stored. Shared directories are commonly referred to with Universal Naming Convention (UNC) paths, which contain the name of the server (for example \\myServer\data). When you use UNC paths to reference your data, all SOC machines will look to the correct machine for the data.
If you store your GIS resources in shared directories, remember that all data source paths within the resource must also use UNC paths or relative paths. For example, if your map document contains layers from three feature classes, the paths to those feature classes must be UNC paths or relative paths.
When you log into your own computer, the account name you use gives you access to all your files and folders on the computer. No one else can access your data unless you allow them to. The same holds true for your GIS data. In order for the GIS server—or more specifically, the SOC machines—to access your data, you must grant the SOC user account you specified during the GIS Server Post Installation access to it. Most likely, if you work for a large organization, your GIS data won’t be stored on your local computer, but instead will be stored on a shared network drive or in a geodatabase. However, the same principles of granting the SOC account access to the data apply.
If your data is file-based data, such as shapefiles and coverages, you’ll need to work with the operating system to set access to the folders that contain your data. The SOC account must have read access to the data. Here are three possible scenarios:
You should be aware of your operating system's security mechanisms and hierarchies. For example, if you are working from a shared directory in Windows XP, you will have to give the container account share permissions for the folder, then you will have to grant NTFS (file) permissions to the container account for the folder. If you do not grant both types of permissions (share and file) you will not be able to access the resource, since the operating system gives precedence to the more restrictive of the two.
When you create map and globe services that reference data from a geodatabase, you need to ensure that the server has the appropriate permissions to access the geodatabase. The type of permissions you need to grant depends on what type of geodatabase you are using and, in the case of ArcSDE, what type of authentication you are using to connect.
If your map or globe contains layers from a file or personal geodatabase, you should use the operating system to give the SOC Account read permissions to the folder containing the geodatabase.
The way you grant access to an ArcSDE geodatabase depends on whether the layers in your map use database authentication or operating system (OS) authentication to connect to ArcSDE. How can you tell which type of authentication is being used? If the geodatabase is ArcSDE Personal or Workgroup, it uses OS authentication. If the geodatabase is ArcSDE Enterprise, you can view the Connection Properties in ArcCatalog to find whether it uses database authentication or OS authentication.
If your map or globe contains an ArcSDE layer accessed using database authentication, you will need to save the connection information in the map or globe document. When you create a Spatial Database Connection in ArcCatalog with database authentication, you should check the option to save the username and password.
If your map or globe contains an ArcSDE layer accessed through OS authentication, you'll need to give the SOC account permissions to the geodatabase. The way that you do this varies depending on what type of ArcSDE geodatabase you are using:
Most types of resources have a list of best practices you can follow when preparing the resource for publishing as a service. For example, creating a cache, using scale-dependent renderers, or simplifying label placement preferences are things you can do to help your map services run faster. This help system contains a dedicated topic for each type of service you can create. See these topics for additional best practices.