Managing GIS Server user accounts on Linux/Solaris

Release 9.3 E-mail This Topic Printable Version Give Us Feedback

ArcGIS Server has different levels of user accounts.

User management of ArcGIS Server on Linux/Solaris is different from ArcGIS Server on Windows at the OS level user accounts and Local GIS Server users. This chapter is focusing on these two levels.

Content

Diagram of ArcGIS Server user accounts on Linux/Solaris.

The following diagram describes the OS level user accounts and Local GIS Server usersof ArcGIS Server on Linux/Solaris:

OS level user accounts - Accounts used by ArcGIS Server at OS level.

Local GIS Server users - For local connections

For local connections, ArcGIS Server on Linux/Solaris handles requests and responses in a secure environment as described in the diagram below:

ArcGIS Server on Linux/Solaris has an embedded Sun Directory Server which gets installed with the Server Object Manager (SOM) component. The ArcGIS Server uses this directory server to maintain a repository of users that can access the ArcGIS Server over a local connection.

There are two levels of user access: user (that belongs to agsuser group) and administrative (that belongs to agsadmin group). At runtime, when a user request comes into the system, the SOM uses the directory server to authenticate the user and determine what user group the user belongs to, agsusers or agsadmin. It then maps the user to the appropriate OS-level account. The request is either accepted or denied based on the user's membership in either of these accounts.

Local GIS Server user lists

Local GIS Server users are managed and maintained by the SOM. These are not OS-level accounts. You can manage these users through ArcGIS Server Manager.

Managing Local GIS Server users in Manager

In Manager, you can manage these user accounts and assign them to either the User (agsadmin) or Administrator (agsusers) user groups for access to ArcGIS Server.

In ArcGIS Server Manager, navigate to the Local GIS Users page in Manager by clicking the GIS Server tab and clicking on Local GIS Users in the left-hand panel.

To add a new user account, click on Add Users. Here you can also define the group that the account belongs to.

To remove a user, in the User list page, click on the checkbox next to the user or users you wish to remove and click "Delete".

To edit a user account, click the Edit button for the account you wish to edit and change the password, name, and/or user group.





Importing and exporting Local GIS Server users on Linux/Solaris

ArcGIS Java Server for the Linux/Solaris platform includes a Sun One Directory Server which gets installed with the Server. ArcGIS Server uses this directory server to maintain a repository of users that can use and manage ArcGIS Server over a local connection. When ArcGIS Server is uninstalled, the directory server is wiped clean and all user information gets deleted.

If you want to maintain this user list across multiple ArcGIS Server instances (or ArcGIS Server releases), you need to export your users list from ArcGIS Server into a text file. The users listed in this text file can then be imported into any deployment of ArcGIS Server for the Java Platform that has these tools available.

You can also leverage this functionality to maintain a backup of Local GIS Server users or replicate user information across several instances of the Server.

The tools to import and export Local GIS Server users

ArcGIS Server Java 9.3 for Linux/Solaris includes a tool driven by a shell script called "import_export_users.sh" located at <ArcGIS Server Installation Directory>/arcgis/scripts. This tool enables you to export Local GIS Server users to a text file. These users in a text file can then be imported into any instance of ArcGIS Server for the Linux or Solaris platform using the same tool. This tool is available only for SOM installs.

ArcGIS Server Java 9.3 includes additional utility tools that help you export users from a Windows machine into a text file (by running these additional tools on a Windows machine). The users in this text file can then be imported into ArcGIS Server for Linux or Solaris using the above mentioned "import_export_users.sh" script. The additional utility tools include a GUI-based and a console-based application to export your Windows users and is located at <ArcGIS Server Installation Directory>/arcgis/servercore/agsidsvr/import_export_users/windows

How to import and export Local GIS Server users on Linux/Solaris

You can run the script "<ArcGIS Server Installation Directory>/arcgis/scripts/import_export_users.sh". If you run the script without any input parameters, it will print the tool usage.

How to export Windows users and import them into ArcGIS Server for Linux/Solaris

ArcGIS Server for Linux/Solaris includes additional tools that can be used to export Windows users. These tools for windows are installed under <ArcGIS Server Installation Directory>/arcgis/servercore/agsidsvr/import_export_users/windows. Though these tools are included in the Linux/Solaris installs of ArcGIS Server, they are to be run on a Windows machine.

The logs files

The log files are created during the import/export operation. The log maintains the users that were successfully imported or exported or any errors that occurred during these operations.

By default, the logs files are maintained at <ArcGIS Server Installation directory>/arcgis/server/user/logs. Each log file name includes a timestamp that indicates when the log file was created.

You can choose to put the log files into a different location by using the '-o' option in the 'import_export_users.sh' script.

You can turn off logging by using the '-n' option.

Log file example:-