Using a 10.0 .NET SQL Server security store in later versions
ArcGIS Server 10.0 for the Microsoft .NET Framework provided the option to store ArcGIS Server users and roles in a SQL Server security store. Users and roles were managed using the ASP.NET membership and role provider for SQL Server. To use a 10.0 SQL Server security store in 10.1 and later versions, follow the instructions below:
- Verify that the ArcGIS Server .NET Extension Support feature is installed on the machine hosting the server. You can do this by launching the ArcGIS Server setup program and checking the list of features selected for installation. To install the feature, do the following:
- Install Microsoft .NET Framework 3.5 Service Pack 1 (SP1) on the machine hosting ArcGIS Server. The .NET framework is available on the ArcGIS Server setup media.
- Re-run the ArcGIS Server setup program and enable the .NET Extension Support feature on the Select Features page.
- On the machine hosting ArcGIS Server 10.0, configure SQL Server to allow remote connections and enable the SQL Server Browser service.
For example, if you are using SQL Server 2005, follow the instructions in http://support.microsoft.com/kb/914277.
- Note down the following properties for the SQL Server instance:
- The name of the host machine
- The name of the SQL Server instance
- The name of the database containing the ArcGIS Server security store
- Create a JSON string containing the connection string to the SQL Server instance using the format below:
{ "type": "SQL_SERVER", "properties": { "connectionString": "Data Source=tcp:{HOST}\\{INSTANCE};Initial Catalog={DATABASE};{AUTHENTICATION INFO}" } }
The sample JSON below uses the following SQL Server connection parameters:
- SQLHOST: The name of the machine hosting SQL Server
- SQLEXPRESS: The name of the SQL Server instance
- ARCGIS: The database that contains the 10.0 .NET security store
- Integrated Security=SSPI: Indicates that Integrated Windows Authentication should be used to establish the connection
{ "type": "SQL_SERVER", "properties": { "connectionString": "Data Source=tcp:SQLHOST\\SQLEXPRESS;Initial Catalog=ARCGIS;Integrated Security=SSPI" } }
Note:
If you use Integrated Security in the connection string, you must run the ArcGIS Server service using an account that has administrative privileges on the host machine running the SQL Server instance.
The sample JSON below uses the following SQL Server connection parameters:
- SQLHOST: The name of the machine hosting SQL Server
- SQLEXPRESS: The name of the SQL Server instance
- ARCGIS: The database that contains the 10.0 .NET security store
- sa: A user id with access to the database.
- password: The sa user's password.
{ "type": "SQL_SERVER", "properties": { "connectionString": "Data Source=tcp:SQLHOST\\SQLEXPRESS;Initial Catalog=ARCGIS;User ID=sa;Password=password" } }
- On the machine hosting ArcGIS for Server, log in to the ArcGIS Server Administrator Directory. The URL is typically formatted http://gisserver.domain.com:6080/arcgis/admin.
- Navigate to security > config > testIdentityStore.
- Enter the JSON value from step 4 into the User Store Configuration and Role Store Configuration fields and click Test. Verify that you get back a Connection successful! confirmation message.
- In the Administrator Directory, navigate to security > config > updateIdentityStore.
- Enter the JSON value from step 4 into the User Store Configuration and Role Store Configuration fields and click Update.
- Log in to ArcGIS Server Manager and open the Security > Users page to verify that your 10.0 security store is being used.