User Store

The user store or the identity store is a repository of user accounts and credentials. ArcGIS Server connects to the user store to authenticate a user requesting access to a resource.

In addition to connecting to your enterprise user store such as Windows Domain or any other directory service that supports an LDAP interface, ArcGIS Server also ships with a built-in storage mechanism where you can create your user accounts.

ArcGIS Server requires you to configure a user store while setting up security on your site.

Response properties

LDAP PropertiesDetails

ldapURLForUsers

The LDAP URL pointing to the user accounts.

Example

Use dark colors for code blocksCopy
1
ldap://server:389/dc=mydomain,dc=com???(|(objectClass=userProxy)(objectClass=user))?

memberOfAttributeInUsers

The attribute of the user entry that contains role information.

Example

Use dark colors for code blocksCopy
1
memberOf

usernameAttribute

The attribute of the user entry that is to be treated as the username.

Example

Use dark colors for code blocksCopy
1
name

adminUser

The administrative account to the LDAP that has at least read access.

Example

Use dark colors for code blocksCopy
1
cn=admin,cn=users,dc=mydomain,dc=com

adminUserPassword

The credentials for the administrative account.

Example

Use dark colors for code blocksCopy
1
secret

WINDOWS PropertiesDetails

adminUser

The administrative account to the LDAP that has at least read access.

Example

Use dark colors for code blocksCopy
1
cn=admin,cn=users,dc=mydomain,dc=com

adminUserPassword

The credentials for the administrative account.

Example

Use dark colors for code blocksCopy
1
secret

CUSTOM PropertiesDetails

class

The fully qualified name of the Java class that implements custom access to the user store.

Example

Use dark colors for code blocksCopy
1
com.myorg.userstore.DBUserStore

...

Any custom properties that are required by your class.

JSON Response syntax

Use dark colors for code blocksCopy
1
2
3
4
{
  "type": "<BUILTIN | WINDOWS | LDAP | CUSTOM>",
  "properties": "<properties>"
}

JSON Response example

The JSON representation of a connection to LDAP:

Use dark colors for code blocksCopy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
{
  "type": "LDAP",
  "properties": {
    "userPassword": "secret",
    "isPasswordEncrypted": "false",
    "user": "uid=admin,ou=system",
    "userFullnameAttribute": "displayName",
    "userGivenNameAttribute": "givenName",
    "userSurnameAttribute": "sn",
    "ldapURLForUsers": "ldap://ldapserver:10636/ou=users,ou=ags,dc=example,dc=com",
    "userEmailAttribute": "mail",
    "usernameAttribute": "uid",
    "caseSensitive": "false",
    "userSearchAttribute": "dn",
  }
}

The JSON representation of a connection to Windows Domain users:

Use dark colors for code blocksCopy
1
2
3
4
5
6
7
8
9
10
11
12
13
{
  "type": "WINDOWS",
  "properties": {
    "userPassword": "secret",
    "isPasswordEncrypted": "false",
    "user": "mydomain\\winaccount",
    "userFullnameAttribute": "displayName",
    "userEmailAttribute": "mail",
    "userGivenNameAttribute": "givenName",
    "userSurnameAttribute": "sn",
    "caseSensitive": "false"
  }
}

Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.