Out of the box, ArcGIS Server only allows the primary site administrator access to the server. To allow a user in the Identity store to access ArcGIS Server, you will need to define that user's level of access to ArcGIS Server.
ArcGIS Server controls access using a role-based access control model. In a role-based access control model, access is always granted to a role and a user inherits a role's access permissions by becoming a member of that role. You will need to have at least one user and one role in your Identity Store before you can configure access to ArcGIS Server. To add users, see Managing users. To add roles, see Managing roles.
To define ArcGIS access permissions for a role, follow the steps below:
- In ArcGIS Server Manager, click the Security tab and open the Roles page.
- To select a role, click the edit icon corresponding to that role.
- Choose one of the available role types. The role type controls access to the ArcGIS Server site and permissions to perform
administrative and publishing functions. A role can be one of three types:
- Administrator: The Administrator role type is given unrestricted access to ArcGIS Server administrative components and functions. Members of a role with the role type set to Administrator can log in to ArcGIS Server Manager, the Services Directory, and the Administrator Directory with access to all features and functionality. They can add or remove machines from the site, configure security, and so forth. This role type should be restricted to roles that perform ArcGIS Server site administration.
- Publisher: The Publisher role type is given limited access to ArcGIS Server administrative components and functions. Members of a role with the role type set to Publisher can log in to ArcGIS Server Manager and the Administrator Directory with access to only the service and log management features. They can publish new services, manage existing services, and generate map caches. They cannot configure or change ArcGIS Server security options but can manage permissions for services. This role type should be restricted to roles that publish and manage ArcGIS web services.
- User: The User role type is restricted from accessing ArcGIS Server administrative components and functions. Members of a role with the role type set to User cannot access ArcGIS Server Manager or the Administrator Directory. They can only use or access a service, provided that permission has been granted to their user accounts to access it. This role type should be used for users who will consume GIS web services through the ArcGIS web APIs. Each role is set to type User by default.
- Click Save to apply your changes.