I recently defederate arcgis server then refederate arcgis server then all apps on arcgis online hub are broken !
Defederate arcgis server is dangerous, all layers link are broken. You have to fix each layer in each web map, it is a time consuming job. Don't do that unless you know what you are doing. I did it anyway, now I restore each layer by each layer. Now it is working.
https://opendata.laquintaca.gov/
Why I defederate arcgis server in the first place?
Because I want to change arcgis portal from physical machine name https://laqapp2.la-quinta.org to a DNS name https://portal.laquintaca.gov
Directly change the DNS alias used by the ArcGIS Enterprise deployment was not supported. From ESRI documentation:
"The configuration detailed in this topic must be performed before federating any ArcGIS Server site with your ArcGIS Enterprise portal. Adding a DNS alias or reverse proxy after an ArcGIS Server site has been federated with your portal is not supported. If you need to change the hostname in your organization URL, contact Esri Professional Services or another trusted consulting partner for guidance.
Integrate your portal with a reverse proxy or load balancer
Configure a portal to use a reverse proxy server
ESRI document
"The configuration detailed in this topic must be performed before federating any ArcGIS Server site with your ArcGIS Enterprise portal. Adding a DNS alias or reverse proxy after an ArcGIS Server site has been federated with your portal is not supported. If you need to change the hostname in your organization URL, contact Esri Professional Services or another trusted consulting partner for guidance.ArcGIS Server site has several significant consequences and is not easily undone. To learn more, see Administer a federated server." Source: https://enterprise.arcgis.com/en/portal/10.8/administer/windows/using-a-reverse-proxy-server-with-portal-for-arcgis.htm
My personal experience is:
My firewall/router was configured to direct inbound traffic on public DNS alias to one machine in local network (machine 1). Machine laqapp2 had a web adaptor configured for the ArcGIS Server site, a web adaptor configured for portal is on Machine 2 laqlaserapp2. When the public DNS alias was accessed externally, the ArcGIS Server REST directory was accessible, but the portal home page was not accessible. When attempting to access services through the services REST directory, the page failed to load because the portal could not be reached to complete authentication. So I configure ArcGIS Web Adaptor on machine 1 laqapp2 for the portal. I encountered an issue when trying to configure the web adaptor:
Error 2878: On the dialog WebSiteList, the control ListBox1 has a possible value: Default Web Site, 443, 1. This is an invalid or duplicate value.This was occurring because I had multiple bindings for port 443 within IIS. I were able to temporarily remove one of the bindings, install the web adaptor, and add the binding back with the same settings and certificate. I used this technical article as a reference: https://support.esri.com/en/technical-article/000012091.
I were then able to configure the web adaptor for arcgis portal.Afterward, I can access the published services in the ArcGIS Server site without encountering any error messages. However the services were prompting for a portal sign-in when accessed. This was happening because when I re-federated the server, the services became owned by the my account used during federation. I then login with the portal administrator account used for federation. Afterward, I can navigate to the content tab and share the any map services with public. So far the services were no longer prompting for a portal login when accessed, and I can successfully accesse and add new web maps.