We have AD based External authentication working however I have a question about our mac clients and using shortnames vs longnames.
Some server details:
We're using server 2008 R2 based AD domain controller.
We're using FMServer 12 Advanced running on a separate Windows 7 Enterprise VM.
Our FMServer is a domain member.
We haven't configured LDAP (yet)
Test database has a external auth group titled "staff"
We have an AD Group in "Users" titled "staff"
Our clients details
Windows clients are running Windows 7 Enterprise and Filemaker Pro 12 client
Windows Clients are bound directly to the domain and are signed in using AD accounts
Mac clients are running mountain lion 10.8 and are using FM Pro 12 Client
Mac clients are bound to the AD domain only.
Mac clients are signing in using AD accounts
Ok so the Windows clients are achieving perfect SSO. When we open our test DB we're not even prompted with a login screen, instead we are taken straight to our database and the assigned permissions are perfect.
On the macs however success is somewhat limited. When we attempt to login, we are presented with a login prompt. If the user keys in their shortname ("exampleuser") they can login sucessfully and they get the expented permissions. However If they try to use their full name (Example User) they are denied access and presented with the standard "account and password are not correct" dialog box.
We are in the process of migrating 100+ users from using internal auth to External auth and I'd rather not have to reconfigure 100+ client desktops. Our staff are used to keying in their full names. Why can't we log in using the full name on Mac clients bound to the AD?