Jump to content

External Authentication in Mixed Environment


This topic is 5399 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies

We are experiencing some unusual authentication issues. Our setup includes:

- Windows 2003 domain

- Using Active Directory with two Domain Controllers running Windows Server 2003 Standard

- One FMSA10 (10.0.1.64) machine is running Windows Server 2003 Standard

- A second FMSA10 (10.0.1.64) machine is running Mac OS X 10.5.7 Server.

- Client machines are running either Mac OS X 10.4.11 or 10.5.7.

The issue we have is that members of the fmsadmin group in Active Directory are not able to log into any hosted Filemaker database on FMSA10 running on Mac OS X 10.5 Server. When trying to do so you receive the, “The account and password you entered cannot be used to access this file. Please try again.” Members of the fmsadmin group are able to access files on the FMSA10 machine on the Windows 2003 Server.

If we move a member of the fmsadmin group into another FMS group in Active Directory, they are able to authenticate and access the database. If I move that same person back into the fmsadmin group then they are again unable to authenticate and access the database. Maybe this is related, or not but... Members of the fmsadmin are able to access the Server Admin Console on both FMSA10 servers as enabled that option.

Is this, somehow, expected behavior?

Link to comment
Share on other sites

Strange, to say the least, but not totally unexpected. Cross platform authentications of this type are always challenging.

First thing, be sure that the fmsadmin group is actually enabled for network access in the files hosted by the Macintosh OS Server. BTW, if that is 10.5.7 that OS is not certified for FMS 10.

Second, be sure that the Macintosh OS FMS machine is properly bound to the AD domain. This cannot be done automatically; you must select the domain controller in the NetInfom set up.

Please keep us posted about this.

Steven

Link to comment
Share on other sites

  • Newbies

First thing, be sure that the fmsadmin group is actually enabled for network access in the files hosted by the Macintosh OS Server. BTW, if that is 10.5.7 that OS is not certified for FMS 10.

The fmsadmin group is enabled in all the files and we know it works because fmsadmin users can access files on the Windows FMSA10 server.

Second, be sure that the Macintosh OS FMS machine is properly bound to the AD domain. This cannot be done automatically; you must select the domain controller in the NetInfom set up.

Please keep us posted about this.

The Mac FMSA10 computer is properly bound to the network and displays correctly in AD. As we noted, the other six (6) "fms" groups we created in AD for FileMaker authenticate correctly on the Mac server, just not fmsadmin.

Link to comment
Share on other sites

check the local FMS machine and delete the existing fmsadmin group there. FMS on OSX will always follow the authentication tree so it will start looking on the local machine first before asking the AD. So if it finds a local fmsadmin group there it will check that group's membership and not ask the AD.

Link to comment
Share on other sites

This topic is 5399 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.