Jump to content

Simple Ext. Authentication Fails


This topic is 3363 days old. Please don't post here. Open a new topic instead.

Recommended Posts

FMS13v0.3 running MacOS Mavericks 10.9.5.

hosted file = FMServer_Sample (as shipped, just added priv set and group)

on FMS13 Security tab  Client Authentication = Filemaker and External Server accounts.

 

OS user, fm_user, is a member of fm_group created by OS Users and Groups (there is no Domain Controller).

new group defined in file, fm_group and is set to authenticate via: External Server

 

new privilege set named "fm_group" assigned to fm_group and is set to Access via FileMaker Network

 

Cannot login to FMServer_Sample using account fm_user.

 

Can login to Mac (FMS) using account fm_user.

 

Help requested, Barbara

Link to comment
Share on other sites

Strange.  You've correctly run through most of the check points.

 

Several items:

 

1. Maybe try updating to Server 13.0v5.  See http://thefmkb.com/13886

 

2.  Double check that there are no leading or trailing spaces in the Group names, both in the file and on the Server.

 

3.  Restart the fmsadmin server.  And for good measure reboot the server machine as well.

 

Please let us know how this goes.  If there is a problem, we need to let FMI know.

 

Steven

Link to comment
Share on other sites

I've just replicated the exact same setup as you Barbara:

 

OSX 10.9.5 for FMS, FMS13v4

local group fm_group, user fm_user added to it

Sample file configured with this fm_group external account

 

From another machine I can log into the sample file with the fm_user account.

Everything works as expected.

 

When you created the group, did you select "group" at the bottom of the pick list or something else?

Link to comment
Share on other sites

Thank you for stopping by! I had hoped one of you would take an interest in my problem -- but both of you!!

 

Steven, reboot didn't solve anything, and I double-checked for trailing spaces.

Wim/Steven, I'm not on 13v4, but I'll run that update next and report back.

 

"When you created the group, did you select "group" at the bottom of the pick list or something else?"

Not sure what pick list you're referring to? This is not Server OS, just the standard Users & Groups in OS X 10.9.5.

Link to comment
Share on other sites

Updated! No joy.

 

FMS13.0v5.520

Java 7 update 71

 

I know I must be missing a checkbox somewhere! Here are some screen shots that I hope will help.

 

btw: I have changed the password for fm_user each time just to be certain that I am entering the correct one, "temp1234".

 

post-62904-0-73164000-1421066218_thumb.p

post-62904-0-66666300-1421066261_thumb.p

Link to comment
Share on other sites

This is the regular group I mentioned.  My test OS was also just regular OSX, not OSX Server.

 

The only other thing I changed in the sample file was:

- disable auto-login with Admin

- set the fm_group higher in the authentication order than the Admin account

 

When it fails, what message do you get?

 

 

post-57725-0-08812800-1421066696_thumb.p

Link to comment
Share on other sites

Yes, Wim, I did select Group in the popup menu.

 

I had disable auto-login as Admin. I moved fm_group higher in the authentication order than Admin. Still cannot login as fm_user. (can login as Admin, obviously).

 

Oh, and by the way, I've tried the login from another iMac and just launching FMA13 on the iMac that is running as FMS. If it matters at all, this is my TechNet FMS13 license. (no one else is logged in).

post-62904-0-33042300-1421069168_thumb.p

Link to comment
Share on other sites

this may be a clue:

 

The fm_group privilege set that is assigned to the fm_group account, is set to not allow a user to change their password. And yet, the Change Password button is available on the dialog. Well, I suppose at this point, FM has no idea what the current priv set is. In fact, that is established during authentication. Hmm...this ability to change password seems to be an issue, though.

Link to comment
Share on other sites

I wouldn't think that it could, Wim. Here's what I see in Users & Groups. I don't see how to turn off the Change Password in the FM account login. The priv set does not allow it.

post-62904-0-18441400-1421077248_thumb.p

Link to comment
Share on other sites

No, Wim, it was not.

 

Here's something that may be the culprit. The mac now serving the files is my old iMac. Got a new one for Christmas! Restored from Time Machine to the new Mac. Could the DNS settings be messed up bcs the two macs are so closely related?

Link to comment
Share on other sites

I deleted my user and group and added a new user and group (with different names than the original). It works!

 

The only thing that I could think it could have been, is that I had created the user and then changed the user name. When I went to Advanced Settings in Users, I could see that the DNS entry had the wrong home directory (one with the old user name "fmtest").

Link to comment
Share on other sites

That could be the old OSX confusion between short user name and long user name.  When you changed the OSX user name you probably only changed it in one place?  EA on OSX works best when using the short user name.

 

Windows does not have that kind of distinction.

Link to comment
Share on other sites

This topic is 3363 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.