Jump to content


  • Posts

  • Joined

  • Last visited

Profile Information

  • Gender

tgilders's Achievements


Enthusiast (6/14)

  • First Post
  • Collaborator
  • Conversation Starter
  • Week One Done
  • One Month Later

Recent Badges



  1. Thanks LaRetta, That would work, the only catch is the user has to keep the actual security and the configured checkboxes in sync. My hope was that it would be possible to just run it from the actual security configurations. I thought maybe there was some technique I was missing to be able to do this. I also considered extended privileges, but that too seemed to be taking me down a redundant path as well. Not to mention the separation model posed some challenges there too.
  2. I would like to script some behavior based on the users ability to create, or not create, records in a table. I'm using native FileMaker security and would like the scripted test to use that as well to check, and not have to hard code access logic in the script evaluation. I know that I can attempt the create and see if its successful or not, but it would be nice to check for the access before actually trying to create the record. Yes, I could create and revert, but wondering if I'm overlooking a simpler way to test for an available command/action. -- Actual Use Detail -- The use case is a common popup dialog to search for contacts. If the user performs at least one search and their access is set to allow creation, then search/results dialog will automatically display a "Create Contact" button that allows them into that flow. If they find the Contact they're looking for and select it (or create a new one), the contact ID is returned back to the original calling function. If they do not have access to create, then they can only Search for existing contacts, and the interface will not give them the option to create. If it matters, i'm using the separation model, and the scripted test is in the UI file, while the security is defined in the data file.
  3. Thanks Vaughan, good point. I've done that before for very short-term databases that just need a few users instead of creating a new group in the AD domain. I would hope that at the hosting vendor they integrate the virtual client login (remote desktop or citrix) accounts into the domain using domain accounts, and can then setup the requested groups for the database external authenticaion (perhaps prefixing them with a client identifier). I think the only "issue", which is small, is that the hosting vendor will need to manage adding and removing the users from the groups. But overall this doesn't happen much, and we don't have very many users at this point.
  4. Thank you Steven. This was the answer I expected, but was hoping there was a technique or method that people are using that, while not perfect, has been generally accepted as reasonable for this case. I'm working with the hosting vendor and they are willing to work with me to try to get external authentication setup, which is great news. Since we're using virtual clients hosted on their servers, it's reasonable to expect that they can integrate external authentication as well since it's all on the same network, domain, etc... If this doesn't work out I think I will go with the option you describe where if something fails, the administrator will need to step in and see what went wrong and reset the user. I'm trapping and logging everything very robustly, the handling is definitely the complex part.
  5. Hi all, I have had the great fortune of always using External Authentication for managing users across multi-file solutions. I am now building a solution that will be hosted via a 3rd party cloud hosting provider. I've emailed them asking if they somehow support external authentication and the answer is no, unless we purchase a dedicated server. Which is what I expected. My question is, what is the best practice for managing local accounts across multiple files, specifically how to manage the case of first time login or password resets which force the user to change their password upon login. Keep in mind I'm not building "my own" login routines in any way. I'm using native FileMaker security and scripting the account creation and management using the script steps FMI provides us. My one sticking point is how to "expire" the password and handle the user interaction and change the passwords in the other files using the native FileMaker capabilities. What is the best/most secure way to solve this issue?
  6. Sorry if this is already known, but I couldn't find this information anywhere and stumbled upon it. FileMaker's KB says this: Importing/exporting directly to and from another FileMaker Pro file is not supported via a FileMaker Server scheduled script. However; I found that if you have a .fp7 file in the documents folder and attempt to import from it, the error that came back was 212 (Invalid user account and/or password; please try again). Even though I had matching account credentials in the files with full access, as well as running the scheduled script with the same full access account. What did work was when I modified the data source file (in the documents folder) to grant the Guest account full access, and set the file to open using the guest account [File-->File Options]. Now when I run the scheduled server-side import it works! Obviously not the ideal from a security standpoint, but interesting to know it’s possible.
  7. My first URL is incorrect in my post above. It was meant to be: http://fmforums.com/forum/showtopic.php?tid/175270/post/217456/ It seems I can no longer edit it. If anyone is interested, I currently have a thread on this topic going on FileMaker Forum located here: http://forum-en.filemaker.com/fm/board/message?board.id=us-fms&message.id=1849
  8. Hi Michael, Assign the field an object name and then use the "Goto Object" script step rather than trying to go to the field. Hope that helps!
  9. Does anyone know if there is a definitive resolution to the IWP "Unknown Error Number 13" problem, or if FM Server 10 has addressed this differently than FMS 8 and 9? (don't know if 7 was affected) Remarkably, I cannot find anything on FileMaker's Knowledgebase about this issue. These two threads are what I found here, the most comprehensive is from 2006! http://www.fmforums.com/forum/showtopic.php?tid/175270/ and http://www.fmforums.com/forum/showtopic.php?tid/193210/ I'm using FileMaker Server on Windows 2003 Server SP2 in a 2 machine configuration. (IIS and WPE together) We're also using the FMDataGuard audit logging plug-in which requires a calculated validation, which could be compounding the problem. (as the issue seems to be related to field level validation). Any information is greatly appreciated.
  10. Hi cxxxv, As I'm sure you're aware, FileMaker has a plug-in architecture that allows you to extend FileMaker to implement whatever functionality you desire/require. From what I understand, it sounds like you have an enormous opportunity here to crack open your favorite C++ IDE and create the functionality that we've all desperately been needing within FileMaker. I think you'll make quite a killing. Just think of how much revenue you'll make if you can sell just one license to each of the 10 million registered users of FileMaker Pro!
  11. I love the fact that there is progress, but I don't like the fact that I can't take advantage of v10 out of the gate, and must first redesign/reconsider my massive applications UI throughout. How hard would it have been to leave the old status bar as an optional "classic" setting to ease the transition for legacy systems?
  12. What about the Citrix server that is publishing the FileMaker 9 client? This is actually where the SSO is happening. We ran into this problem. One machine was 2003 Server w/SP2 and one w/SP3. SP2 worked fine and SP3 behaved exactly as you describe. We downgraded that server to SP2 and all was well again.
  13. Perhaps there is an "Exit Script" on the file being closed by the server that is forcing the close of the other files and/or application?
  14. I know you've indicated that IWP users have 'no way' to delete records, but the only other thing I can think of right now is to ask if the Status Bar is hidden and locked for IWP Users. If it's just hidden, a user can click to open it and potentially have access to a delete command. I just tested a file, and if the user doesn't have delete capability via access privileges, it 'grays out' the delete icon on the status bar. Perhaps check the web-publishing server logs to see if there is anything peculiar going on there as well.
  15. Hello swhaman, Welcome to the forum! I've created and attached a very basic example to search on an aged invoice. You would then just script your finds to search on the appropriate range. To find the oldest invoice in the range, you would just sort the invoices. For my attached example, just enter find mode and search on ranges in the "InvoiceAge" field such as 30...60 If you're building something more complicated than this (like a portal to view these, or to always show the oldest invoice outstanding via a relationship) then obviously something more sophisticated than this is needed. But perhaps this helps. Invoices.zip
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.