Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×
The Claris Museum: The Vault of FileMaker Antiquities at Claris Engage 2025! ×

external server authentication account works to enter Manage > Security, but not to save changes

ken_s2007
 Share

This topic is 2140 days old. Please don't post here. Open a new topic instead.

Recommended Posts

ken_s2007 Collaborator

ken_s2007

Posted
Posted (edited)

CLIENT:

macOS 10.13.6

FileMaker Pro Advanced 16.0.5.500

SERVER:

Windows Server  2012 RS

FileMaker Server v.17

I an external authentication account in the form of an AD account: "ken", FM group: "ken_group" [full access]. I also have a FileMaker File account "ken" with [full access], and it is lower in the authentication order.

I am able to use the external account to get into Manage > Security (which requires full access), but when I try to save changes with that account, I'm asked to "Sign in with an account that has full access privileges", but when I enter those same credentials, I'm told: "The account name and password entered does not match those for any FileMaker account."

This is true for all (a handful) of databases on the same server.

Update: Someone (outside of this forum) suggested I not have the FileMaker File admin account name the same name as the AD user. I added a new FileMaker File account "kenlocadmin", gave it [full access], saved, went back in and deleted the "ken" account, saved, closed the file, reopened it, and tried again, but get the same results.

Edited by ken_s2007
Fitch Grand Master

Fitch

Posted
Posted

It's not good practice to use EA for full access accounts. Use your local account for managing security.

Wim Decorte Grand Master

Wim Decorte

Posted
Posted

IIRC that is on purpose.  It is too easy to do domain spoofing if you use EA for full access accounts so it needs an internal FM account with full access to confirm changes in the manage security area.

ken_s2007 Collaborator

ken_s2007

Posted
  • Author
Posted (edited)

Seems odd to allow the EA account to open Security (it says full access is required), but not to re-auth to save changes. Another user of the system (with full access) can both open and save Security settings. For now, I'll continue to use the FileMaker File account. thanks

Edited by ken_s2007
Fitch Grand Master

Fitch

Posted
Posted

It's true, it doesn't make a lot of sense given that once in Manage Security, you could simply change the password of a full access account, or create a new full access account, and then authenticate with that when closing the dialog. All the more reason to not use EA for full access!

  • Like 1
Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

Externally authenticated [Full Access] Accounts--and that is a bad idea--are not allowed to validate changes to the Security Schema. This is by design.

 

Steven H. Blackwell

Platinum Member Emeritus, FileMaker Business Alliance

This topic is 2140 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept