Jump to content
View in the app

A better way to browse. Learn more.
FMForums.com

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

external server authentication account works to enter Manage > Security, but not to save changes

ken_s2007
in oAuth and External Server Authentication

Featured Replies

CLIENT:

macOS 10.13.6

FileMaker Pro Advanced 16.0.5.500

SERVER:

Windows Server  2012 RS

FileMaker Server v.17

I an external authentication account in the form of an AD account: "ken", FM group: "ken_group" [full access]. I also have a FileMaker File account "ken" with [full access], and it is lower in the authentication order.

I am able to use the external account to get into Manage > Security (which requires full access), but when I try to save changes with that account, I'm asked to "Sign in with an account that has full access privileges", but when I enter those same credentials, I'm told: "The account name and password entered does not match those for any FileMaker account."

This is true for all (a handful) of databases on the same server.

Update: Someone (outside of this forum) suggested I not have the FileMaker File admin account name the same name as the AD user. I added a new FileMaker File account "kenlocadmin", gave it [full access], saved, went back in and deleted the "ken" account, saved, closed the file, reopened it, and tried again, but get the same results.

Edited by ken_s2007

It's not good practice to use EA for full access accounts. Use your local account for managing security.

IIRC that is on purpose.  It is too easy to do domain spoofing if you use EA for full access accounts so it needs an internal FM account with full access to confirm changes in the manage security area.

  • Author

Seems odd to allow the EA account to open Security (it says full access is required), but not to re-auth to save changes. Another user of the system (with full access) can both open and save Security settings. For now, I'll continue to use the FileMaker File account. thanks

Edited by ken_s2007

It's true, it doesn't make a lot of sense given that once in Manage Security, you could simply change the password of a full access account, or create a new full access account, and then authenticate with that when closing the dialog. All the more reason to not use EA for full access!

    • Like 1

    Externally authenticated [Full Access] Accounts--and that is a bad idea--are not allowed to validate changes to the Security Schema. This is by design.

     

    Steven H. Blackwell

    Platinum Member Emeritus, FileMaker Business Alliance

    Create an account or sign in to comment

    https://fmforums.com/topic/104234-external-server-authentication-account-works-to-enter-manage-security-but-not-to-save-changes/
    Go to topic listing

    Important Information

    By using this site, you agree to our Terms of Use.

    I accept

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.