Jump to content

Add Account Function -

Jim Gill

By Jim Gill,
in Security Concepts

 Share Followers 2

Recommended Posts

Jim Gill

Jim Gill 4

Posted
Posted

Hello All,

I have a very old script (fmp 10?) that creates User Accounts and assigns Privilege Sets.  The users are then able to Login via WebDirect (primarily).  The Add Account function is used with the following parameters:

Add Account [ Account Name: _Parent Data::Parent1_Email_TrimAndRemoveReturns; Password: _Parent Data::
Parent1_WebPassword; Privilege Set: Web_User ]
[ Expire password ]

The Password is temporary (for first login only) that is randomly generated via Custom Function.   Users are required to change their password on first login.  

The account is created but for some reason the user cannot Login via Webdirect or Client (Invalid Account/Password).  I checked the privilege sets and they all check out.  I can manually change the password form the Security Console and require a new password - and everything works as expected.   Again this script worked for years - we typically only create accounts in the fall - so if there has been a major security update or some other new requirement  that would throw a wrench in the works - well, hoping you all can help me out.  

Thank you in advance!

Jim

Link to post
Share on other sites
bcooney

bcooney 143

Posted
Posted

Is an account actually created and enabled?

 

Is Access via FileMaker Network (fmapp) checked?

As for access via Webdirect...does the priv set you're assigning have this setting checked?

 

image.png

Link to post
Share on other sites
Jim Gill

Jim Gill 4

Posted
  • Author
Posted
Quote
On 9/30/2020 at 4:17 PM, bcooney said:

Is an account actually created and enabled?

 

Yes - Account is created and enabled.  

 

On 9/30/2020 at 4:17 PM, bcooney said:

Is Access via FileMaker Network (fmapp) checked?

Permissions/Extended Privilege's sets are correctly enabled - again - if I reset the password for the newly created account - the user is able to login in both WebD and fmapp. 

Link to post
Share on other sites
bcooney

bcooney 143

Posted
Posted

What happens if you drop the use of the custom function and test with a known password as the default?

Link to post
Share on other sites
Jim Gill

Jim Gill 4

Posted
  • Author
Posted

In the Add Account Function  -> Password, I place a default, temporary (user has to reset pw on login), password of "camp1234" - notta - Still getting "authentication failed on database".  If I reset the password for the account (Security Console) everything works as expected.   

I added Reset Account Password  (with the Custom Function pw generator) immediately following Add Account function in my script -  everything works as expected.    While this is a temporary "fix" - something is really weird - I can't find anything on the web about this sort of behavior.   @bcooney I see you are a moderator - perhaps try moving me over to Security Concepts?   Not sure if anyone has had this issue.   Thanks for your efforts here!  Jim

Link to post
Share on other sites
  • 2 weeks later...
Jim Gill

Jim Gill 4

Posted
  • Author
Posted

Mainers are really having a hard time with this social distancing thing - we are not use to being so close to so many people.  Had to take a break and head for the north woods for a couple of weeks.  I was hoping for some insight on this one.  Is this a bug?  Can anyone reproduce this behavior or is it just me?  Thanks in advance!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Followers 2
Go to topic listing

  • Similar Content

    • Tony Diaz
      Scripting to Create Record Only if Value Does Not Exist?
      By Tony Diaz
      I'd like to add a condition to this to not do it if "id" already exists in the table:
       
      Set Field [ Moby_Countries_Values::ID ; JSONGetElement ( $record ; "id" ) ]
      So that value, 'id' is embedded within the blob that I'm parsing already. In that loop some of the array sets may exist, others many not already.
       
      If [ not IsEmpty( $countries ) ] Set Field [ ISBN::JSON_VariableView1 ; $countries ] Set Variable [ $Cover_Group_ID ; Value: ISBN::ISBN_ID ] Set Variable [ $n ; Value: ValueCount ( JSONListKeys ( $authors ; "" ) ) ] Freeze Window Go to Layout [ “ISBN_Meta” (ISBN_Meta) ; Animation: None ] Loop Set Variable [ $i ; Value: $i + 1 ] Exit Loop If [ $i > $n ] New Record/Request Set Field [ Moby_Countries_Meta::Cover_Group_ID ; $Cover_Group_ID ] Set Variable [ $record ; Value: JSONGetElement ( $countries ; $i - 1) ] Set Field [ Moby_Countries_Values::Name ; JSONGetElement ( $record ; "name" ) ] Set Field [ Moby_Countries_Values::Description ; JSONGetElement ( $record ; "desc" ) ] Set Field [ Moby_Countries_Values::ID ; JSONGetElement ( $record ; "id" ) ] End Loop Go to Layout [ original layout ; Animation: None ] End If  
      Because afterwards I'll do:
      Set Field [ Moby_Countries_Meta::ID ; JSONGetElement ( $record ; "id" ) ]
      ...and it will relate to the just added / or already now existing record.
    • mvoogt
      Sending email from INSERT FROM URL is going to spam folder
      By mvoogt
      I have started sending emails using the INSERT FROM URL method shown by soliant here:
      https://www.soliantconsulting.com/blog/html-email-filemaker/
      Emails are being sent out but many recipients seem to be getting my emails sent to their spam folders. I'm curious if this has anything to do with this method of sending emails.
    • Joost Miltenburg
      Record Access working local, not while hosted
      By Joost Miltenburg
      Hi All,
      I added security to limit the DataAPI user from accessing certain records, with the limited option. I tested this while running these files on my HD no server. Worked like a charm. After moving the files to FMServer the DataAPI account can access all record in the table all of a sudden.
      Any thoughts as to why this is happening?
      Kind regards,
      Joost
    • Stickybeak
      Scribe Broken? Support Broken?
      By Stickybeak
      I have been running a document creation and management solution for 2 years.
      My scribe maintenance subscription ran out so I bought a new license.
      Boom the whole things has collapsed.
      Scribe is throwing errors when a field in the database does not appear as a merge field in the document the attached being a typical error.
      This solution is vital to my practice but 360Work have no taken 2 working days with no solution - not responding to my emails when I tell them that their work arounds aren't working.
      This was suggested "ScribeSetErrorCapture(true)" - but that does not even appear in my steps in the script window.
      Utterly frustrated.
      Help!

    • MSPJ
      File Access Protection and Import
      By MSPJ
      Hi - I'm developing a business solution to be hosted on FM Server.  It will be hosted on Soliant Cloud.  This is my first time developing for Server.  I read Steven and Wim's whitepaper on FM 16 security, which was very helpful.
      In the past, when I've created upgrades to my solution, I've imported data from the previous version into the new one. Each update is a modified version of the previous file. 
      I read about the benefits of using File Access Protection. My solution is a single file solution so I can basically exclude any other file having access - except I'm not sure what impact that will have on import from previous versions.  I assume both files will have the same ID - but not sure if that means that FM will see the older version as trusted or not. 
      Thanks!
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept