Jump to content

Filemaker Server 19.x Microsoft AD authentication. Firewall Ports needed?

Richard Fincher
 Share

This topic is 731 days old. Please don't post here. Open a new topic instead.

Recommended Posts

Richard Fincher Enthusiast

Richard Fincher

Posted
Posted

I'm running a Filemaker Server 19.2 server behind a Cisco Firewall, and we're having problems with MS AD authentication being rejected.  We had it working for a while, but then it seems to have stopped working.  I'm trying to locate a definitive guide to what firewall ports need to be opened to which IP number(s) / range(s).  Some online documentation I read seemed to indicate that Microsoft's Azure servers need to connect directly to Filemaker Server, but this seemed to be wrong, as we could see it was the workstation PC that was requesting through Filemaker Server via port 443 (https) at the point when authentication was attempted, when we had it working OK earlier.

We can easily update from Server 19.2 to 19.3 if that's likely to help.  19.4 would require an OS update.

Wim Decorte Grand Master

Wim Decorte

Posted
Posted

You mention both AD and Azure?  Which are two different things.  Is this a normal old-school AD authentication or an OAuth-based Azure AD authentication?

Richard Fincher Enthusiast

Richard Fincher

Posted
  • Author
Posted

Hi - this is the one which is setup under External authentication in Filemaker Server, and where you register an "app" in the Microsoft Portal.  I'm not sure why I'm investigating this, as I'm just the hosting company.  But my client suspects it to be a hosting issue.

 

 

Screenshot 2022-04-28 at 10.21.37.png

Screenshot 2022-04-28 at 10.21.53.png

Screenshot 2022-04-28 at 10.22.24.png

Screenshot 2022-04-28 at 10.22.37.png

Screenshot 2022-04-28 at 10.26.26.png

Wim Decorte Grand Master

Wim Decorte

Posted
Posted

Ok, so not regular AD but Azure AD OAuth.

The white papers that Steven Blackwell and I authored on the subject and that you can download from the files section here, describe a step-by-step debugging process that allows you to perform each step in the authentication flow yourself and inspect the responses.

From the screenshots it doesn't look like a firewall issue since the redirect seems to work, so it could be an issue in the FMS config, the FMP file or on the Azure AD app side.  The debugging steps will tell you where the issue is.

  • 9 months later...
  • Newbies
nelabed Newbie

nelabed

Posted
  • Newbies
Posted

Hi, can you please indicate the exact location from where we can download the white paper?

Thank you

This topic is 731 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept