Prevent changing the User Name

[Jalz]

Hi Guys,

I have installed FileMaker Pro 6 at my client's location, is there any way of preventing the users from changing the UserName that I have allocated them during the installation. In other words, is there a way of dimming out the general tab in the application preferences?

Thanking you guys in advance

Jalz

[Anatoli]

Another FMI bad design

Maybe with some control menu plugin.

We are using something else, we let user login to log db, and the Dialog Magic sets the user access in all files and preferences.

Before sensitive operation we check if user changed something in preferences and if yes we log that to his record and do immediate quit.

[Jalz]

Thanks Anatoli,

Hope they fix this one for the next release, real pain tio use a plugin to do something as simple as that.

I guess im going to have to write password/user file

[Anatoli]

Maybe in v. 7 which should be really new and great.

But how many versions is between? V. 6.1 and 6.5?

Don't count on FMI making logical fixes. They do fix bugs but otherwise nothing. Some of the fixes are really pathetic.

[Paolo]

no, you can't but you can partially work around it if you use the "UserName" in a slightly different manner.

use the "UserName" pref field to store a complex alfanumerical string that identifies the user.

you can create a db file to store the conversion from the string to the username: for example

paolo = lsjkdlas3993840398didjksdj

anatoli = 2938234ii23u43i2ui3u4u4

jalz = bbbb3 33ii3jedj

users still can change the username but it is really unlikely that they will guess another user's username.

if one user username doesn't mach with no one in the db it means that the user have changed the string.

off course if a user have access to another one's computer probably he will be able to copy/paste the string....

------

btw

if you really want to work solve the problem you can't rely upon the UserName field, you have two options:

1) use filemaker built-in security system. Assign a password to each user. Assign a group to each password. Then the group represents the username.

2) build your own filemaker based security scheme.

hope this helps

[Anatoli]

Paolo has nice ideas about security system. Actually in last project we used combination of both -- 1 and 2.

[Reed]

Could this technique of requiring specific alphanumeric usernames be used to keep out someone who has cracked the developer password?

For example, a startup script

Allow user abort [off]

If (Status(CurrentUserName) <> (this or that or the other))

Quit Filemaker

End If

Can anyone think of a way to crack this over a network? I've tried it and even if you enter the master password, and you don't have the right username, filemaker will quit. The only way to do it would be to guess the right username.

A related question: How many characters long can the username be?

[Anatoli]

Startup script is not executed, if the file is opened from relation or by calling script.

[Reed]

*******! I forgot about that... I guess I'll have to get a firewall after all if I want to keep people out.

If I'm sharing a database via FMP6 (not server), can I just software firewall the host to let only certain IP addresses in on port 3053 (or whatever it is)? Or do all of the clients also have to be firewalled? (i.e. can someone access the database the client is connected to by hitting the same port on the client machine?

Thanks!

[Anatoli]

5003 is the port.

I think, if you show only one file and that file will have the security in startup script, then you'll be reasonably OK. Then call all other FM files to open and park them in blank layout maybe with MENU button.

You can also check before important operation for the same usernames.

HTH