Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

FM Server LDAP ident

xgireaud

By xgireaud
in FileMaker Server 11

 Share

This topic is 6795 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies
xgireaud Newbie

xgireaud

Posted
  • Newbies
Posted

Hi gurus

I have a pb to solve quickly:

Briefly:

At work, we have a Fm Server + advanced (Web publishing)

The users ident is done by ldap query (Server 2003)

No pbs, all works fine, from lan and WAn (Web companion)

Question:

Today, the fm server in set to query LDAP from domain A

How can I set FM Server to query another LDAP (Domain B for exemple)

Basically: is it possible to reach FM Databases from two differents domains ( A and :P with ident done by each domains ldap?

Thx gurus

Xavier

Wim Decorte Grand Master

Wim Decorte

Posted
Posted

What you're saying is that you're using FMS External Authentication against an Active Directory, right?

And you want to have users authenticate against an Active Directory of another domain? You'll need to create a trust relationship between the two domains for this to work. Make sure to read up on the types of trust relationships and their consequences before you go down this road.

But in short, yes it is possible to do this. You may need FMS8 for this though, I don't recall off hand if this worked in FMS7. It may in v2 or v3 but it certainly didn't in v1 of FMS7.

  • Newbies
xgireaud Newbie

xgireaud

Posted
  • Author
  • Newbies
Posted

Wim Decorte

Tx very much for your anwser.

What you need to know:

I already user FM Server 8.0 v2

I already created a relationship between the two domains. (It's works fine)

yes, I need to use AD Ldap authentification instead of Internal FM Databases Accounts.

Yhe only thing for which Im not sure:

What type of relationship do i need to create ?

Unidirectionnal or birectionnal ?

Did you performed this identification for two domains successfully ?

I think that Im close to the solution

Thx for your help

Xavier

Wim Decorte Grand Master

Wim Decorte

Posted
Posted

I did make it work with a uni-directional relationship. It should work with a bi-directional too but I didn't want to try that. I was making a relationship between my test domain and my production domain so I did not want to cross-authenticate testers in my production AD.

Which one you need depends on your other functional requirements. Restrict it to the minimum to avoid opening loopholes that people can take advantage off.

This topic is 6795 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept