Jump to content

Authentication problem on OSX server

Mike Owen
 Share

This topic is 6824 days old. Please don't post here. Open a new topic instead.

Recommended Posts

Mike Owen Contributor

Mike Owen

Posted
Posted

I am having no luck getting external authentication to work using FMServer 7 running on an OSX server authenticating against Windows Active Directory.

I am presuming it should be possible to login to the FMPro file(s) without seeing any FMPro username/password dialogue box at all, provided the user is already logged on to the Windows network.

Am I expecting too much? or just missing something?

Can anyone talk me through it?

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

You have the concept down correctly.

There is a Tech Brief on the FMI web site that covers many of the details:

http://www.filemaker.com/support/upgrade/techbriefs.html

Depending on the exact version of FileMaker Server and of the Macintosh OS that you're using the precise syntax returned to the FileMaker Server from AD can vary.

For example, for an AD group called "Sales" the OS X plugin may return that as domainnameSales, where "domainname" is the AD domain.

Therefore the Group in the FileMaker Pro file must also be named domainnameSales. Every time Apple revs the OS, something changes here, so you will need to examine this more closely.

For dual paltform organizations this causes additional issues inasmuch as it requires 2 separate groups in the FIleMaker Pro file, one named "Sales" and the other named "domainnameSales." However, both just connect to the same Privilege Set.

Another solution is to replace the FIleMaker Server CPU with one running Windows Server 2003.

HTH.

Steven

Wim Decorte Grand Master

Wim Decorte

Posted
Posted

I am presuming it should be possible to login to the FMPro file(s) without seeing any FMPro username/password dialogue box at all, provided the user is already logged on to the Windows network.

You are presuming too much. SSO (single-source sign-on) only works in an all-Windows scenario (Windows workstations belonging to a Windows Domain, and FMS running on Windows Server configured as a member server in the Windows Domain).

If you have the OSX workstation configured to get authenticated on the Windows AD then you can get pretty much the same effect but only after letting users store their credentials in the OSX keychain. The next time those OSX users want to connect to a file hosted on the FMS, the keychain will send it the credentials.

Mike Owen Contributor

Mike Owen

Posted
  • Author
Posted

Thanks for these.

"If you have the OSX workstation configured to get authenticated on the Windows AD then you can get pretty much the same effect but only after letting users store their credentials in the OSX keychain. The next time those OSX users want to connect to a file hosted on the FMS, the keychain will send it the credentials. "

Even if it won't work using a Mac workstation, can one, though, get 'automatic' authentication on a Windows workstation via the OSX FM8 server to Active Directory on a Windows Server?

This topic is 6824 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept