Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

Authentication Failure Logging

jackeb
 Share

This topic is 6462 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies
jackeb Newbie

jackeb

Posted
  • Newbies
Posted

I have external authentication (AD) working with about a dozen databases. I am trying to set it up on two additional databases and it's not working. The same groups work in other databases, just not in the two problems.

I checked the logs (/Library/FileMaker Server/Data/Event.log) but it only holds the successful authentication information. I am looking for the error in the failed auth attempts.

Does anyone know where FM Server 8 Advanced (Tiger) would log it's authentication failures?

tia

Jack

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

I don't think that it does log failures. But check to see if there is an OS level security log.

For the new files be sure that the group names are exactly the same as those in the directory service group. No trailign spaces and stuff like that. Also, close all files and then stop the FMS daemon and then restart the daemon to see what that does.

Please keep us posted about this.

Steven

  • Newbies
jackeb Newbie

jackeb

Posted
  • Author
  • Newbies
Posted

I checked our log server and nothing is logged their from fmserver.

I also check the spelling/spaces and they are identical. I even looked at case, because I'm using HFS+ case sensitive. I've also stopped and restarted the fmserverd (and helper) with the same result. Any other ideas?

I'm going to check the dbs next.

Wim Decorte Grand Master

Wim Decorte

Posted
Posted

You need to check the security event log on the AD machine, because ultimately that's where the authentication happens.

  • Newbies
jackeb Newbie

jackeb

Posted
  • Author
  • Newbies
Posted

Well the mystery continues. I came in today and it works fine.

Unfortunately, I don't have access to the logs on the domain controllers so I can't check so see if something was wrong there. Besides I'm more interested to see what filemaker server is sending when it tries to authenticate.

Any way...thanks for all your help.

Jack

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

Besides I'm more interested to see what filemaker server is sending when it tries to authenticate.

The credentials of the user who is trying to connect, either as stored in "protected memory" on Windows or in the keychain on Macintosh OS X, or as entered at the prompt. The domain controller or the local security configuration, as appropriate, will then authenticate and, if the credentials are valid, return to FMS a list of the Groups to which the Account belongs. FMS then compares this to the list of groups in the FMP file and allows access with the privileges of the first matching group as determined by authentication order. If there is no match, the user receives a message to that effect, i.e. invalid credentials.

More info:

http://www.filemakersecurity.com

HTH

Steven

This topic is 6462 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept