Jump to content

administering user accounts


TASC

This topic is 6067 days old. Please don't post here. Open a new topic instead.

Recommended Posts

Hi,

I am new to filemaker 9 security. Is there a way to give a user access to create accounts and change privilege sets and passwords only? I don't want this user to have full access to the file. I just want them to be able to manage user access to the database.

So I would have a user called Administrator who could create a new user and select a privilege set for that user and set the user's password.

Thanks in advance for any feedback.

Constance

Link to comment
Share on other sites

Absolutely! However, you need to build it. This is a step-by-step how to from the FM Advisor site. You may need a subscription to read this, but it'll be well worth it. User Account Management System

Yikes! Just saw that you're in FM6. I'm not sure if this article will help or confuse. The principles are the same but the functions may not be available in FM6. Upgrade FM?

Edit: Your profile says FM6, but you start off saying you're in FM9.

Edited by Guest
Link to comment
Share on other sites

Sure.

This can be done by use of any of the Account steps in ScriptMaker. Or, if you're using FileMaker Server, just use External Server Authentication and pass the Accounts off to the Server.

You can read more about all this in the Security Tech Brief or in the Server External Authentication Tech Brief.

Steven

Link to comment
Share on other sites

Thanks Steven, for your suggestions. This is exactly what I ended up doing, using scripts. However, there is one thing I have not figured out how to do. How do you change an existing user's privilege set through a script? Can you?

Constance

Link to comment
Share on other sites

No. But, if you've scripted creation of accounts, you'll find that it's even easier to script deletion of an account. All you need is the account name. So what you do is delete the account (in all files, via the script), then recreate the same account with the different privilege set. It takes very little time to delete an account, even in multiple files.

If you don't know their the password (and you likely wouldn't in a secure setup), then you can create the account with a temporary (simple) password, and check the option to have the user create their own password the first time they log in. They would need to have the access privilege to do that.

The end result, from the user's point of view, is they get their same account and password back, with a shiny new privilege set :)-]

Link to comment
Share on other sites

Of paramount importance in any of these approaches is the need to [color:red] trap for and to manager errors that will almost inevitably occur, especially in a multi-file environment. This is just one of the reasons for recommending External Serever Authentication.

Steven

Link to comment
Share on other sites

This topic is 6067 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.