Jump to content
Sign in to follow this  
Bob Freeman

FMSrvr on Windows with external authentication against Novell's eDirectory

Recommended Posts

Well, I am stumped here. I have a client that may have to run their own Mac/Win server as their central IT dept is charging too much for hosting servers (cost recovery). I'd like to deploy FMSrvr using external authentication; I may need to run this on a Windows machine. The wrench in the plans is that the central directory services is Novell's eDirectory. In fact, the IT department removes the MS Client software on all workstations and installs the Novell one.

My question: Can FMSrvr on Windows talk directory to eDirectory (LDAP) for the purposes of external authentication? All the documentation mentions only AD. As I also don't want to manage an AD installation, is it possible to turn off AD and just have FMSrvr pass all authentication requests off to eDirectory?

Any guidance would be appreciated!

Bob

BioInfoworks, Inc.

Share this post


Link to post
Share on other sites

an FMSrvr on Windows talk directory to eDirectory (LDAP) for the purposes of external authentication? All the documentation mentions only AD. As I also don't want to manage an AD installation, is it possible to turn off AD and just have FMSrvr pass all authentication requests off to eDirectory?

Essentially not. At one time there was a claim that Novell could be tricked into acting as if it were Active Directory, but not much ahs been heard of that lately.

If FileMaker Server 9 is running on its approved OS, Windows Server 2003 Standard Edition SP 2, you can make local server accounts and groups, and manage the External Authentication through that process. Be sure to remove the server from the domain when you do that. Also, this may not support SSO, but it will support external authentication.

I recommend a reading of Server External Authentication Tech Brief for more information on this topic.

There are also video tutorials on Security and on FileMaker Server that will prove useful in learning more about this process.

Steven

Share this post


Link to post
Share on other sites

Thanks, Steven, for the quick reply!

If FileMaker Server 9 is running on its approved OS, Windows Server 2003 Standard Edition SP 2, you can make local server accounts and groups, and manage the External Authentication through that process. Be sure to remove the server from the domain when you do that. Also, this may not support SSO, but it will support external authentication.

Yes, I've thought of this, but (thinking strategically) I don't want to duplicate accounts and passwords. I realize that I can give them the exact account name and password, but when their SSO password changes, their 'FMServer' password will be out of sync. Another issue to solve..

I recommend a reading of Server External Authentication Tech Brief for more information on this topic.

Very familiar with that and most of their literature. I've been a FMPro developer for over 10 years!

There are also video tutorials on Security and on FileMaker Server that will prove useful in learning more about this process.

I just took a quick look at the list this morning. Very extensive - it looks like it could be quite a good resource. Are there any that are geared towards experienced developers? I really don't have the time to watch videos on the basics.

Bob

Share this post


Link to post
Share on other sites

I just took a quick look at the list this morning. Very extensive - it looks like it could be quite a good resource. Are there any that are geared towards experienced developers? I really don't have the time to watch videos on the basics.

Take a look at the ones marked as Advanced Level Security Issues.

Steven

Share this post


Link to post
Share on other sites

Essentially, you're looking at automating a duplication of what's in Novell's DS to either AD or OD to make this work for you. It can be done, it just takes dedication.

HTH

Wim

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.