Major single sign on issues

[Bennett Gavrish]

Hi there -

I'm about to give up on external authentication with active directory, so any help would be greatly appreciated.

Yesterday our office implemented AD authentication. All groups were created correctly and added to the appropriate databases. We then turned on external authentication account checking on our server.

The system essentially works correctly. For example, on my Mac computer running FM 8.5, I go to Open Remote, connect to the server and enter my AD username and password - and all of the databases I have access to show up and open properly.

Issues arise on Windows machines which are on the active directory. When a user logs in to their computer on the AD and then uses the Open Recent menu, the single sign on works and databases open. However, when they use the Open Remote function, they are immediately locked out of their AD account and cannot view any databases.

I checked with the AD guys here and it seems like Filemaker is sending a wrong password error every time a user goes to Open Remote, even though they never have to enter a password.

If there was some way to disable single sign on, I feel like that would fix my problem. But so far I have not seen anything that will let me do that.

Thanks in advance for your help.

[jamesducker]

Have you tried Windows machines running different versions of FileMaker? I know there have been some AD authentication bugs in various versions along the way... especially versions of FM 8.x.

If you only have licences for one particular version then try downloading the 30-day trial of FM10 from www.filemakertrial.com. I have all the older-version trial installers if you want to try those too: let me know.

As it works from your mac it sounds like a FileMaker-specific problem, and it 'feels' version-specific. Let's eliminate that first. Have subscribed to this topic so post again and let me know how you get on.

Cheers

James

[Wim Decorte]

Do you have the database visibility feature on?

Is the AD running on the same box as FMS? Are there any local accounts on the FMS box?

[Bennett Gavrish]

Hey guys - thanks for the responses.

After a lot of work on it yesterday, I agree that it seems like a version-specific issue.

In fact, we were able to get the Open Remote function working correctly on a machine running FM 7. Also, our FM 10 users reported no issues.

It seems like the issue is limited to mainly FM 8, but unfortunately, the majority of our users run that and are not ready to upgrade. Also, I've read some stuff about Service Pack 3 being a culprit as well.

Database visibility is set to on for databases that the user has access to. The FM server is on the active directory, and it has one local admin account.

[Steven H. Blackwell]

Service Pack 3 breaks External Authentication for versions prior to 10 if database visibility is enabled. If Server 10, be sure that the latest version is installed.

Steven