Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

Mass passwords

nylon
 Share

This topic is 5557 days old. Please don't post here. Open a new topic instead.

Recommended Posts

nylon Apprentice

nylon

Posted
Posted

Hi all. I'm the IT manager at a secondary college in Australia and we have about 1500 students. I've been wanting to let students have passworded access to some databases, but manually entering 1500 account privileges is impossible to maintain.

Is there any way to securely allow 1500 (untrustworthy) souls access to only their own records?

I wish Filemaker had something like an account/password table which could contain thousands of users, encoded passwords, privileges etc.

Regards

nylon

Vaughan Grand Master

Vaughan

Posted
Posted

I wish Filemaker had something like an account/password table which could contain thousands of users, encoded passwords, privileges etc.

It does. It's called external authentication. :

The accounts are stored in an ldap database, either Open Directory on Mac or Active Directory on Windows. The files need to be hosted with FM Server but for 1,500 users that's a necessity anyway.

Chances are your IT department might already be using an OD/AD for some other purpose such as e-mail authentication or to manage the computer accounts. If so, you're sweet; the hard work has already been done.

I recently set up external authentication for 120+ users who need various permutations of access to 100+ databases. (Susan has write access to System A and read-only access to System B but they both link to the Contacts and Students files...)

Previously the organisation used generic accounts (user, browse etc) which neuters security; yet is still led to databases being opened with the wrong privileges depending on the order that solutions were opened by the user.

Changing to external authentication has allowed me to assign personal accounts, track what users are doing in systems, and strictly control access so that people never get the wrong privileges. And the business of adding and removing users to solutions is done in the OD or AD, not in the databases themselves.

Contact me privately if you need more information.

Vaughan

nylon Apprentice

nylon

Posted
  • Author
Posted

Many thanks, Vaughan. I had not encountered external authentication until now, but tying in to AD will be good for us!

Thanks again

nylon

comment Grand Master

comment

Posted
Posted

External authentication is the preferred solution here.

But even without it, you would not need 1500 privilege sets, only 1500 accounts - and account management can be scripted.

This topic is 5557 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept