Jump to content
Sign in to follow this  

External Authentication with a "default" UPN

Recommended Posts

I have a working and successfully configured FileMaker Server which uses external authentication to our AD. Users can login fine but there is a bit of a functional caveat we would like to address.

In our domain we have users that actually authenticate against a kerberos realm. We can manage these users in the AD and add them to the FileMaker groups (they can login just fine!) but the users must login as <username>@LOGIN.DOMAIN.COM--it is impossible with the domain setup to allow authentication for these users with simply <username>.

I had a thought that if I changed the server computer's default login domain to LOGIN.DOMAIN.COM that these users might be able to authenticate but that is not the case. Does anybody know of a way to sort of specify a "default" UPN for the FileMaker Server or possibly know of a trick to force FileMaker Server to authenticate against LOGIN.DOMAIN.COM (without explicitly specifying it with UPN) instead of the domain controller for the domain the server resides in?

Share this post

Link to post
Share on other sites

No... the authentication is done by the AD, not by the kerberos realm so the AD domain is the default, anything else (like a trusted domain) requires either the UPN or UNC syntax.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  


Important Information

By using this site, you agree to our Terms of Use.