Jump to content

Full Access account without the rights to manage other Full Access accounts


This topic is 4202 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies

We are in the midst of tightening our security controls amongst a team of developers. Each of our file will have at least a Full Access account given 2 different persons.

However, our main concern is it may take one disgruntled staff to cripple a system by removing all other Full Access accounts.

Is there a way to create a new privilege set similar to Full Access privilege but this new privilege set cannot edit (or delete) other Full Access accounts?

Thanks.

Link to comment
Share on other sites

I presume you are using FM Server to host. If so, take control of the backups and make sure you can open them with your own password.

Use external authentication, that way the authentication is not within FileMaker.

Link to comment
Share on other sites

No. Full Access means just that, and it is specifically, purposefully, and intentionally directed at protecting the security schema. You can give a person with a subordinate level privilege set the ability to access the Manage Database area of the file, although I would not recommend that except in the most unusual of circumstances.

Perhaps in the future in conjunction with FileMaker Server, the scenario you envision might be possible. But for now, I do not believe that it is.

Steven

Regarding External Server Authentication, you might want to review this FileMaker Security Blog post:

http://fmforums.com/forum/blog/13/entry-287-external-server-authentication-and-full-access-privileges…-life-or-filemaker-may-not-be-what-at-first-it-seems/

As a general practice in almost every instance, it is inadvisable to assign the [Full Access] Privilege Set to an externally authenticated Account. This open several security holes.

Steven

  • Like 1
Link to comment
Share on other sites

This topic is 4202 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.