Jump to content
Server Maintenance This Week. ×

Single Sign On Micorsoft MSSQL Server:

masterblaster

By masterblaster
in External Data Sources

 Share

This topic is 4162 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies
masterblaster Newbie

masterblaster

Posted
  • Newbies
Posted

Hello!

I am Using Filemaker Server 12 on Windows 2008 R2, Filemaker Pro on Windows 7 and a MSSQL Server 2008 on Windows 2008 R2. My goal is to configure Filemaker to use Single Sign on to the MSSQL Database.

 

On the Filemakerserver machine i created a System DSN with Windows Authentication enabled. I enabled External Authentication in the Filemaker Server and in my Filemaker Database (hosted on the server) i added a Group with type "External Server" and "Full Access" rights and added the privilege "fmapp".

At this time i can access the Filemaker database without authenticating. Everything until now seams to work correct for me.

 

Now i run "Manage External Data Sources" and add the previously configured "System DSN" with the following settings:

- ODBC

- DSN: <select the System DSN>

- Use Windows Authentication (Single Sign-on)

  SPN: MSSQLSvc/<fqdn>:<mydb> (:mydb because it is a named instance)

 

If i now try to add tables in "Manage Database - Relationships - Add Tables" i get the following error:

"The account and password you entered cannot be used to access this file. Please try again."

 

 

The Filemaker Server is running under "Local System" Account. On the Filemaker Servers Computer Account in Active Directory i enabled "Trust this computer for delegation to any service (Kerberos only)", the error still occurs.

Do i have to make changes to the users account connecting to the Filemaker Server or to the Computer Account of the SQL Server?

 

May the first question should be is this configuration supported by filemaker, i think so because of some documentation i found:

http://www.filemaker.de/help/html/odbc_ess.20.7.html

 

Is there a realy detailed step by step configuration guide available?

Has somebody a working configuration of these components?

 

If so please send me the settings of the following Active Directory attributes of the Windows user, Filemaker Server Computer Account, SQL Server Computer Account.

 

userAccountControl

servicePrincipalName

msDS-AllowedToDelegateTo

 

Thanks for your help!!!!!

 

 

 

Link to comment
Share on other sites

This topic is 4162 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept