Jump to content

External Authentication w/ Yosemite FM Server not bound to AD

This topic is 2031 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies

I'm wondering (because I have not been able to get it to work so far) if my scenario is even possible.


Mac Pro tower running Yosemite and FileMaker Server

-system resides on network but not bound/associated to any particular Directory service, Active Directory or Open Directory


FileMaker Pro clients running Windows 7 and FileMaker Pro 13

-any and all of these client pc's reside on the same network, slightly different subnet

-all pc's are a part of Windows Domain that is administered by the state dept for my government agency

-all pc's can access FM databases when file-level authentication is used


I want to keep from creating and managing a separate list of users/passwords and utilize our already existing AD accounts (180 users) to authenticate to the FileMaker databases that we build. Our state department has stated that binding the Mac OS box running FileMaker server to AD is not allowed.


Is there any scenario based on our setup that we could devise that would allow us to use FileMaker external authentication? I've been through the FileMaker whitepapers about the subject and all give scenarios but none quite like ours. Most assume the FileMaker server would be running a M$ operating system and already be joined to Active Directory.


Even in our case, I've already mentioned that our state department will not permit me to join/bind the FileMaker server to AD. Being a state sized domain it is pretty large with groups created for 88 different county agencies under the state. I do have access to see Active Directory structure and can test with my user account that is a member of a group specific to just my county. The group only contains myself and one other user but alas it does not work and when attempting to login I just get the message "The account and password you entered cannot be used to access this file. please try again".


My state agency keeps referring me to LDAP and that that is the protocol they allow us county folks to use but I cannot seem to understand whether that will help me or if it is even related to this type of setup.post-112768-0-46848300-1421185308_thumb.post-112768-0-96128500-1421185309_thumb.post-112768-0-43256500-1421185311_thumb.

Link to post
Share on other sites

A couple of things:


- first off: if your FMS OS is Yosemite, you need to update to FMS13v5 ASAP.  This has nothing to do with EA, but just basic functioning


- you can not use AD accounts for EA unless the FMS machine is a member server in the AD domain (in OSX terms: bound to the AD).  It is FMS that communicates with the AD/OD domain controller,  not the clients.


- why don't they allow the FMS box to be bound to the AD?  Is it because it is a Mac?  If so you would be much better off installing FMS on a Windows machine and stay within their parameters.


- LDAP is nothing but a protocol (says so in the name), it's a language that directory services like AD and OD understand.  In the same way that web servers understand HTTP.  LDAP brings nothing to the EA discussion.

  • Like 1
Link to post
Share on other sites
  • Newbies

Thank you Wim! It's good to get some clarification. I'm requesting the current full install download from FileMaker now and will update very soon. I checked the FileMaker article regarding this update and it appears as though they suggest an uninstall and then install of the v5 full version. This is what I'll do.


The restriction is just blanket, no county devices allowed as members of the domain, it does not matter which OS. I've requested some form of exemption, I really do not want to manage this many user accounts.

Link to post
Share on other sites

This topic is 2031 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Similar Content

    • By Philip Sommers
      I currently administer a Filemaker 16 Server and only use Oracle Java for the admin console (web publishing is turned off). We want to get rid of Java rather than start paying for it. Rather than upgrade to FMS18, is it possible to use OpenJDK instead of Java for the FMS16 admin console? If so, is there anyone that can provide some guidance on how to do that?
    • By jjjjp
      After upgrading to FM Server 16, I am seeing that the automatic daily script executed from the server side is no longer doing so without error. The script sends email reminders to workshop presenters scheduled within 4 days. The error code, which I record in a log, is 119. However, that code isn't listed among the error codes listed in the online help:
      Knowing the meaning of the error may provide useful information that will help me reconfigure the email account settings for the command Send Via SMTP Server.
    • By "... you mean these fans?"
      Mr. Ignoramus
      We have a solution in Canada where we moved the db from a hosting company to a LAN ( customers building ) They are using a Mac OS machine running FileMaker 16 server.
      We access the FM 16 server via apple's remote access, having trouble locating where we would put the index.html and php files for our web form that we used when we were hosting on an outside hosting company.  The hosting company put the html/php file in the folder that designated our account number. 
      My question is this ... where would we put the two web files; index.html (form) and the .php (create record in FM) file on the FM 16 server.  I can not seem to locate the instruction via the documentation FM is providing.  Have done several internet search ...
      I am gathering information to pass to the individual helping us with the FM server at location.
      Anybody able to provide a link or guidance I would be grateful.
      Thank you.
    • By jduncan
      We recently upgraded from FMS 14 to FMS16 and one of our databases won't open via WebDirect due to the way it's named:  the database title has an ampersand ("&") in it.  This worked just fine for FMS14, but not for FMS16.  The easiest solution seems to be to change the database title.  I'm a little hesitant to jump into this because of a large number of externally held containers.  How would one safely go about changing the database name (I'd like to change the "&" to "and") without losing the linked containers? 
      In case anyone's wondering, I didn't name the database; I inherited it.
    • By ShelCOYS
      Hi, I have fm 14 server running on a mac mini. I have recently upgraded to FM16 running Mojave on 2 x local macs. We started with one license, where only one of us could use FM at a time (as we knew), I have since bought another copy and and reinstalled FM16 on the local mac with the new serial number but the server still seems to think we are using the same copy?? and we are getting the attached error. I have completely uninstalled FM locally but still does not work. I have asked my FM guy, as well as 2 or 3 other people but everyone seems to be stumped?? Is there any way of clearer the cache which may be holding this old information? Any help would be much appreciated.

  • Create New...

Important Information

By using this site, you agree to our Terms of Use.