Dear all

We are big organization and configured all user accounts in Active Directory.

We have developed a FileMaker Solution for internal purpose and hosted the file in FileMaker Server. So far , we have created user account within filemaker and end user usin that. But everytime users forget their individual password. So, we believe this is the time to move on single sign on. 

Users are accessing our filemaker solution via "Web Direct and FM Go " methods.

We are not sure single sign on will work on above both environments or not . But somehow we need to achieve it. 

So can anybody suggest/help us by providing detailed information about steps to implement signle sign on with our filemaker solution please.

Thanks in advance
Thiya

I deleted you duplicate Question. Please do not multiple post your questions.

5 hours ago, Thiyagarajan said:

But everytime users forget their individual password. So, we believe this is the time to move on single sign on.

I think you are mixing terminology here a bit.  You probably mean "External Authentication" and not "single sign on".

External Authentication (EA) is when you no longer manage individual accounts in FM but in one of the 3 supported locations: Active Directory, Open Directory, the local OS of the FMS box.

EA works from FMP, FM Go and WebDirect.

 

Single Sign On (SSO) is a special case of EA that only works when:

- FMS is on a windows server that is member of an AD domain

- client workstations (FMP only) are members of that same AD domain

- users log into that workstation with an AD account

- provided that the FM solution has EA accounts that match AD group names then users that belong to those groups can open the FM solution without being challenged for credentials.

SSO only works with FMP.  Not from FM Go or WebDirect.

Hi Wim

Thank you so much for your clear explanation about EA and SSO.  I believe I should go with EA as our users are accessing FM solution only via FM Web Direct and FM GO methods.

Thanks again

Thiya

Hi All

Here , I am opening the new question. Successfully , I integrated my solution with Active Directory. Now , all users are entering their domain username and password to login filemaker solution. Now , We would like to move one more step further.

All Client workstations are the member of that same AD domain. In this scenario , we are trying to open/login filemaker solution automatically based on workstations credentials without typing username and password. I knew this will not work in FM Web direct and FM Go. But , I like to achieve this concept somehow even integrating with 3rd party technologies / PHP or any other technology.

I believe some people have achieved this using PHP.  Anyone help us if anyone knows the method please ?.

 

- Thanks