5 Replies Latest reply on Oct 8, 2009 4:38 PM by Steve Wright

    Runtime Security

    ralvy

      Title

      Runtime Security

      Post

      I'm getting ready to distribute a runtime FMP 10 solution. After reading what I could, and experimenting with various options in File Options and Manager Accounts/Privileges, it seems like this works in terms of locking down the solution:

       

      1. In Manage Accounts/Privileges for each file, activate the Guest account, and assign it Data Entry Only.

      2. In File Options for main file, check Login using Guest Account.

      3. Create a Runtime with Admin privileges removed.

       

      Do I understand this properly?

      Anything I should be aware of in regards to this?

        • 1. Re: Runtime Security
          Steve Wright
            

           

           

          Step 1, sounds about right, been a while since I checked what I set there on my solution

          Step 2, this helps prevent dialog boxes and ensures your solution logs itself in using the correct assigned account 

          Step 3, is an absolute must have setting unless you want your hard work exploited

           

          Also, something to consider when compiling an install it helps to create a registry entry for username, this prevents it popping up on first load asking for their username causing less confusion for the end user wondering what they should be typing in there.....

           

          If you use INNO Setup for distributing (free installer package which is very good) you can use the following line under

           

          [Registry]

          Root: HKCU; Subkey: Software\Filemaker\Runtime Name HERE\10.0\Preferences; ValueName: "User Name"; ValueType: string; ValueData: runtime (or your username choice)

           

           

          • 2. Re: Runtime Security
            ralvy
               Doesn't configuring the Account Permissions to Login With Guest Account take care of the problem with a User ID Popup when they load the solution?
            • 3. Re: Runtime Security
              Steve Wright
                

              That takes care of the login yes

               

              However, what I meant was when you first start a filemaker runtime solution, on a PC which has not had filemaker installed
              the end user will be asked to enter a user name (not username / password)

               

              This only happens once on first run, but can lead to confusion and initially caused a lot of calls where the user wanted to ensure they entered the correct info.

               

              Screenshot :  http://i563.photobucket.com/albums/ss76/sws-solutions/Capture.png

               

              Of course, it doesnt actually matter what they enter if you are re-logging them in using preset details, but its one less dialog box for them to worry about, I also found it could sometimes end up behind other windows and not be immediatly visible, so the user could be wondering why nothing is happening, not realising it is waiting for user input.

               

               

               

              • 4. Re: Runtime Security
                ralvy
                  

                Ah, yes. I know about that one. I'll probably just warn them about it in the accompanying documentation. I want to thank you for the reference to Inno Setup. It really looks very useful.

                 

                Does it matter if they enter a username that doesn't match the one Windows sees for them?

                • 5. Re: Runtime Security
                  Steve Wright
                    

                  It makes no difference what they enter from what I remember.... I preset it to runtime and have done for a few years now without any issues.

                  Inno Setup is a very good system, especially considering its free of charge.