2 Replies Latest reply on Jul 24, 2015 4:30 AM by AntoninoNicoletti

    External Authentication Failure - FMServer 13 Error 661

    AntoninoNicoletti

      Title

      External Authentication Failure - FMServer 13 Error 661

      Your post

      Hi to everyone,

       

      I had initially posted my problem in a thread not anymore active and I was advised to open a new post (http://forums.filemaker.com/posts/9cbc0ec36d?commentId=336927#336927).

      I have an iMac running now FMS 13v10 and serving a bunch of FM databases. Initially, this mac was running with MacOS 10.6.8 and FMS 12. External authentication worked pretty well with a Synology NAS running Directory Service. Two weeks ago, Java 6 was disabled by Apple and my trouble started. I won't be able to resume here how it occurred but I finally updated everything: FMS13, Yosemite (several full re-install...). Now, I cannot get the external authentication working back. The only users that can connect are those identified directly by Filemaker. Those identified by the external authentication cannot and my log is incremented by this error message each time that an ‘externally authenticated’ users tried to get access (here an example with a ‘test’ user):

       

      Error 661: Echec d'authentification du client “Name of user [XXX.XXX.XXX.XXX]” dans la base de données "Open_Databases.fmp12" à l'aide de "test [fmapp]".

       

      Keep in mind that this was working before. Still, I have reviewed all the following issues:

       

      1/ Accounts on the server are arranged into groups. These Groups match exactly to the groups to which my users are affected in the LDAP Server. Group names are small caps, not space, only letters. For instance ‘fmpadmin’.

       

      2/ All accounts that are set to be externally authenticated have the FileMaker Network (fmapp) extended privilege enabled. 

       

      3/ Of course, in the Admin Console of FileMaker Server, I have selected the option to authenticate using FileMaker and External Server Accounts.

       

      4/ I know that External Server Authentication has nothing whatsoever to do with LDAP configuration found in the Directory Service section of the FMS tab in the Admin Console. Still, I have configured this panel and it passed the test.

       

      5/ The FMS and LDAP Servers are time-synchronized with the same NTP.

       

      6/ None of the databases have an automatic opening setup in 'File Options’ and there is no script associated with any action in the same ‘File Options’ settings.

       

       

      I know that a solution would be to jump to Open Directory but it would have to run on the same computer (I don’t have an additional Mac to run Yosemite Server) and it seems quite tricky to have both the OS X server and the FMS server working on the same computer (indeed, I gave a try to that: it worked for a small while, until I had to reboot, then I had trouble with port 80 busy and the only solution was a full re-install, OS server was somehow keeping busy the port 80…).

       

      Well, since it used to work, I am sure that I am not far from having it working back and it must be a very subtle or stupid setting that I have missed. Let me know if you have ideas or if you need additional information on my configuration. Last but not least, I have tried to go back to Maverick and FMS 12 but I would not work. I don’t know what has been broken…

       

      Many many thanks in advance for your help!!