3 Replies Latest reply on Dec 27, 2011 4:43 AM by ThomasStaehli

    OS X 10.7 Lion FMSA authentication with Open Directory issue

    ErichWetzel

      Title

      OS X 10.7 Lion FMSA authentication with Open Directory issue

      Your post

      Current Mac Pro, migrated from 10.6.8 to current 10.7.2 server, FMSA migrated from 11v3 to current 11.0.4.404

      The Mac Pro is connected to a 10.6.8 Open Directory for authentication.

      We just migrated everything about our FMSA installation to be current.  The Knowledge Base notes about the most recent version indicate something about Active Directory not working correctly with a full user name and a work around being to use the short user name when logging in.  But nothing that suggested potential problems with our current set up.

      The same problem occurs with Open Directory.

      Trying to log in using a full system name of "First Last" fails authentication, where "First" is the first name of the user and "Last" is the last name of the user and is the actual user name in the Open Directory.  Using shortname of "flast" authenticates properly, where "flast" is the user shortname in the Open Directory.  

      This is an annoying issue for users who have to switch back and forth between usernames that allow for deletion of records and editing of the database's structures.  FileMaker Pro automatically puts in the system user name or actual user name from Open Directory on a Mac at the login dialog for the databases.  We now need to manually reenter the short name.  This makes logging in take longer.  This is a subtle detail but becomes very frustrating if you have to do it everytime you login.  Full user name has always been an Open Directory acceptable option in the past for authentication.

      Changing the Preferences to automatically enter the shortname is not a viable option to save the login work because in making that adjustment the user name to FileMaker becomes the short name and our databases frequently add user names to automatically generated content such as letters, faxes and emails which are sent from inside the databases themselves using Get(UserName).

      Any suggestions?

       

      Thanks for looking at this.

      -Erich