I can use an external account to open security settings and make changes. When I hit 'OK' to exit the dialog, I am prompted to confirm full access login. At this point, the external account will not work, and I have to use an account which is authenticated by FileMaker.
Perhaps there is an important security reason for doing this, but it also creates a security hole, because everybody who does development work on the file (assuming they need to be able to change security settings during development) will need to know the single main admin account password. I would much rather have all of our developers only use their externally authenticated accounts to access the file, so that if I disable access for that developer, they can no longer access the file.