This depends entirely on your deployment. It involves adding the user account and putting that account into the correct group. It could be Mac or Windows users local on the server, or accounts that live in Open/Active directory.
You can't create Externally Authenticated accounts through scripting....
I can't speak for the Mac side of things but on the windows side when you are using Active Directory in a domain setting there really aren't any Filemaker user accounts for individual users. There are user accounts but they are more akin to groups of users than they are individuals.
For instance I name all of my accounts something like:
Then I create a identically named security group in Active Directory and then make individual Windows user accounts members of one of more of the groups.
If there is a Windows user named JohnDoe for instance I never have to create a Filemaker account for him. I simply place him in the appropriate group account and he is able to get into FM without entering either a username or a password. Active Directory handles it all.
FYI: The function Get(AccountName) returns the user's Windows user name so you can tell exactly who did something.
External authentication in a domain environment is fantastic. I don't have to create a new account in FM for every new hire and the users never have to provide credentials.
Thanks for your input. On consideration we are not going to go down the external authentication path. We can work with constraints of using Filemaker security.