4 Replies Latest reply on Dec 3, 2015 5:38 AM by dtcgnet

    Single Sign-On

    christian.fabbro@veolia.com

      Good morning.

      I have a problem with the SSO on FileMaker Server 13.

      I using the external authentication server. Everything is configured correctly. Databases are opened without errors. Users use the application without problems.

      Unfortunately, in the logs displayed in the console, shows the following message when FM opens a database:

      - Single Sign-On client "firstname.lastname" failed on the database "xyz.fmp12" using "firstname.lastname" [fmapp].

      - Event 730

       

      The client "firstname.lastname" is the user in Active Directory.

      Can anyone tell me why this happens?

      How can I solve it?

       

      Thanks a lot.

        • 1. Re: Single Sign-On
          dtcgnet

          By chance, have you got a re-login step in any of your startup scripts? Also, what software are you running on the server? Windows 2008? 2012? 2003?

          • 2. Re: Single Sign-On
            dtcgnet

            Also, read through this. It might provide some information that may be helpful.

             

            http://help.filemaker.com/app/answers/detail/a_id/6785/kw/error%20661

            • 3. Re: Single Sign-On
              christian.fabbro@veolia.com

              Thanks for the answers.

               

              We have created two groups of security in FM equal to Active Directory:

              1. User: basic access.

              2. Admin: complete access.

              Users access with "remote desktop connection" to the FileMaker server and the user enter the password of window (active directory). Depending on the group the user belongs, FM provides basic or complete privileges.

               

              So if we were to implement what is described in the link, the authentication via Active Directory it would not work anymore.

               

              Moreover, with the problem in question, the first opening of the database is very slow, it takes longer than five seconds before entering.

              • 4. Re: Single Sign-On
                dtcgnet

                With regard to slow first opening...1) do you have a startup script that runs when a user first logs in, 2) do you direct the user to a specific layout (using File Options) upon first login? When a file is loaded to FM Server, it will ALWAYS open to the last layout that the person who loaded it onto the server was using when they closed the file for the last time before uploading it. If that layout is a list layout, or has a lot of "weight" to it, it'll take users a while to login. Check those things.

                 

                When you implemented what was in the link, what did you do? Is your server set up to allow for FileMaker and External Authentication?

                 

                A bigger question...why are your users accessing the FileMaker server via remote desktop connection? They shouldn't be actually accessing the server itself. They should be accessing the databases hosted on server via FileMaker Pro on their own machines.