Active Directory Login

Discussion created by bvondeylen on Jan 25, 2017
Latest reply on Jan 26, 2017 by Johan Hedman

I have this problem. We authenticate our users against Active Directory.


Users now have 2 ways of logging into one of our FileMaker Pro Server databases. They can use their 'long name' ie Bryan VonDeylen or their 'short name' ie bvondeylen


Both will authenticate them, but depending upon how they log in, FileMaker still treats them as two different people.


I can create a script which will take their AccountName (how they log in) and pass it onto a Variable or Global field, but that only works if I create a Table in each solution and add all possible users into that table, and then compare their login with fields in that table.


I need this because I have several solutions that allow users to modify their records but prevents them from seeing or modifying the records created by others.


The problem comes in that users can log in with a computer (by default puts in their Long Name for credential) or iPad/iPhones which does not default to any username, so users naturally put in their short name.


I am trying to design a login sequence which will attempt to discern whether a user signed in with their long name or short name and then compare with a record of Accounts. If not found, create a record and ask the user to complete the Account table.


I can check if the user logged in with a short or long name. Long Names have a space " " in the name, short names do not.


I can then check that against an existing Accounts table to see if the user has logged in before (if the Account exists). If not, create a new record in the Accounts Table. BUT, if they logged in with a short name and the account was not found, they would need to supply their Long Name. This could be tricky for people who have nicknames. People like Richard may think their Long Name is Rick. Short names are not since people know their email names.


So, trying to come up with a series of scripts that will check if the user has not logged in before, and if not, allow them to create a account that has both their Long Name and Short Name.