1 Reply Latest reply on Jan 26, 2017 12:30 AM by Johan Hedman

    Active Directory Login

    bvondeylen

      I have this problem. We authenticate our users against Active Directory.

       

      Users now have 2 ways of logging into one of our FileMaker Pro Server databases. They can use their 'long name' ie Bryan VonDeylen or their 'short name' ie bvondeylen

       

      Both will authenticate them, but depending upon how they log in, FileMaker still treats them as two different people.

       

      I can create a script which will take their AccountName (how they log in) and pass it onto a Variable or Global field, but that only works if I create a Table in each solution and add all possible users into that table, and then compare their login with fields in that table.

       

      I need this because I have several solutions that allow users to modify their records but prevents them from seeing or modifying the records created by others.

       

      The problem comes in that users can log in with a computer (by default puts in their Long Name for credential) or iPad/iPhones which does not default to any username, so users naturally put in their short name.

       

      I am trying to design a login sequence which will attempt to discern whether a user signed in with their long name or short name and then compare with a record of Accounts. If not found, create a record and ask the user to complete the Account table.

       

      I can check if the user logged in with a short or long name. Long Names have a space " " in the name, short names do not.

       

      I can then check that against an existing Accounts table to see if the user has logged in before (if the Account exists). If not, create a new record in the Accounts Table. BUT, if they logged in with a short name and the account was not found, they would need to supply their Long Name. This could be tricky for people who have nicknames. People like Richard may think their Long Name is Rick. Short names are not since people know their email names.

       

      So, trying to come up with a series of scripts that will check if the user has not logged in before, and if not, allow them to create a account that has both their Long Name and Short Name.

        • 1. Re: Active Directory Login
          Johan Hedman

          If you ask your user to enter there information 100% correct you better give them very strict instructions, like no short name etc.

           

          To have a Account table gives you a chance to keep control of users and could even add a table for AccountsLog to see when users logged in and out (you create new record each time user log in and set TimeStamp Start and when user log out you set TimeStamp End).

           

          Otherwise I think you got things covered.