We are having intermittent problems with external authentication on all of our hosted databases.
Windows server 2008 R2 (no recent updates)
Both Windows and Mac clients on latest FMPA
External authentication using Active Directory
Our users have been connecting with no trouble to the hosted databases. Sometime within the last few days, users started having trouble connecting. Usually Single-Sign-On (SSO) opens the selected DB immediately. But sometimes now there will be a 5-10s delay. Sometimes the DB opens, but sometimes the FM login screen is displayed instead of the DB. The login screen has the user's valid account name pre-entered. If the user enters their password, they would sometimes get logged in to the DB. If that login fails, they are presented with the login screen again with both account name and password filled in. Simply hitting the return key attempts the login again. After multiple attempts (keep hitting enter key), the user can usually get in (but not always). After a certain amount of failures, the login screen does not reappear. Local authentication accounts work 100%.
With each of these failures, the FMS log shows a message like: "661 - SECURITY: Client "FLxxxx (flxxxx) [10.0.1.27]" authentication failed on database "DBName.fmp12" using "FLxxxx [flxxxx]".
If a user successfully opens a DB, closing it and re-opening it seems to always work, and it works fast (no 5-10s delay).
We restarted FMS and the Windows server which did not help.
During a call to FileMaker Tech Support, TS verified we have our admin settings correct. Since local authentication works he said the problem must be on the Windows server side and offered no further help.
My IT guys have checked the Windows server, Domain Controller, and DNS. They tell me that everything is fine and that no other of our software or servers are having authentication issues.
So, I'm stuck. FM Tech Support says it's our Windows server. My IT guys say it's FMS.
Does anyone have any suggestions on where to look?