FrankPottner

SSO (Single Sign On)

Discussion created by FrankPottner on Mar 7, 2012
Latest reply on Mar 15, 2012 by BowdenData

My goal is to get SSO (Single Sign On) working with FMServer 11.

The clients are logging in through Novell e-directory but IT says they have the same accounts in AD (Active Directory).

 

Can this be made to work?

 

 

If so, my understanding is I need to do the following; please correct me on any mistakes or missed steps since I don't really understand this stuff.

 

 

Assumptions

- FM file "Test.fp7" has a privilege "ViewData" with extended privilege "fmapp" enabled and is hosted on FMServer

- AD is part of the "ABC" domain

- user John Smith has a Windows login/pwd "JS/secret" and belongs to a group "Managers" in AD

 

 

- in Test.fp7, "Manage Security" I need to create a new account

- for "Account is authenticated via" I select "External Server"

- for "Group Name" I enter "Managers" (same as group name in AD)

- for privilege set I select "ViewData"

- I move this new account to the top of the list of accounts so that FMS tries to automatically authenticate the user

 

- the computer running FMServer must be part of the "ABC" domain so that it knows which AD to talk to

 

- John Smith's computer must be part of the "ABC" domain so that he's authenticated with the same AD that FMServer will communicate with

 

- on opening the Test.fp7 file John won't be asked for a password

- get(AccountName) will return "JS"

- get(AccountPrivilegeSetName) will return "ViewData"

 

 

Are there any other settings I need to set or configure?

Outcomes