10 Replies Latest reply on Aug 17, 2015 7:29 AM by taylorsharpe

    FMP 14 Mac OS X Network Users not working, but Local Accounts do

    taylorsharpe

      I have a client that has several Macs.  They run a local Mac server with Open Directory and the users log in and authenticate as network users via Open Directory.  They are running Mac OS X 10.10.4.  They cannot connect to FMS 14.0v2 in the cloud.  I have tried it with two different FMS 14 servers over the web and when you click on the Host in the Launch Center, it pauses for a while and then says "Connection Failed."  However, if you log into one of those computers as a Local Account instead of a Network account, it works just fine.  Has anyone else run into this and what is the solution?  Thanks.

        • 1. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
          wimdecorte

          I don't follow the setup...

           

          The FMS boxes are in the cloud but the OD box is on-premise?  How are the FMS boxes bound to the OD then?

           

          If they are properly bound; can you log into the FMS box OS with one of the user accounts?

          • 2. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
            taylorsharpe

            wimdecorte wrote:

             

            I don't follow the setup...

             

            The FMS boxes are in the cloud but the OD box is on-premise?  How are the FMS boxes bound to the OD then?

             

            If they are properly bound; can you log into the FMS box OS with one of the user accounts?

             

            Yes, the FMS box is a Mac OS X Mac Pro Server hosted at a server farm in the cloud.  FMS is not bound to OD if for nothing else, the LAN has no static IPs and is just a typical small office ISP connection with DHCP.  They log into FileMaker using FileMaker Security and not OD authentication.  FMS is not set up to authenticate to any external groups nor is it bound to the OD. 

             

            I guess I could try a dyndns or other way of being able to point FMS to the local OD, but we really don't have a need to authenticate to the local user accounts and if we did, we would probably have the OD in the cloud and not on the LAN.  Their FileMaker accounts are different than the LAN accounts and they are not trying to use their LAN accounts to get into FileMaker.  All they want to do is see FileMaker in the Launch Center and open a FileMaker file using FileMaker Security.  Right now, they can't see anything in the Launch Center if they are logged in as network user based on the OD.  But if they log out of their Mac and back in as a local user on the same computer, then the Launch Center shows the FMS files via URL (IP works too) and they can log in.  It is kind of weird.

             

            Thanks, Wim, for any suggestions or idea. 

            • 3. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
              Markus Schneider

              not sure if You can bind that external server into a local LDAP/OD - but can You create 'starter-files' that opens connection to FMS with local accounts?

              • 4. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
                taylorsharpe

                Markus Schneider wrote:

                 

                not sure if You can bind that external server into a local LDAP/OD - but can You create 'starter-files' that opens connection to FMS with local accounts?

                 

                The challenge is that FileMaker is not using Open Directory.  I don't understand why how you log into the OS has anything to do with whether you can see a file in the Launch Center or not.  But for these guys, using a network account via OD results in them not seeing the remotely hosted FMS.  Just for testing, I had them try to connect to another FMS in the cloud and it didn't work either. 

                 

                I probably need to get with an Apple Server consultant who knows Open Directory implementation.  But any ideas or suggestions is appreciated. 

                • 5. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
                  wimdecorte

                  Using OD also forces the user to use the DNS, anything configured weirdly there?  Any gateways or proxies used that would not be used with the local accounts.

                   

                  Seems to me that there is an OD policy that blocks outgoing traffic on certain ports / to certain destinations?

                  Is there a web server active on the FMS box that you could try and connect to, not any of the FM parts of it but just the web server start page?

                  • 6. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
                    taylorsharpe

                    Wim... good thought on DNS issues.  But I can get these network users to go to Safari and make a WebDirect connection to the server, which means that the IP is not being blocked.  I can also file share and screen share from these network users into the FMS machine. 

                     

                    I'm afraid I have limited knowledge about OD policies and your suggestion that there is policy blocking traffic on certain ports is a possibility.  They have a LAN administrator that configured the OD, but he doesn't know why it is not working and was the person who brought the problem to me. 

                    • 7. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
                      okramis

                      I don't know how OD-bound Macs behave, but if I want to connect with an AD-bound windows machine to a not bound server, I have to specify the username by ".\", otherwise it tries to connect with an AD account. Maybe there's something similar happening in OD. A network sniffing tool could deliver more insight.

                      • 8. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
                        taylorsharpe

                        okramis wrote:

                         

                        I don't know how OD-bound Macs behave, but if I want to connect with an AD-bound windows machine to a not bound server, I have to specify the username by ".\", otherwise it tries to connect with an AD account. Maybe there's something similar happening in OD. A network sniffing tool could deliver more insight.

                         

                        You might be on to something, but we never get to the point of asking for credentials.  We can't see the server in the Launch Center at all via domain or IP and if I try to open it with a path (fmp://serverdomain.com/filename.fmp12), it doesn't work either.  I plan to pass this info on to the LAN administrator though.  Thanks for the info. 

                        • 9. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
                          okramis

                          Did you do a portscan for port 5003? Easiest to do with the "Network Utility" to find here: /System/Library/CoreServices/Applications/

                           

                          Bildschirmfoto 2015-08-17 um 16.10.42.jpg

                          • 10. Re: FMP 14 Mac OS X Network Users not working, but Local Accounts do
                            taylorsharpe

                            Thanks, okramis.  I have sent this off to the LAN administrator to try along with the info on OD policies.