We support quite a few macOS systems that are bound to an AD (Active Directory) domain. Occasionally, one, two, or perhaps several would lose the ability to authenticate users with AD credentials. Often this was with one of the FileMaker Servers, where external authentication was being used for either user access or FMS Admin Console access. I’ve explored ways to fix this, without restarting or disrupting other services.
In addition to the more typical external authentication methods, FileMaker supports client authentication using OAuth accounts from Google, Amazon, and Microsoft. In this instance, I needed to set up a FileMaker Cloud server to use a company’s directory accounts, which were hosted at Azure. In order to set this up I hit a couple of minor complications, which I’m going to cover here.
In looking back at our initial approach to logging FileMaker PSoS (Perform Script on Server) activity, I reflect back on a number of times where this has been extremely helpful. If you have come to rely on the benefits of PSoS then you also know some of its challenges — one of the biggest is debugging and monitoring how long sessions take.
Since FileMaker 16 introduced JSON, in new systems we’ve switched over to using JSON as the main way of exchanging data for parameters. Because we also use PSoS in new systems, we updated our method for PSoS Logging and this blog entry talks about the changes we made there and also restates the usefulness of this log.
Continue reading “Logging PSoS Activity: Episode III – Return of the JSON”
Typically, you buy an SSL certificate for a server from a SSL vendor. However, some companies may decide that they want to issue their own SSL certificates. Often this is because the domain is only used internally, and most vendors don’t easily allow (if at all) the signing of server certificates for non-public domains. Additionally, issuing your own certificates can remove complications caused by the certificate verification process used by most vendors, and there are no fees needed for each certificate.
Here we’ll list the steps you’ll need to enable authentication using Amazon accounts with FileMaker Cloud.
If you’ll be having more than a few different people logging in to the Admin Console of your FileMaker Cloud server, it’s generally good practive to avoid having everyone use the same credentials. By enablling an additional authentication mechanism, you can easily add or remove administrative access to a server, and user’s get to use their own own credentials.
Intro: SSL Basics
SSL certificates are a very common way to secure client/server network connections, and the FileMaker platform has made use of them for many years. Starting with version 15 however, FileMaker introduced a number of security changes, in handling SSL and certificates, on both the server and the clients. But where do they come into play, and how might this affect your deployments?
Solving an Old Problem
When you consider how to keep information safe, you might first imagine a team of hackers in a dank basement typing and clicking their way into your bank account.