Active Directory and FileMaker Server

Introduction

You can configure your FileMaker Server so that Athenaeum can accept log-ins using patron’s AD accounts rather than internal FileMaker accounts.

These credentials can be used when connecting to Athenaeum either with FileMaker Server or using the web "OPAC".

note: Your FileMaker Server must be within the same domain as the AD server.

This is managed—like most FileMaker Server functions—via the FileMaker Server Admin Console.

Create your Active Directory Groups

Create three groups in your AD. The FileMaker Server and the groups need to be within the same domain:

  • lib_admin

  • lib_staff,

  • lib_student

(the names are case sensitive) and drop the users into the appropriate group.

Put the library administrator into the lib_admin group.

Put staff into lib_staff.

Drop students into lib_student.

note: lib_staff and lib_student have the same privileges (browse, reserve, review, etc) and are provided separately merely as a logical convenience

Athenaeum does recognise other groups (e.g. with the prefix "res") but these are all you need in most cases. If you need the other prefixes, contact us and we can work through activating those.

Configure FileMaker Server 18

Open the FileMaker Server Admin Console, navigate to the Administration tab and External Authentication. Then enable External Server Accounts.

Configure FileMaker Server 16

Version 16 of FileMaker is deprecated, however it is still functional for nearly every feature.

Directory Service tab

FileMaker Server 16 needs know the specifics of the domain server.

Open the FileMaker Server Admin Console , navigate to the Database Server tab and then choose Directory Service.

directory service tab

Enter the Address of the AD server and the Entry point in the ou=…,dc-…,dc-…,etc. format.

Click the Test Directory Service Settings to confirm the settings are correct.

Click save.

Security Tab

Navigate to the security tab and choose “FileMaker and external server accounts” and click save.

Logging in

Desktop Client

You can now use your AD credentials to open Athenaeum using FileMaker Pro or FileMaker Go.

Web templates

Adjust the web templates config file and you can do the same at the Athenaeum web search.

On your web server, locate the Athenaeum web folder:

Edit configuration.php with a text editor and locate the line

config['allow_login']

and set that to true.

there are other settings there that you can change, but maybe only under advisement from SumWare Consulting.


  1. one reason FileMaker did it this way is because if an attached document in the database is itself a FileMaker database, FileMaker Server would have otherwise tried to open that file along with the other files, which would lead to all sorts of mischief. So FileMaker Inc. designed FileMaker Server to not look more than two folder levels deep when looking for files to open. Confusing, but clever. 

  2. the found set is used repeatedly in Athenaeum - we highly recommend you learn this concept, as it controls many aspects of reporting 

  3. the popular link that used to be in the navbar is now deprecated and replaced by the optional custom lists menu. If necessary, it can be re-instated with a "navbar=" or a custom "widget=" blog post. 

  4. Just for fun, you can embed the web search on the desktop client search screen! 

© 1996-2022 Athenaeum Library Software (Sumware Consulting) Contact Us