Authorization Fails Using Active Directory with FME Server

Liz Sanderson
Liz Sanderson
  • Updated

FME Version

Symptom

When I enter my username and password, the web interface states that I am not authorized to use the application.

Cause

This issue is generally caused by having an incomplete setup or incorrect permissions.

Resolution

Ensure that you have followed the Active Directory connection using the instructions in the FME Server Administrator's Guide. If the problem still exists, check each of the suggestions below. After each solution is performed, try to login to FME Server and verify if the issue still exists.

Check FME Server Permissions

Make sure that you provided the Active Directory role with the correct permissions using the Admin UI.

Check Active Directory Security Group

Make sure you are using an Active Directory group and not an organizational unit. The string that you enter for the security role should start with CN and have a member attribute listing all of the security groups members.

Check for Case Sensitivity Errors

Active Directory DN'S must contain uppercase keys, for example, "CN" will work but not "cn". As well, the DN is case sensitive. The string "DC=safe,DC=com" works as it relates directly to the domain that's specified in Active Directory: safe.com. However, DC=Safe,DC=com would not work.

NOTE: FME Server 2018: When logging in as an Active Directory user the username value must match the case of the sAMAccountName in your Active Directory. If it is mixed case FME Server will require you to to enter the mixed case username value.

Advanced Debugging

If the issue is not addressed above, try turning on security debug mode within the \Server\ fmeCommonConfig.txt:

SECURITY_DEBUG=true

Restart FME Server and try to login.

Open the fme server log file and see if there is an error. Depending on which version of FME Server you are using, the log file can be found in the following locations:

FME Server 2015.1.0 and newer: \ProgramData\Safe Software\FME Server\Logs\core\current\fmeserver.log

FME Server 2014 SP2 up to FME Server 2015.0: <FMEServerDir>\Logs\current\core\fmeServer.log

FME Server 2014 SP1 and older: <FMEServerDir>\Logs\fmeServer_xx.log

Look for the error message in the documentation here: Troubleshooting Active Directory Configurations.

If there is no obvious error, then please review the FME Server Troubleshooting: Active Directory article and if necessary request Technical Support. Please include the log files and config files, and any other information you have gathered during initial troubleshooting.

 

Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.