When first configuring FME Server to integrate with Active Directory, we recommend starting with the following fmeServerConfig.txt configuration, which applies to common Windows domain configurations:
SECURITY_LOGIN_TYPE=activedirectory
SECURITY_AD_SERVER_AUTODETECT=true
SECURITY_AD_NT_DOMAIN=<NT_domain_name>
SECURITY_AD_USE_SASL_AUTHENTICATION=true
SECURITY_AD_SASL_OPTION_MECHANISM=GSSAPI
SECURITY_AD_PREAUTH_USERNAME=<account_name>
SECURITY_AD_PREAUTH_PASSWORD=<acount_password>
The following information will need to be provided for your Windows domain:
Note: During configuration we recommend turning on debugging mode by setting SECURITY_DEBUG=true. This configuration parameter is located under the 'Security Management' heading. With debugging enabled, all interactions with Active Directory are logged. If any failures are encountered, refer to Troubleshooting Active Directory Configurations for solutions.