Care and Feeding of FileMaker Server FMUG April 7, 2006
Topics not covered These are all important, all huge, and therefore not do-able in a single meeting: External authentication Accounts and privilege sets Web hosting
Pre-installation Decisions Version 5.5 or 7 or 8? Depends in which version your solutions are developed. You can not mingle 5 and 7/8 You should not mingle 7 and 8 All client & Server versions (including the Server Admin tool) should match, down to the latest patch. Choose an operating system and hardware Best to use a Server OS, especially if you ll have more than a few users Best to use server class hardware
Advanced or plain vanilla? Depends on whether you web-enable your databases or not If you have sensitive data, do not web-enable your databases ODBC: If you are doing any odbc client connections to other systems like the Data Warehouse, you do not need Advanced. The client (not FileMaker Server) performs the connection. If you want to allow odbc connections to your FileMaker database as a source system, you will need Server Advanced. Each source file will require odbc configuration for your clients. Cluster the relevant tables in a single file to minimize labor.
Installation FileMaker Server Admin is no longer a frill and it s not just remote anymore You must use the Admin console to configure FileMaker Server settings You may use Admin on the server machine or on a remote machine Admin will automatically be installed when you install Server, or you can install it by itself
Installation Startup setting: Manual requires FMS Admin, but so does everything else.
Post-installation Patches do it! http://www.filemaker.com/support/downloads/index.html 5.5v4 for Mac OSX 7v4 for both platforms, requires v3 to install v4 8v2 both platforms, v3 is imminent
Gotchas File permissions Mac: All hosted files must be owned by user fmserver and Read/Write must be allowed to group fmsadmin This group is created at installation on Mac; must be manually added on Windows Stopping all FileMaker services to apply patches FileMaker Server 8 now has 2 services that need to be shut down through the Admin tool to completely stop all server processes fmserverd is the database engine, the service that hosts the files fmserver_helperd is the service that exposes the server to FileMaker Pro 8 users and must be running for the engine to launch. You must also stop the Web Publishing engine if you are running Advanced
Configuring Server Settings FileMaker Server Admin console
Best Practices File Maintenance, under Tools in FM 8 Advanced You can take your files off-line and: Compact: removes unused space, reducing file size. And/Or Optimize: puts pieces in order; does not reduce file size Be careful about running Compact or Optimize on a live database. Definitely do not run these on files that may already be damaged. Better to do a Save As compacted copy on a non-hosted file
Best Practices (cont.) Monitoring The Event log records all actions by Server, such as failed consistency checks Windows: Windows Event Viewer From within FMS Admin Console or through Control Panels Mac OSX: HD:Library:Filemaker Server:Data:Logs
Best Practices (cont.) Backup Use FileMaker Server s Backup Schedule utility. Do NOT allow TSM to backup live, hosted files. Exclude the Databases directory from TSM You may let TSM backup closed copies of version 7/8 files You should not use TSM for copies of 6 or earlier files. Backup v6 or earlier files to removable media
Security Securing the Database file Create appropriate privilege sets Use strong passwords Hide files from the network and use an opener file Securing the data at the Server level Password protect Server Admin Encrypting the data stream Firewall UPS
File Level Security in v7/8 Under the Edit menu, select Sharing and choose FileMaker Network. Select the Off radio button for Network Sharing. Check off Don t display in Open Remote Dialog Box.
Security (cont.) Hiding files: v6: v8:
Best Practices (cont.) Security Set Admin Console password
Best Practices (cont.) Security -- Encrypting the data stream
Best Practices (cont.) Security If you use a firewall UPS Mac Client OS will require third-party software to allow entry to specific IP addresses OSX Server built-in firewall. Define a group and add ip s to the group as needed allow entry on 5003, 50003, and 50006 allow entry on 1500 open to 18.92.1.[xx] for TSM Windows Server: Restrict to local subnet or specific addresses or ranges Clients: XP service pack 2 and Server 2003 service pack 1 need to both have the appropriate ports open and allow the application through; will require admin privileges to do so.
References and Resources http://filemaker.com/downloads/pdf/techbrief_fm8_server.pdf http://www.filemaker.com/downloads/documentation/fms8_admin_guide.pdf Consistency checks: Answer ID #5371 at FMI knowledgebase: http://www.filemaker.com/kb/