Support Home
Support Blog

How can I authorise more staff to login to my server?

How does authorisation of users work from the internet (ie not counter POS), how do I handle staff turnover and seperate it from instore usage?

Internet » Access Control » Fieldpine
Server
« Internal Control « Local Network

How it works, History

Each Fieldpine server has a local control file called gds.ctl This is a text file containing some broad configuration defaults. There is a section that controls network security and how connections on a port are processed.

interface
port=8310
filter-internet=require-password(mySecretUserName:mySecretPassword)
type=debug,normal,internet,private,ipv6,trace
In the absence of other controls, the line containing "require-password" specifies a username/password combination that must be provided in order to login.
You can repeat this line multiple times to provide different usernames and passwords.

There is also a security right that can be granted to staff called "Internet Login". The intent with this right was that POS staff logins could be permitted to login via the internet. However, this option is deprecated and should not be used going forward. The main issue was that sites typically required a different login name/password combination for the internet vs internally.

Recommended Approach

Negotiate, NTLM, Kerebos, SSO

Sites using Negotiate, NTLM or Kerebos for authentication (this generally requires domain controllers and associated setup) can enter the "Auto Login From" on Staff edit page. When Gds sees logins from this windows name it automatically logs into the asociated Pos staff record. This protocol is not generally enabled over the internet however is it may open you generally to security problems.