Claris FileMaker Server Release Notes

New features and enhancements

macOS Sequoia support

• This release adds support for macOS Sequoia 15.

  Note  FileMaker Server 2024 is not supported on macOS Monterey 12 and, in this release, will no longer install on Monterey. If you're a Monterey user, you must upgrade to a later version of macOS before you can install this version of FileMaker Server. For the supported versions of macOS, see Claris FileMaker 2024 Technical Specifications.

Scripting

• Server-side scripts can now use the Perform Script on Server script step to run a script in a separate session on the server. See Perform Script on Server.

HTTPS tunneling

• HTTPS tunneling is now supported for FileMaker Server on Windows and macOS.

• Windows: In Admin Console on the Configuration > FileMaker Clients tab, you can now enable Use Nginx Web Server to use Nginx for HTTPS tunneling. See FileMaker HTTPS tunneling.

• In Admin Console on the Configuration > FileMaker Clients tab, if you enable HTTPS tunneling when Nginx is not installed, you are now prompted to install and enable Nginx.

• Windows, macOS: The Use HTTPS Tunneling flag is now present in the Assisted Install.txt file.

Web publishing

• The installed JDK version is now displayed in the Connectors > Web Publishing tab in Admin Console.

• Windows, macOS: In Admin Console, the Connectors > Web Publishing tab now includes the option to replace the installed JDK so you can easily update it. See Web publishing settings.

Security

• When importing certificates in Admin Console, you are now prompted to import signed intermediate certificates if you plan to use Claris Connect. See Importing a custom SSL certificate.

• This release includes general security improvements to the FileMaker Server installer on the Windows platform.

Admin Console

• When you select a folder, you can now create and delete subfolders.

• On the Configuration > Notifications tab under Email Settings, you may now change the Notification Level to include warnings.

• The Databases tab now shows both folder and subfolder hierarchies when sorting by folder.

• The Configuration > General Settings tab under Startup Settings now lets you specify to only open last opened databases when FileMaker Server starts. You may also use the fmsadmin set/get serverprefs OnlyOpenLastOpenedDatabases command to modify and view the new property. The change is stored in the lastopendblist.list file.

• For enterprise licenses, the license key is now obfuscated in Admin Console.

• The Databases tab now shows the database folder groupings in the databases list.

• The Dashboard tab now includes the number of FileMaker Data API connections.

Annual limits for API usage removed

• Annual limits for usage of the FileMaker Data API and OData API have been removed. API usage starting with this version of FileMaker Server is unrestricted.

FileMaker Admin API

• The FileMaker Admin API /server/certificate/importcertfiles endpoint now supports multi-part form data and allows you to upload a .pem file instead of a newline-escaped string.

• The FileMaker Admin API now includes the /fmclients/httpstunneling endpoint which allows you to get and set the HTTPS tunneling option.

• Enabling the Web Publishing Engine using FileMaker Admin API now reports failure if Java is not installed.

FileMaker Data API

• When writing data, the FileMaker Data API and the Execute FileMaker Data API script step now support overriding the Prohibit modification of value during data entry option for auto-enter data in a field. In the request, set the new options.prohibitMode key to script (ignore this auto-enter rule) or user (follow this auto-enter rule).

OData API

• OData now supports parameter aliases for key values and function parameter values. For example:

  • GET <host>/fmi/odata/v4/<database>/Purchase(@p1)?@p1='2%2F%5C'

• OData now supports nesting $select within other options. For example:

  • GET <host>/fmi/odata/v4/<database>/Categories?$expand=Products&$select=Name,Products/Name

• OData now supports Edm.<type> type casting. For example:

  • GET <host>/fmi/odata/v4/<database>/Purchase(1)/Total/Edm.Int64

  • GET <host>/fmi/odata/v4/<database>/Purchase(1)/Total/Edm.String

  • GET <host>/fmi/odata/v4/<database>/Purchase?$filter=cast(Total,Edm.String) eq '6.99'

• OData API now supports the in operator.

• OData API batch operations now support preferences that are inherited by sub-operations.

FileMaker WebDirect

• The OnObjectKeystroke and OnLayoutKeystroke script triggers are now partially supported in FileMaker WebDirect. They activate only for the Return, Enter, and Escape keys. For OnObjectKeystroke, only an active field object with the edit box control style is supported. To disable this feature in FileMaker Server, open the [installation_folder]/Web Publishing/conf/jwpc_prefs.xml file, then change the value of the keystrokeenabled parameter from yes (default) to no. Keystroke triggers are enabled by default.

Schedules

• The script schedules last status filter has been updated to include only the possible status outcomes: Blank, Failed, Skipped, Succeeded, and Verify Failed.

• Multiple backup schedules may now be processed simultaneously.

Logging

• The Only open last opened databases option now creates event.log file entries.

• The event.log file now includes error where the WPE process did not start because Java was not installed.

FileMaker Developer Tool

• The FileMaker Developer Tool now supports uploading databases to specified sub-folders.

• The FileMaker Developer Tool now includes the following commands and options:

  • --querySize

  • --sortBySize

  • --uploadDatabases

  • -target_tablename, -tt

  • -target_fieldname, -tf

  • -query_index, -qi

  • -quantity, -qu

  • -exclude_container, -ec

Open source model server

• Files in the Open_Source_LLM folder have been updated to support image embedding and additional open source models. These changes are not compatible with previous versions of FileMaker Pro, FileMaker Go, or FileMaker Server, nor are previous versions of the Open_Source_LLM folder compatible with the current versions. See the Claris Engineering Blog.

Installation

• The FileMaker Server installation on Windows now includes the option to install, use, and configure Nginx.

• Modifiable files in the Tools\Lets_Encrypt folder are no longer replaced when upgrading FileMaker Server, but are moved to a Lets_Encrypt-backup folder.

Updated libraries and packages

• The following Node.js modules have been updated:

  • ejs

  • express

  • jsonwebtoken

  • aws-sdk

  • engine.io

  • passport

  • socket.io

  • cookiejar

  • xml2js

• The deprecated swagger-tools Node.js package has been replaced with the @jeffe95/swagger-tools package.

• The Xalan library has been upgraded for web publishing to version 2.7.3.

• The xerceslmpl library has been upgraded for web publishing to version 2.12.2.

• OpenSSL has been upgraded to version 3.3.1.

• Apache Tomcat has been upgraded to version 10.1.26.

Addressed issues

Security

• A reflected cross-site scripting (XSS) attack was made possible due to returned login errors not being HTML encoded.

FileMaker WebDirect

• Within a transaction, when the Show Custom Dialog script step was used, closing the custom dialog reverted the transaction.

• Microsoft AzureAD authentication failed for users belonging to over 200 groups.

• Clicking into nested tab controls caused the controls to render incorrectly.

FileMaker Admin API

• When the FileMaker Server license expired, FileMaker Admin API allowed sign in, but not sign out.

• The FileMaker Server Admin Server process stopped abruptly after calling the FileMaker Admin API server/certificate/info endpoint.

OData API

• Running scripts that accessed other database files using the same credentials failed.

FileMaker Developer Tool

• Ubuntu: Opened databases were not correctly returning an error when attempting to perform actions like copy or clone using the FileMaker Developer Tool.

• The FileMaker Developer Tool --renameFiles command incorrectly overwrote existing files when the -f option was not specified.

• After using the command tool to re-encrypt EAR files, the incorrect key was reported back.

• Renaming files with the FileMaker Developer Tool failed when using relative paths for files.

• Recovering a file with the FileMaker Developer Tool left the original file in a read-only state.

Schedules

• In Admin Console, filtering schedules on enabled or disabled failed to display schedules.

Scripting

• When performed in a hosted file, the Perform Semantic Find script step configured with a Return count value higher than 10 returned a found set that wasn't consistently sorted by cosine similarity as expected.

• Perform Script on Server script steps lost access to databases and failed when running a script called by FileMaker Data API if the session ended before the Perform Script on Server script steps completed.

• Using the Get(ScriptResult) function for server-side scripts did not always reflect the server-side script result.

• Ubuntu: The Get(SystemLocaleElements) function only reported US locale elements, even when non-US locales were used.

Tools

• The Let's Encrypt fm_request_cert.sh and fm_renew_cert.sh scripts failed to detect the certbot binary on Intel-based Macs.

Logging

• The event.log file entry Database Server Auto Restart is disabled. incorrectly contained a non-breaking space.

Installation

• macOS: Upgrading primary and secondary machines caused the secondary machine to become disconnected from the primary machine.

• When upgrading FileMaker Server, previous configuration values were retained even when load previous configuration was set to No.

• Ubuntu: When setting the Swap File Size option in the Assisted Install.txt file, if the unit type (MB, GB, etc.) was not set, the swap file was not created. Now the swap file type defaults to GB even if not supplied.

• Running fmsadmin on Ubuntu without first restarting after an installation caused the segmentation fault error to be displayed instead of prompting for credentials.

• Persistent caches created from an earlier version of FileMaker Server caused persistent cache recovery to fail after upgrading to a newer version of FileMaker Server.

New features and enhancements

FileMaker WebDirect

• The mobile browser pull-to-refresh option is now disabled by default.

Security

• This release includes general security improvements.

Addressed issues

FileMaker WebDirect

• FileMaker WebDirect slowed significantly after upgrading to FileMaker Server version 21.0.1.

• FileMaker WebDirect intermittently displayed layout freezing, keyboard key repeats, and disappearing text resulting in data loss.

Security

• A reflected cross-site scripting (XSS) attack was made possible due to returned login errors not being HTML encoded.

New features and enhancements

Administrator roles

• Multiple administrator roles can now manage the same folders.

• In Admin Console > Administration > Administrator Roles, you may now select database top-level folders and sub-folders in the same Database Folder Path dropdown.

• External group users assigned to multiple administrator roles can now access schedules and logs based on privileges.

• In Admin Console, each administrator may now perform actions on their listed databases. The primary administrator can act on all databases.

See Administrator roles in FileMaker Server Help.

Backups

• In Admin Console, the last backup on the Dashboard now displays the schedule name and time from the last schedule that ran.

• In Admin Console, the Backups tab now additionally displays all local backups.

• Backup folders now follow a file naming scheme that includes the backup status. For example:

  • In progress: ScheduleName_2024-03-02_1323_InProgress

  • Completed: ScheduleName_2024-03-02_1323

  • Canceled: ScheduleName_2024-03-02_1323_Canceled

See Understanding backup options in FileMaker Server Help.

FileMaker Admin API

• You can now toggle FileMaker Data API plug-ins in FileMaker Admin API. The following FileMaker Admin API endpoints are now included:

  • Enable or disable FileMaker Data API Install plug-ins:

    • POST /plugins/DAPIPlugins

  • Enable or disable FileMaker Data API Install plug-in script:

    • POST /plugins/DAPIAllowInstallPluginScript

  • Get the FileMaker Data API Install plug-in configuration:

    • GET /plugins/DAPIPluginConfig

• The new FileMaker Admin API GET databases/download/{db_id} endpoint allows you to download a database by database ID.

• The following FileMaker Admin API endpoint allows you to upload a database to FileMaker Server:

  • POST [host]/fmi/admin/api/v2/databases/upload

  For more information, see the FileMaker Admin API Reference included with FileMaker Server.

• The following new FileMaker Admin API endpoint allows you to get or set FileMaker Server admin contact information:

  • Endpoint: /server/admincontact

  • Parameters:

    • contactName

    • contactEmail

    • contactPhone

• The FileMaker Admin API server metadata endpoint now returns the server host time using the host timestamp.

• The new /server/config/blocknewusers endpoint allows you to view (GET method) or modify (PATCH method) the new "Block New Users" setting.

• Administrator roles can now be managed using the FileMaker Admin API. The /server/adminrole endpoint uses the following methods and their options:

  • GET

  • POST

    • name (required): The name of the newly created admin role

    • password (required): The password (in plain-text) for the new admin role

    • homeFolder (required): The main database folder for the new admin role

    • db_pri: The privilege for managing privilege

    • sched_pri: The privilege for managing schedules

    • sched_backup_pri: When sched_pri is enabled, privilege for managing backup schedules

    • sched_verify_pri: When sched_pri is enabled, privilege for managing verify schedules

    • sched_script_pri: When sched_pri is enabled, privilege for managing script schedules

    • log_pri: The privilege for managing and viewing logs

    • xauthgroup: The external group

  • PATCH

    • id (required): The id of an existing admin role

    • name

    • password

    • homeFolder

    • db_pri

    • sched_pri

    • sched_backup_pri

    • sched_verify_pri

    • sched_script_pri

    • log_pri

    • xauthgroup

  • DELETE

    • names: A list of admin role names to delete. Each name is a string; specified names are case insensitive

    • ids: A list of admin role ids to delete. Each id is a number

    Note: Both of the options are supported, but only a single option may be specified per request.

• Setting the allow unknown SSL certificate revocation status over FileMaker Admin API now functions for FileMaker WebDirect.

• The following new FileMaker Admin API endpoints allow you to retrieve database sign-in settings:

  • Get database sign-in settings for external server accounts: GET [host]/fmi/admin/api/v2/extauth/dbsignin/externalserver

  • Get database sign-in settings for Amazon: GET [host]/fmi/admin/api/v2/extauth/dbsignin/amazon

  • Get database sign-in settings for Google: GET [host]/fmi/admin/api/v2/extauth/dbsignin/google

  • Get database sign-in settings for Microsoft: GET [host]/fmi/admin/api/v2/extauth/dbsignin/microsoft

  • Get database sign-in settings for AppleID: GET [host]/fmi/admin/api/v2/extauth/dbsignin/appleid

  • Get database sign-in settings for Custom OAuth: GET [host]/fmi/admin/api/v2/extauth/dbsignin/customoauth

• The GET and PATCH [host]/fmi/admin/api/v2/extauth/provider/customoauth FileMaker Admin API endpoints are now available which allow you to retrieve and modify custom OAuth identity provider information respectively. For more information, see the FileMaker Admin API Reference included with FileMaker Server.

• The GET and PATCH [host]/fmi/admin/api/v2/extauth/provider/appleid FileMaker Admin API endpoints are now available which allow you to retrieve and change database sign-in settings for AppleID. For more information, see the FileMaker Admin API Reference included with FileMaker Server.

See List of Admin API calls in FileMaker Admin API Guide.

FileMaker Data API

• The record end point for the FileMaker Data API now includes a new OPTIONAL options section for the JSON body (options["<value>"]) which allows you to override the "Allow user to override during data entry" validation option. The possible values include:

  • user: follow the data validation rules (default behavior)

  • script: allow a field to ignore data validation rules

  Scripts called via the scripts endpoint are always run in script mode. For more information, see the Record endpoint of the FileMaker Data API reference included with FileMaker Server.

FileMaker developer tool

• The FileMaker developer tool has a new option to rename files using a static string or with regular expressions:

  FMDeveloperTool --renameFiles <target_folder> <username> <password> [-encryption_key -e <key>] [-source_filelist | -sl <path1> <path2> ...] [-regex | -rg <regex>][-replace_text | -rt <text>]

  For more information on using regular expressions, see Microsoft's Regular Expression Language Quick Reference.

• The FileMaker developer tool command names are now case-insensitive (i.e., "removeAdminAccess" command will both work if writing --RemoveAdminAccess or --removeadminaccess).

• macOS and Ubuntu: The FileMaker developer tool and FileMaker data migration tool paths are now added to the environment variables.

• The new FileMaker Developer Tool Guide provides all the command-line parameters and examples for how to use them.

Let's Encrypt SSL

• FileMaker Server now includes scripts to request and renew Let's Encrypt SSL certificates. To use Let's Encrypt, the server must have a publicly resolvable hostname. You must also install the Let's Encrypt Certbot package: see the README file for instructions. The scripts and README are located in the /FileMaker Server/Tools/Lets_Encrypt/ directory.

  • To request a certificate, execute the following script:

    sudo -E ./fm_cert_request.sh

  • To force renew a certificate, execute the following script:

    sudo -E ./fm_cert_renew.sh

  • To schedule a certificate reload:

    • Create a FileMaker schedule to run the built-in system script "Sys_Default_ReloadLetsEncryptCertificate".

  • To reset the Let's Encrypt process:

    • Delete the Certbot directory in /FileMaker Server/CStore/

  For more information on Let's Encrypt, see How It Works - Let's Encrypt.

FileMaker WebDirect

• A new parameter has been added to the jwpc_prefs.xml file. The "pulltorefreshenabled" parameter determines if FileMaker WebDirect layouts will refresh when pulling down on mobile browsers. When set to "yes", FileMaker WebDirect layouts will refresh. When set to "no" FileMaker WebDirect layouts will not refresh. The previous behavior and default value is "yes". After changing the value, restart the Web Publishing Engine for the behavior to take effect.

  See Mobile browser pull-to-refresh in FileMaker WebDirect Guide.

• The following touch keyboards are now supported for FileMaker WebDirect in mobile browsers:

  • ASCII

  • URL

  • Email

  • Number keypad

  See Mobile browsers in FileMaker WebDirect Guide.

• FileMaker WebDirect: CSS caching has been optimized during layout resize.

• Setting the allow unknown SSL certificate revocation status over fmsadmin command-line now functions for FileMaker WebDirect.

Logging

• In Admin Console, the Logs page includes the Collapse Side Bar and Expand Side Bar buttons that allow you view logs across the whole width of the page or to return to normal view.

  See Viewing multiple log files in FileMaker Server Help.

• In Admin Console > Logs, you can now enable "Script Event Log", which changes the script logging behavior to write to the Event.log file instead of the scriptEvent.log file.

  See Script event log in FileMaker Server Help.

• Top Call Statistics logging is now enabled by default.

• The server statistics log (Stats.log) is now enabled by default.

• The Event.log file now captures recoveries using the persistent cache.

• The Event.log file now captures changes to the HTTPS tunneling setting.

OAuth and OIDC

• The "Show sign-in fields even when OAuth or AD FS is enabled" file option is now enabled by default for newly created files.

• In Admin Console, Custom OAuth now includes a field for additional query parameters to be included with the sign-in URL.

• In Admin Console, Custom IdP Authentication Settings now displays only the fields required for OIDC or OAuth 2.0.

• Databases not configured to sign in with OAuth will show username/password options along with OAuth sign-in options when the FileMaker Server configuration contains OAuth settings.

• You can now upload, resize, and crop identity provider icon images.

See Using an OAuth identity provider to authenticate FileMaker clients in FileMaker Server Help.

Persistent cache

• The Persistent Cache feature is no longer in preview and has been added to FileMaker Server Help.

• The persistent cache now contains the Database Server Auto Restart option which causes FileMaker Server to attempt to automatically restart the Database Server when it quits unexpectedly.

• FileMaker Server now supports database transaction consistency when recovering from the persistent cache.

See Startup settings in FileMaker Server Help.

Install, uninstall, and upgrade

• During upgrade installation, new users are now prevented from connecting to FileMaker Server.

• macOS: The FileMaker Server installer can now stop the FileMaker Server service automatically.

• macOS: The FileMaker Server configuration is now saved when uninstalling, and users can choose to load the previous configuration when prompted during the next installation. A new variable setting, Load Previous Configuration, which preemptively chooses to load the previous configuration, has been added to Assisted Install.txt.

• Ubuntu: When not specified, a swap file is created during the FileMaker Server installation with the swappiness set to 10.

• Ubuntu: The new "Swappiness" and "Swap File Size" Assisted Install.txt options allow you to create a swap file during the FileMaker Server installation. The new options configure the options introduced in FileMaker Server 20.3.1.

• FileMaker Server installation now supports the "Use HTTPS Tunneling" Assisted Install.txt option. Setting the value to 0 disables HTTPS tunneling. Setting the value to 1 enables HTTPS tunneling.

Updated libraries and packages

• The Xerces/Xalan library has been replaced with the LibXML2 and libXSLT libraries.

• The libcurl open-source library has been updated to version 8.4.0.

• OpenSSL has been upgraded to version 3.0.11.

• OmniOrb has been updated to version 4.3.2.

• NodeJS has been updated to version 18.19.1.

• Apache Tomcat has been updated to version 10.1.16.

Windows

• Windows Performance Monitor now includes a client counter for FileMaker Data API.

Miscellaneous

• All FileMaker 2024 products have a new icon. Look for it in the apps, installers, .fmp12 file icons, and more.

• In FileMaker Server Admin Console, all schedules are now shown instead of just the first 10.

• The new "Block New Users" option in Configuration > General Settings > Startup Settings allows you to set whether new users are permitted to connect to all FileMaker databases. User already connected are not affected by changes to this setting.

  See Startup settings in FileMaker Server Help.

• The Directory Services Settings feature is no longer in preview.

• Read, write, and execute privileges are now no longer applied for everyone on the CStore directory.

• Java garbage collection can now be run for secondary machines in the primary machine Admin Console > Web Publishing page. Each deployed machine has a "Run Garbage Collection Now" button.

  See Web publishing settings in FileMaker Server Help.

• HTTPS tunneling is no longer in preview and has been added to FileMaker Server Help.

  See FileMaker HTTPS tunneling in FileMaker Server Help.

• FileMaker database field definitions are now cached by FileMaker Server to optimize access.

• FileMaker Plug-in SDK now supports ARM architecture on Ubuntu.

• During shutdown, new users are now prevented from connecting to FileMaker Server.

Addressed issues

Administrator roles

• Users who signed in to Admin Console using credentials for an administrator role were able to perform Disconnect and Send Message actions on databases that they didn't have access to.

• Saving Administrator Roles did not encrypt the saved file.

• Administrator roles incorrectly had access to some top-level administrator features, such as updating the license key.

Backups

• The FileMaker Server process stopped responding while backing up databases, when persistent cache was enabled and the server was under heavy load.

FileMaker Admin API

• The FileMaker Admin API get schedule(s) endpoints incorrectly returned the parameters enabled, verify, clone, cloneOnly, autoAbort, enableEndDate, repeatTask, runOSScriptsAsUser for schedules as false, even though they were true.

  Additionally, useOSScript and useOSScript2 are now returned as boolean values.

• FileMaker Admin API returned empty or incomplete schedule information in the response for the list schedules, get, create, edit, duplicate, and delete schedule endpoints.

FileMaker Data API

• Windows and macOS: The fmwipd FileMaker Server process closed abruptly when stopping the FileMaker Data API process if there were active Data API client connections.

• FileMaker Data API usage statistics inconsistently displayed as "x TB of y GB" instead of in the same file size units.

• FileMaker Data API incorrectly returned HTTP status code 500 when find record requests returned FileMaker error 401 "No records match the request". FileMaker Data API now returns HTTP status code 200 with empty result set in the response instead.

FileMaker developer tool

• The command "FMDeveloper --clone <filename> -t <filenameout>" failed to retain the .fmp12 file extension if <filenameout> had no extension.

• The "FMDeveloperTool --RemoveAdminAccess" command failed to hide visible script calculation values.

FileMaker Server tools

• The fms_Docker_Install.sh tool did not install the required net-tools package.

FileMaker WebDirect

• Ubuntu: In FileMaker WebDirect, individual records failed to load when total container data on the record exceeded 515 MB of TIFF formatted images.

• Layouts froze and the blue loading circle appeared intermittently.

• Keys were incorrectly and continuously repeated during field data entry.

• Entered text disappeared after being typed before record commit.

• Changes did not revert after editing data in a summary field.

• FileMaker WebDirect: The FileMaker Web Publishing Engine stopped responding when a client session timed out.

• FileMaker WebDirect: Setting the file to hide all toolbars made it impossible to close a New Window if the window type was a card and the New Window was created during the opening of the file.

• FileMaker WebDirect: Sending a user to a layout they did not have access to caused the web publishing engine to stop responding.

• FileMaker WebDirect: Scroll bars appeared on layouts when they were not expected while objects auto-resized. To disable the CSS caching that caused this behavior:

  1. Create a plain text JSON file named "wpeConfig.json".

  2. Enter the following text as the contents of the new JSON file:

     { "reuse_css_cache_for_autosized_layout_enabled": false }

  3. Place the file is for following folder:

     • Windows: [FileMaker Server installation folder]\Web Publishing\publishing-engine\

     • macOS/Ubuntu: [FileMaker Server installation folder]/Web Publishing/publishing-engine/

  4. Restart the Web Publishing Engine using the command-line: fmsadmin restart wpe

• FileMaker WebDirect: Rows in List View displayed in incorrect positions or displayed blank areas after multiple consecutive sorts if sorts were preceded by the View as List action.

• FileMaker WebDirect: Popover buttons incorrectly opened behind open card windows when running scripts on the server with show custom dialog.

• FileMaker WebDirect: Committing text in the Mozilla Firefox web browser caused the last character of the text to be dropped.

• FileMaker WebDirect intermittently displayed layout freezing, keyboard key repeats, and disappearing text resulting in data loss.

• FileMaker WebDirect failed to open configured OAuth redirect authentication URLs on FileMaker WebDirect in secondary machines when database filtering was enabled.

Logging

• The wpe.log file was formatted incorrectly.

• The fmdapi.log file headers did not match the record columns. If upgrading FileMaker Server, the previous fmdapi.log file must be deleted or renamed for the correction to take effect.

• The Event.log file did not capture changes to the persistent cache and persistent cache sync settings.

• The FileMaker Server Event.log file incorrectly repeated the message "Restart FileMaker Server for the setting to take effect." even after a restart.

• Logs in Log Viewer or downloaded from "Download All Logs" failed to contain the cwpc, wipd, odata, and xdbc debug logs.

• FileMaker Server incorrectly created AWS SDK logs.

• Enabling or disabling any FileMaker Script Log Option failed to log the event in the Event.log file.

OAuth and OIDC

• macOS: When more than six OAuth providers are set up to sign in to a hosted FileMaker Pro file, buttons for only six providers are displayed in the sign-in dialog.

• The "Sign in with AppleConnect" and "Sign in with ADFS" buttons failed to appear on the FileMaker Admin Console sign in page when the "External Server Accounts for Database Sign In" option was disabled.

• If an OAuth identity provider was configured and enabled in FileMaker Server, and then External Server Accounts was disabled, FileMaker Go would show no login fields instead of standard login fields.

• Custom OAuth authentication failed when group value is a string format in the payload of the JWT token.

Persistent cache

• When performing recovery on startup using the persistent cache, uncommitted transactions are now reported in the Event.log file.

• Setting the cache size greater than 4096 and enabling persistent cache caused the Database Server process to quit unexpectedly.

• FileMaker Server was slower when persistent cache was enabled.

Install, uninstall, and upgrade

• Ubuntu: Reinstalling FileMaker Server with a new username and password allowed previous configurations using a different set of credentials to be loaded.

• Ubuntu: Installing FileMaker Server disabled the UFW firewall. Now, firewalld is used when UFW is disabled and firewalld is enabled. Otherwise, UFW is used.

• After you entered an upgrade license certificate, you could specify a license key but not a license certificate file from an earlier qualifying version. Now, you can specify whichever one you received with an earlier qualifying version.

Windows

• Scheduled Java garbage collection failed without proper indication when the Java Development Kit could not be found. This occured when OpenJDK was installed manually on the server and the "JavaSoft (Oracle) registry keys" option was not selected.

• Restarting the operating system did not consistently close all FileMaker databases before shutting down FileMaker Server.

• Performance counters for non-English FileMaker Server installations were missing in the Performance Monitor.

macOS

• FileMaker Server intermittently stopped responding while closing files.

Ubuntu

• The Disk Throughput chart was displayed as empty on System Statistics in Admin Console.

• Symbol conflicts caused compiled plugins to quit unexpectedly.

Miscellaneous

• When using an OAuth 2.0 provider to send email, the email wasn't sent, and an error was returned saying the access token couldn't be generated. This happened when FileMaker Pro tried to send email or when FileMaker Server tried to send email notifications.

• Uncommitted data blocked by record locking was not correctly reverted.

• Time displayed in notifications in Admin Console did not necessarily match the host system time zone.

• The timestamp from a downloaded database archive did not necessarily match the host system time zone.

• The maximum number of Custom Web Publishing (CWP) connections could not be set above 200. You can now set the maximum number of Custom Web Publishing connections up to 2000 using the FileMaker Admin API.

• The following weaker SSL ciphers were used and have now been removed:

  • AES128-SHA

  • AES256-SHA

  • ECDHE-RSA-AES128-SHA

  • ECDHE-RSA-AES256-SHA

• The default value provided for the "fmsadmin get serverconfig" command was incorrectly set to 128 instead of 256.

• The Database Server configuration file (dbs_config.xml) became corrupted after the Database Server quit unexpectedly.

• The FileMaker Server script engine process terminated unexpectedly and repeatedly on startup if the additional database folder path was invalid.

• The FileMaker Script Engine stopped responding after executing an SQL query with thousands of UNION calls.

• The Admin Console dashboard memory, network, and Disk IO graphs failed to display usage information.

• Scheduled system scripts displayed the incorrect file path for script files.

• Restricting access to Admin Console from specific IP addresses using Administration tab > Restrict Access > Enable Access Restriction was improperly bypassed using the X-Forwarded-For HTTP header.

• Remote connections to Admin Console intermittently experienced forced sign-outs when FileMaker Server was under heavy load.

• Record locks persisted for disconnected users which caused the following error message to be displayed:

  > "?" is modifying this record. You cannot use this record until "?" is finished.

• PDF files including the Get(PageNumber) calculation failed to increment the page number when the file was produced on the server.

• Incorrect credentials were passed to external data sources when the Perform Script on Server script step was run.

• Forced disconnect while a hosted database was open, then reopening the hosted database incorrectly resulted in the following error: "<database_name> is damaged and cannot be opened. Use the Recover command to recover the file."

• Crash dumps (DMP files) were created and performance was impacted when inserting PDF files using the Insert File script step into small-sized container fields on a layouts.

Addressed issues

• This update provides important security fixes and is recommended for all users.

• A reflected cross-site scripting (XSS) attack was made possible due to returned login errors not being HTML encoded.

New features and enhancements

• To improve performance, the database engine now caches relationships to evaluate dependencies.

• The user login process that checks whether an account is enabled has now been cached to optimize login performance.

• Secure connection tunneling can now be enabled over port 443 instead of port 5003 for FileMaker Pro and FileMaker Server for Linux. HTTPS tunneling can be enabled in the following location:

  • Admin Console: Configuration > FileMaker Clients > HTTPS Tunneling.

  Note:

  • HTTPS tunneling may only be enabled for FileMaker Server for Linux installed on Ubuntu 22.

• OmniOrb has been updated to version 4.3.0.

• FileMaker Server includes optimized memory allocation for relationship changes.

• The Claris FileMaker developer tool (FMDeveloperTool) is a new command-line tool that provides most of the functionalities of Tools > Developer Utilities in FileMaker Pro along with various options for saving an FMP12 file. Functions include:

  • Enabling and removing file encryption

  • Removing admin access

  • Saving a copy (compressed, self-contained) or making a clone

  • Saving a copy as XML

  • Recovering a damaged file

  • Consistency checking a file

  • Enabling Kiosk mode

  FMDeveloperTool is available as a download from Updates and release notes > Developer tools and is included in the FileMaker Server installation in the following default locations:

  • Windows: C:\Program Files\FileMaker\FileMaker Server\Database Server\FMDeveloperTool

  • macOS: /Library/FileMaker Server/Database Server/bin/FMDeveloperTool

  • Linux: /opt/FileMaker/FileMaker Server/Database Server/bin/FMDeveloperTool

Addressed issues

• macOS: The FileMaker Server fmserverd process intermittently quit unexpectedly.

• Windows: Silent installations failed with error 1920 on clean installations.

• Windows: Connecting remotely to Admin Console sometimes resulted in losing connection with a 502 error reported in the browser console for GET adminroleprivileges.

• When using an OAuth 2.0 provider to send email, the email wasn't sent, and an error was returned saying the access token couldn't be generated. This happened when FileMaker Pro tried to send email or when FileMaker Server tried to send email notifications.

• When signed in to Admin Console using an administrator role, FileMaker Server sent websocket packets containing all configured administrator roles and their passwords to front end websites.

• Ubuntu: The FileMaker Server fmserverd process intermittently quit unexpectedly.

• Ubuntu: Saving container data as a PDF caused system memory to be used but not released.

• FileMaker WebDirect: Users could not connect due to a 504 gateway timeout error.

• FileMaker WebDirect: Layout parts intermittently displayed incorrectly when entering Find mode from List View after records were sorted.

• FileMaker WebDirect: In some cases, the CSS for a layout did not completely load, resulting in layout objects not rendering and/or functioning as expected.

• FileMaker Server databases stopped responding or closed unexpectedly when errors appeared in temporary database files.

New features and enhancements

• The FileMaker Admin API and FileMaker Server Admin Console now use the server's local time zone instead of UTC.

Addressed issues

• Incorrect credentials were passed to external data sources when the Perform Script on Server script step was run.

• Multiple FileMaker WebDirect issues were addressed:

  • Layouts froze and the blue loading circle appeared intermittently.

  • Keys were incorrectly and continuously repeated during field data entry.

  • Entered text disappeared after being typed before record commit.

  • Changes did not revert after editing data in a summary field.

Addressed issues

• Attempting to access FileMaker Server Admin Console while Restrict Access was enabled resulted in an unintended connection error.

• Summary fields displayed as empty when they existed on ESS tables and the summary fields were supplemental fields.

• FileMaker script changes were not immediately available to FileMaker Data API clients until the FileMaker Data API session ended.

• Imported administrator role privileges were disabled after importing FileMaker Server 16 settings if the settings were exported after restarting the FileMaker Server 16 service or admin server.

• FileMaker WebDirect: In List View, uncommitted characters in a record failed to commit correctly when the record was scrolled out of view and a commit-triggering action was performed.

• A memory leak in the web publishing engine caused unusually high memory usage and noticeably impacted performance.

• FileMaker WebDirect: Buttons and button bars sometimes failed to revert their hover styles when users moused out from them by scrolling quickly in List View.

• FileMaker WebDirect: Occasional "Communication problem" error occurred in FileMaker WebDirect, accompanied by the message "Invalid JSON from server: 1|X".

• Windows: Performance counters for non-English FileMaker Server installations were missing in the Performance Monitor.

New features and enhancements

Functions

• The ReadQRCode function is now available to use on FileMaker Server on Windows and Ubuntu.

• macOS: The GetLiveText function is now supported in a script run on the server.

Scripts

• The Execute FileMaker Data API script step now supports the dateformats parameter.

• The Docker install script file now supports Ubuntu 22.04 (both amd64 and arm64 architecture versions).

• Scripts run on FileMaker Server now support the Set Error Logging script step.

• The Save as PDF script step is now supported for FileMaker Data API.

• FileMaker Server now creates the scriptEvent.log log file to store script events instead of in the Event.log file. The scriptEvent.log file is visible in Log Viewer and is available as a download in Admin Console. Previous behavior of storing script events in Event.log can be restored using the fmsadmin command line.

Java

• Vaadin has been updated to version 8.18.0. Java has been updated to use version 17.

• Ubuntu: The Java 17 JDK is now installed instead of the JRE to support Java garbage collection.

• In the Admin Console > Connectors > Web Publishing tab under Web Publishing Engine, you can now run the Java garbage collection to free some memory used for web publishing on the Primary Machine. Running garbage collection is also supported as a scheduled script able to be run from both Primary and Secondary machines.

• If a Java version other than Java 17 is installed, you will see a message indicating this and advising to correct it in the following locations:

  • Primary Machine: Admin Console > Connectors > Web Publishing tab under Web Publishing Engine

  • Secondary Machine: Deployment Assistant > Connectors > Web Publishing tab

  If Java is installed in the FileMaker Server > Web Publishing folder you will be prompted to install Java Development Kit 17 (JDK 17) when enabling the Primary Machine's Web Publishing Engine, or when using the "Install JDK" button in the Secondary Machine's Deployment Assistant.

  If Java was installed outside of the FileMaker Server > Web Publishing folder along with the JAVA_HOME variable configured please see the Knowledge Base for further instructions.

Backups

• FileMaker Server Admin Console now provides notifications when consistency checks fail on database backups.

• When the backup is aborted due to an error or by a user, the backup folder is preserved with the prefix "Canceled-" and is limited by the "Number of Backups to Keep" in the backup schedules tab. Reverting to the previous behavior of keeping all backups in "Canceled-" prefixed folders is supported in Admin Console and from the command-line. The following fmsadmin command-line command reverts to the previous behavior:

  fmsadmin set serverprefs KeepCancelledBackups=true

  If canceled backups are retained, the oldest canceled backups are now removed automatically when disk space is low.

OData

• SchemaVersion is now included in the $metadata response. The $schemaversion query option can now be used to determine whether the schema has changed, since a request for a non-current schema version will be rejected.

• OData now supports the PUT/POST/PATCH/DELETE $ref operations and also supports aliases.

xDBC (ODBC / JDBC)

• xDBC connections now use SHA256 instead of MD5 for X509_sign.

• The ODBC drivers now support OpenSSL 3.0.8.

Package updates

• Windows and macOS: OpenSSL has now been updated to version 3.0.8.

• Tomcat has been updated to version 9.0.69.

Preview

• FileMaker Server can now restart automatically after processes quit unexpectedly. This Quick Server Restart reduces the risk of data integrity issues and can be enabled using the fmsadmin command line and FileMaker Admin API.

• Ubuntu: In the Admin Console > Administration > External Authentication tab > Directory Service Settings section, you can now configure Microsoft Active Directory.

General

• Windows: Thumbnails can now be immediately created for PDF files in container fields.

• Windows: The FileMaker Server configuration is now saved when uninstalling, and users can choose to load the previous configuration when prompted during the next installation. A new variable setting, Load Previous Configuration, which preemptively chooses to load the previous configuration, has been added to Assisted Install.txt.

• Ubuntu: In the Admin Console > Connectors > Web Publishing tab, you can now enter a URL for an Nginx load balancer.

• The maximum number of hosted database files per FileMaker Server instance is increased from 125 to 256.

• New client connections are now blocked for databases in the process of being closed.

• In the Admin Console > Notifications pane, email can now be sent using OAuth 2.0 with Microsoft 365 Business or Google Workspace subscriptions. Sending mail with FileMaker WebDirect is also supported using OAuth 2.0.

• FileMaker Server can now be installed on the arm64 architecture version of Ubuntu 22.04, allowing FileMaker Server to be run in Linux VMs and containers on Apple Silicon hardware.

Addressed issues

Installation

• macOS: Empty httpsRoot folders were not removed after an uninstall.

• Windows: The Admin Console desktop shortcut and the sample database were incorrectly removed when performing a repair installation from the Programs and Features control panel.

• The link to the installer log did not appear in the logs folder.

• Installations took longer than expected when a large number of database backup files, remote container files, or hosted files were present from a previous installation.

FileMaker WebDirect

• You were able to enter an inactive FileMaker Account to Sign in with Apple when the Hide My Email option was selected.

• OAuth sign-ins were not possible when accessing a FileMaker WebDirect Custom Homepage and the Filter Databases option was enabled.

• Summary parts would occasionally not display when sorting records and when there were no Body parts on the layout.

• List View objects did not refresh when there were no records in a found set.

• In List View, the Footer part occasionally would not be displayed during the initial layout load if a Navigation part existed.

• A cross site scripting (XSS) vulnerability is resolved.

• Interactive container fields failed to load container data when connecting to FileMaker WebDirect through an Nginx load balancer.

FileMaker Admin API

• Using FileMaker Admin API to run a backup schedule with the cloneOnly option failed to return an error when the backup folder path was set as a customized backup path.

• Users were unable to authenticate using FileMaker Admin API when the FileMaker Server license was expired.

• FileMaker Admin API could not simultaneously disable the first additional database folder path and the second additional database folder path or the first additional remote container folder path and the second additional remote container folder path in the same request.

FileMaker Data API

• Table names were missing from responses to FileMaker Data API layout names requests.

• FileMaker Data API returned the incorrect foundCount and returnedCount values for portals when the initial row setting in the portal was greater than the number of the records in portal.

• FileMaker Data API returned incorrect metadata about layouts with repeating fields.

OData

• Some OData query options returned errors if table names or field names contained Japanese characters.

• OData: Line feeds in fields were not returned as "\n" and caused JSON parsing errors.

Commandline

• When resetting a PIN using the fmsadmin resetpw command, using a PIN number starting with zero incorrectly displayed the following error: "PIN must contain four decimal digits only."

• Using the fmsadmin command to restart a process where the process name is misspelled resulted in the server quitting unexpectedly. For example: fmsadmin restart srrver.

Performance

• Heavily using the Set Session Identifier script step to change session names caused the fmshelper process memory to increase unnecessarily.

• FileMaker Server occasionally stopped responding while under heavy load and performing a backup.

Ubuntu

• The GetContainerAttribute function returned a different date format than expected when performed on the server.

• Some trailing characters in fields were not exported when creating CSV files with FileMaker Server.

• Records failed to import from CSV files containing Shift JIS encoded data.

• Fonts rendered differently in PDF output from FileMaker Server on Ubuntu when compared to output on Windows or macOS.

General

• When a schedule failed, the timestamp for the Last Run value incorrectly reflected the last time the schedule completed successfully instead of the last time the schedule failed.

• Summary field content was missing when hosted file data sources were set from the content of a global variable.

• Serial numbers were incorrectly incremented during a reverted transaction and then serial numbers ceased to increment for normal record creation.

• Script triggers such as OnRecordCommit were not executed when called while a script transaction was running.

• Scheduled FileMaker scripts failed to run when a FileMaker scripts folder and a FileMaker script used the same name.

• Indexes created during transactions failed to include deleted records, even if the transactions were reverted.

• Failed email notification attempts were not logged in the Event.log file.

• Adding a secondary machine to a primary machine using an Administrator Role account incorrectly returned the message "Successfully connected" even though the machines were not connected.