QAD 2017 Enterprise Edition > User Guides > Security Administration > Security Overview > Sign-in Security > Sign In and Security Control
  
Sign In and Security Control
Use Security Control (36.3.24) to define additional security measures related to system sign in.
Note: Single sign-on is not supported in this release of Enterprise Edition. The Single Sign On Enabled check box remains active in Security Control, but you should not select it. If you do select the check box, you will receive Active Directory errors and be prompted for sign-in credentials.
If a user enters an invalid combination of user ID and password, the system may prompt additional times—based on the value of Maximum Access Failures in Security Control. After the specified number of failures, the user is returned to the operating system, the user account is disabled, and system administrators are notified by e-mail. The sending address of the e-mail includes the operating system ID of the user who attempted to access your QAD application. Sign-in Validation from Sign-in Screen illustrates how this process occurs during sign in. Use the User Account Status Report (36.3.23.2) to view the status of system users.
To completely or partially bypass system sign-in security, you can configure the system to allow users to access the system based on operating system user ID. See OS-Based Sign-in Security.
Depending on the setting specified in Security Control, the system maintains historical records of successful and failed sign-in attempts. Use Logon Attempt Report (36.3.23.1) to view sign-in history.
Note: In order for the time zone to be properly recorded during sign in and password change, the server time zone must be specified in Database Control (36.24.1).

Sign-in Validation from Sign-in Screen
Using sign-in security, you can:
Effectively separate QAD application security from the operating system security (unless you choose to control access from the operating system level). The user ID in your QAD application does not have to be the same as the user ID referenced by UNIX or Windows. See OS-Based Sign-in Security.
Provide an extra level of security from unauthorized users. An individual can gain access to an operating system user ID by breaking into the system or stealing a password. Requiring a different user ID and password combination to access QAD applications presents an additional barrier to an unauthorized user.
Track unsuccessful sign-in attempts to identify possible unauthorized efforts to access the system.