Users and Security > Security Overview > OS-Based Log-in Security
  
OS-Based Log-in Security
System administrators can control user access to character and Windows environments directly from the operating-system level using the Enforce OS User ID field in Security Control (36.3.24).
See Setting Up Security Control.
If they do not use application passwords, this feature essentially allows customers using those interfaces to bypass log-in security completely and rely on operating-system security.
Important: Regardless of this setting, QAD Desktop and .NET UI users must enter a valid user ID and password to access the system.
When Enforce OS User ID is Yes, the default user ID displayed in the log-in screen is the same ID used by the operating system, and the user cannot change it.
Note: This must still be a valid user ID defined in User Maintenance (36.3.1).
Subsequent processing depends on whether a password is specified in User Maintenance or User Password Maintenance (36.3.3):
If no password is specified in the user record, log-in proceeds automatically, subject to proper licensing.
If the user record includes a password, the system displays a password prompt.
Important: If you enable this feature and reset user passwords to blank, you should use caution if Enforce OS User ID is ever changed to No. If you do so without reentering passwords in user records, anyone can gain access by entering just a user ID. When you change the field from Yes to No, the system displays a message to warn you of a potential security compromise. In addition, in Windows environments it is not recommended that you reset user passwords to blank. It is relatively easy to create a new user on an existing Windows machine with an ID that matches one in the system.