Skip to Content
Product Information
Author's profile photo Maya Shiff

Move On to Single Sign On

Logging on to SAP Business One by entering user name and password? well, you can forget it.  Activate the single sign on to SAP Business One and log on automatically using your Microsoft Windows credentials. Save the time of logging on to SAP Business One, no need to store and remember additional user name and password, and most important – you can apply the security settings of Microsoft Windows to SAP Business One, for example long password.

To activate the single sign on open the System Landscape Directory and in the Security Settings tab select the “Enable Single Sign On” checkbox. In SAP Business One, in the “Users – Setup” window, enter the Microsoft Windows account in the respective field.

Last but not least, open the Choose Company window and select the checkbox “Log on with Current Domain User” for the relevant companies.

The next time you’ll log on to Microsoft Windows, all you need to do for logging on to SAP Business One, is clicking OK in the Log On window.

Available in SAP Business One, version for SAP HANA and SAP Business One.

This tip and all the other tips are available on the Tip of the week community page. You can also visit the Implementation Arena for useful implementation tips.

Assigned Tags

      2 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Brian Watts
      Brian Watts

      Is there a way to login as a technical user when SSO is turned on?

      We have both Active Directory Domain Services and `SAP Business One Authentication Server` IDPs turned on

      I know how to hit the SLD with either type of user, but the SAPB1 Client seems to readily usher me in via AD with no way to login as another kind of user

      Author's profile photo Guy Sujetzki
      Guy Sujetzki

      Hi Brian,

      In case it is a one time configuration, you can de-activate AD services in SLD and sign in with a technical user. Otherwise, it would be tricky as the Login process will always prefer to log-in via kerberos (use windows credentials) authentication in case AD services is activated.

      You can also try to sign in to the windows with a AD user that is not added to SLD, or alternatively delete the AD user from SLD (under "users").

      BTW - Starting FP 2305 you can also use AD integration (SSO) to connect via SL, so there's no need to use a technical user as previously required for SL.
      Hope this helps,

      Best Regards
      Guy