Single Sign-On

Click here for a video demonstration of the Single-Sign On feature.

Overview

Single Sign-On is a feature added to help users of large firms log on to AbacusLaw faster and with more security.

If a user is on a Microsoft Active Directory network, Single Sign-On can be implemented for that user so that AbacusLaw uses the Active Directory information to authenticate the user into AbacusLaw automatically when launched. This helps reduce complexity for large firms with multiple users with multiple passwords and saves time for the users. Also, since Active Directory could be set up to use dual factor authentication, security is increased using Single Sign-On.

Passwords still need to be configured for all AbacusLaw users when using Single Sign-On. Single Sign-On does not replace the need for AbacusLaw passwords - it allows users to launch AbacusLaw without having to enter their Abacus credentials.

When using Single Sign-On, passwords are used in AbacusLaw when trying to switch users or when Single Sign-On is not enabled for certain users. Note that passwords changed in Active Directory are never stored in AbacusLaw; therefore, users must use their original AbacusLaw password if Single Sign-On is not enabled or detected.

Enabling Single Sign-On

To enable Single Sign-On for the firm, the administrator needs to check Enable Single Sign-On on the System Options window (File > Setup > System Options). Once enabled, the administrator can check Disable Local Login so that local logins are not allowed. If local logins are disabled, only users configured for Single Sign-on with the Active Directory will be able to log in. Even users that have passwords in AbacusLaw will not be able to log in unless they are configured for Single Sign-On.

When Single Sign-On is enabled and local logins are allowed, the Accounts with No Password button becomes active. Administrators can click Accounts with No Password for a list of users with blank passwords.

Setting Up Users for Single Sign-On

To set up the users, the Administrator clicks Single Sign-On on the User Manager window (File > Setup > User Manager).

The Single Sign-On Pairing window appears. Here, the Administrator matches Active Directory users with AbacusLaw users. When an AbacusLaw user is paired with an Active Directory user, the user is logged on automatically when AbacusLaw is launched and never sees the Log In window.

To pair users, Administrators can do one of the following:

  • Click Autopair. The system matches Active Directory users to AbacusLaw users automatically based on their email address or name. Matched users move to the Paired Users box.

  • Highlight an Active Directory user, then highlight the matching AbacusLaw user. Click Pair and the users move to the Paired Users box.

To unpair a user, highlight the user in the Paired Users box and click Unpair.