SAP Business One till before version 9 had loopholes which could be exploited in several ways. Some of the most common ways were:
1. Different users could login to the same company (taking advantage of the dual login feature).
2. Different users could login to different companies using the same user code (but different password).
3. In hosted environment, several customers can connect remotely to different companies with the same Business One user and password. The loopholes were left by the hosting provider, who mapped the windows users to SQL DB and gave the same Business One user and password to all his Business One customers.
These practices greatly impacted the Business One License structure. But with the Licensing Improvement in SAP Business One 9.0 PL01 a new enhancement got introduced named as “License Abuse Prevention”. This enhancement replaces “dual login” feature in earlier versions and “logon limitation” in 8.82 version.
As a result of the enhancement, the License manager now verifies the username together with the 3 parameters: workstation IP, windows user and windows session ID. The purpose of this solution is to ensure that one user can only connect to SAP Business One via one single session. Once the user logins via a second session, the first session will be locked. A session can be either a new windows login on the same machine (with the same windows user or a different windows user) or a login from a second station.
A Business One user can login successfully if only all of the 3 parameters are same. It means from one session, one user can login to unlimited number of companies and/or unlimited logins to the same company. However, if any of these parameters are changed when the same user logins, the system will treat it as a second session, then the first session will be locked.
Let’s take a look at an example to understand the Licensing Improvement in SAP Business One 9.0:
A SAP Business One user (let’s call it UserA), when it logins to Business One alone for the first time, the system already records its following parameters:
a. Workstation IP
b. Windows User
c. Windows session ID
Now around this user the followings scenarios will be applicable:
1. UserA opens a new Business One in the same workstation and logins to another company database: It is an existing Business One user name. All of 3 parameters are not changed. Login successful.
2. UserB login to Business One via the sam e workstation either in the same windows session with a different SAP B1 instance or in a different parallel windows session: It is a new Business One user name. Login successful.
3. UserA login to Business One via another workstation with the same Windows user account: It is an existing Business One user name, but parameter a and c are changed. Login successful but the previous session of UserA will be locked.
4. UserA login to Business One via the remote connection to the same workstation with the same Windows user account: It is an existing Business One user name, but parameter c is changed. Login successful but the previous session of UserA will be locked.
So what does it mean by ‘locked’ as mentioned above?
Well, when another session of your logged in user is connected, your current user session will be locked for all the companies, like when pressing File->Lock Screen menu in Business One. A system message will pop up as follows –
Your session has been locked because another session was started using the same user ID. To continue, exit or lock the other session.
There is a small exception to this new feature for the user “manager” which can login via two sessions at the same time. This is for supporting implementation scenario, where usually SAP consultants use “manager” account without interrupting or taking other users’ license.