Protectionand Site License

WORKING PAPERS
G ETTING S TARTED
WITH THE P ROTECTION S YSTEM IN
VERSION 2006
R EGISTERING W ORKING P APERS BY

A DMINISTRATIVE I NSTALL
Before You Start
Copyright and Trademark Notices
Copyright. 2007 CaseWare International Inc. (“CWI”). All Rights Reserved. Use, duplication, or
disclosure by the United States Government is subject to the restrictions set forth in DFARS
252.227-7013 ©(1)(ii) and FAR 52.227-19.Notice to U.S. Government End Users. This publication
and the related computer software was developed exclusively at private expense and for the
purposes of U.S. acquisition regulations the related computer software is “commercial computer
software” subject to limited utilization (“Restricted Rights”).
This publication may only be copied and otherwise used as permitted in the applicable license
agreement and, subject to the express terms of such license, use of this publication is subject to
the following terms and conditions:
All copyright and other proprietary notices must be retained on every copy made.
CWI has not conferred by implication, estoppel or otherwise any license or right under any patent,
trademark or copyright of CWI or of any third party.
This publication is provided “as is” without warranty or condition of any kind, either expressed or
implied, including, but not limited to, the implied warranties of merchantability, fitness for a
particular purpose, or non-infringement.
This and related publications may include technical inaccuracies or typographical errors. Changes
are periodically made to CWI publications and may be incorporated in new editions.
CWI may improve or change its products described in any publication at any time without notice.
CWI assumes no responsibility for and disclaims all liability for any errors or omissions in this
publication or in other documents, which are referred to within or linked to this publication. Some
jurisdictions do not allow the exclusion of implied warranties, so the above exclusion may not
apply to you.
Should you or any viewer of this publication respond with information, feedback, data, questions,
comments, suggestions or the like regarding the content of any CWI publication, any such
response shall be deemed not to be confidential and CWI shall be free to reproduce, use, disclose
and distribute the response to others without limitation. You agree that CWI shall be free to use
any ideas, concepts or techniques contained in your response for any purpose whatsoever
including, but not limited to, developing, manufacturing and marketing products incorporating
such ideas, concepts or techniques.
This publication is distributed internationally and may contain references to CWI products,
programs and services that have not been announced in your country. These references do not
imply that CWI intends to announce such products, programs or services in your country.
Product names, logos, designs, titles, words or phrases within this publication may be trademarks,
service marks, or trade names of CWI or other entities and may be registered in certain
jurisdictions.
Contents
BEFORE YOU START II
SECTION I: WORKING PAPERS PROTECTION SETUP 2006 4
OVERVIEW 4
CENTRAL DATA STORE 5
Personal Data Store only 5
Standalone Shared Data Store 5
Time-integrated Shared Data Store 5
PROTECTION SETUP 5
Deciding whether to use a Shared Data Store 6
Creating the Shared Data Store 6
Setting Administrative Options 10
Connecting other computers to the Shared Data Store 11
Populating the User List 12
USING THE PROTECTION SYSTEM 16
Users and Groups 16
Adding Users 17
Deleting Users 18
Modifying Users 19
Adding a Group 19
Assigning Users to Groups 21
Importing Groups 23
LOGGING IN 25
SECURITY ID (SECURING THE CENTRAL DATA STORE) 27
Disabling the Security ID 27
SECTION II: REGISTERING WORKING PAPERS BY ADMINISTRATIVE INSTALL 29
CREATING THE CWREG.INI FILE 29

AUTOMATICALLY REGISTERING WORKING PAPERS ON MULTIPLE COMPUTERS 31
Section I: The Protection System in version 2006 3

Section I: Working Papers Protection
Setup 2006
In version 2006, the protection system has been improved to take advantage of the
following:
• Log in procedures and authentication in Windows;
• User lists that are now stored in the Central Data Store;
• Integration with CaseWare Time;
• Synchronization of users with the Windows Active Directory.
This document provides a detailed overview of the Working Papers protection system that is
used to control access to client files. In addition to providing an overview of the protection
system, instructions for setting up the system is provided.
When first using Working Papers 2006, protection is not fully configured and a brief setup is
required. We recommend that the setup be done by a network administrator since
an incorrect setup can result in users being prevented from accessing Working Paper files.
The network administrator or someone who is familiar with setting up file access rights and
permissions is responsible for initial protection setup. If not properly configured, it is possible
that some users will be prevented from accessing Working Papers files. The person should
be familiar with:
• Creating and setting up permissions on shared data folders on a network server;
• Active Directory user management;
• Working Papers Users IT requirements.
Overview
Protection is based on users and groups. Users are people who need access to Working
Papers client files. A group is a collection of assigned users (an assigned user is simply a
user who is a member of one or more groups) who have certain rights to perform actions in
a Working Papers file. For example, the users in a specific group may have the rights to add
adjusting entries and perform consolidations but not to assign map numbers to accounts.
The list of users available is stored in the Central Data Store which serves as a central
database of information used by Working Papers. Currently this database contains
information about recently accessed Working Paper files (used by Tracker) and the list of
available users (used by the protection system). The Central Data Store on several
computers may be configured to use a shared data store which allows several computers to
use a common Central Data Store database. Thus, if a shared data store is used, all people
connected to the same shared data store have access to a common set of users.
Another feature of Working Papers protection is Windows Active Directory integration. The
Windows Active Directory system allows Working Papers to access the list of users
connected to a Windows domain.
Working Papers integrates with the Windows Active Directory in two ways:

• It allows for importing of Windows users lists. For example, a user ‘Mary.Smith’ on a
Windows Active Directory server may be imported into the Central Data Store. That user
name may then be used to log in to Working Papers files.
• It allows for automated verification/logging in of such users. This feature is referred to as

authentication.
Finally, a Central Data Store can be configured so that it is used not only by Working Papers
but also by CaseWare Time. When this configuration is used, the list of users stored in the
Central Data Store is common to both Working Papers and Time.
Central Data Store

The list of users is contained in the Central Data Store. The Central Data Store may be set
up in one of three configurations:
• Personal Data Store
• Standalone Shared Data Store
• Time-integrated Shared Data Store
Personal Data Store only

When using only a Personal Data Store, the data in the Central Data Store is contained in
private storage accessible only to a single user on a computer. That is, the data is not
shared between multiple users. If only a Personal Data Store is chosen, some features, such
as Windows Active Directory integration, are not available.
Each person using Working Papers has a Personal Data Store located on his/her computer.
The store is automatically created the first time that Working Papers is launched.
Important: Since the storage is private, there is no way to share user lists between
computers if only this configuration is used.
Standalone Shared Data Store

The data in the Central Data Store is contained in public storage accessible by all users who
connect to the common store.
A shared data store must be used if computers wish to share a common user list.
Time-integrated Shared Data Store

A Time-integrated shared data store acts the same way as a Standalone shared data store.
However, for a Time-integrated store, the users are stored in the em database of a Time
client file. In this way, Time and Working Papers have access to the same user list.
Protection Setup
To use the protection system, a brief setup is required. The following list summarizes the
steps to follow to set up the protection system. Each step is explained in detail later.
1. Decide whether to use a shared data store.

2. Create the shared data store. When creating a shared data store, an optional security ID
may be specified.
3. After creating a shared data store, certain Administrative options may be set. At this time
you will have to decide whether to use Windows Active Directory features.
4. Once the shared data store is created, all computers wishing to use that store must first
be connected to it.
5. The list of users who need to access Working Papers files must be populated.
6. Proceed to use the protection system.
Deciding whether to use a Shared Data Store

You may want to use a shared data store if one or more of the following hold true:
• You want the protection system on all computers in your firm to have access to a
common list of users.
• You want Tracker on all computers in your firm to have access to a common list of
accessed client files.
• You wish the Central Data Store to be integrated with CaseWare Time 2006. A Time-
integrated store allows the same list of users to be accessed by both Working Papers and
Time. A Time-integrated Store can only be created if a shared data store is being used.
• You wish to use the Active Directory features to populate the user list and to enable
Windows authentication. The Active Directory features are only available if a shared data
store is being used.
• You wish to use the security ID feature. The security ID feature is available only for
shared data stores.
If you do not wish to use a shared data store, you can import users from the legacy user
lists (see the Importing Users from Legacy User Lists section) and proceed to use the
protection system.
Creating the Shared Data Store

You can create a standalone store or you can crate a Time-integrated store. See the Central
Data Store section earlier in this document for additional details.
Note the following:
• If you are creating a Time-integrated store, Time 2006 must be installed and a previously
created Time data file must exist.
• Before creating a shared data store, ensure that each person who will be attached to the
shared data store has read, write, and delete permissions for the directory and server.
• Record the location of the newly created store. This location will be required later to
connect other computers to this shared data store.
• If a security ID is specified, the security ID must be recorded. The same security ID will
be needed if the Central Data Store needs to be re-created for some reason. A full
explanation of the security ID is explained later in this document; see the Security ID
section.

To create a shared data store:
1 Start Working Papers but do not open a client file. You cannot disconnect from or
connect to a new shared data store while in the client file.
2 Select Tools | Options. The Options dialog opens.
3 Click the Central Data Store option on the left pane of the dialog. The Central Data Store
page opens.
4 Click the Shared data store located at button. The Choose Shared Data Store dialog
automatically opens if there is no existing shared data store. If a shared data store
exists, click the Browse button to open the Choose Shared Data Store dialog.

5 Click the New Store… button.
6 The Data Store Wizard opens. Decide whether to use a Standalone (non Time-integrated)
or a Time-integrated store. A Time-integrated store allows Working Papers to access the
same user list that is used by Time.
7 Click Next and do one of the following:
If you are creating a standalone tore, specify where to create the shared data store.
Either a drive mapped location (i.e., Y:\store) or a UNC (i.e., \\sharedserver\store) may
be used. It is important that all users who need to attach to the store have full rights

(read/write/delete) to the network location.
If you are creating a Time-integrated store, specify the location of an existing Time file.
Important: Record the location of the newly created store. This location will be required
later for other computers connecting to this shared store.
8 Click Next. The Choose Security Id page opens.
You can enter a security ID to add a second level of protection on Working Papers client
files. The security ID is optional. The security ID ensures that only administrators

contained in the firm’s shared data store be granted full rights to the client files. If a
security ID is not specified, any administrator in any Central Data Store is granted full
rights to the client files.
Important: If specified, record the security ID. The same security ID will be needed if
the Central Data Store needs to be re-created for any reason.
9 Click Finish to create the store. The storeinfo.cws file is created in the Store
folder.
Standalone Store
Time-integrated Store
Setting Administrative Options

Once the shared data store is created, certain administrative options may be specified.
These options can be set only by users who are administrators. Administrators have the right
to open and have full access to any Working Papers file. In addition, administrators have the
right to set certain configuration information such as the Windows Active Directory.
Unlike previous versions of Working Papers, it is now possible to have more than one
administrator. When the user list in the Central Data Store is first created, one administrator
with the user name SUP and password sup (note lowercase on the password) is created.
This SUP user can be used to perform initial protection setup and to create other
administrator users. Only an administrator can create or remove administrators.

Important: User names in Working Papers are case insensitive while passwords are case
sensitive.
To set administrative options:

1 Click the Administrator Options button on the Central Data Store page. If the page is
not already opened, select Tools | Options | Central Data Store.
If the currently logged in user is not an administrator, the Log in as Administrator dialog
opens requesting a user name and password of an administrator. In that case, enter the
data and click OK.
The Administrator Options dialog opens.
Security ID Specify the security Id if not previously set. If previously set, it will be displayed for
informational purposes only but may not be modified.
Require log in for Tracker If this is selected, users must log in to Tracker when it is opened.
Enable Active Directory Check this feature if:
Integration
• You want users to log in to Working Papers client files using the same ID that
they use when logging in to their computer.
• You wish to populate the list of users maintained by Working Papers with the
same list of users maintained by Windows.
If Enable Active Directory Integration is selected, Working Papers will attempt to
log in the current Windows user when opening a client file. For example, suppose
the current Windows user is john.smith. Further, suppose Working Papers user
john.smith is a member of a group in a Working Papers client file. If john.smith
attempts to log in to that file, he will automatically be granted access (without
being required to manually log in again) to the file as his credentials had already
been checked by Windows; that is, he had previously been authenticated by
Windows. A full explanation of the logging in process (with and without Windows
Active Directory integration) is explained later (see the Logging In section).
Connecting other computers to the Shared Data Store

At this point the shared data store has been created. All computers that require access to
the shared data store must now be connected to the store. For all computers requiring
access to the shared data store:

1 Start Working Papers without opening a client file.
page opens.
3 Click the Shared data store located at: option. The Choose Shared Data Store dialog
automatically opens if there is no existing shared data store. If a shared data store
exists, click the Browse button to open the Choose Shared Data Store dialog.
4 Locate the file storeinfo.cws that was created during the Creating the Shared Data
Store step. This file will be in the same location as indicated on the final page of the Data
Store Creation wizard.
Populating the User List

When the Central Data Store is first created, it contains exactly one user, administrator SUP
with password sup (note lowercase on the password). Subsequent users can be imported in
one of two ways:
• Active Directory import
• legacy import from previous versions of Working Papers
Note the following:
• In general, a firm will do either an Active Directory import or a legacy user list import,
not both.
• It is not necessary to import a user list: users may instead be added manually as
described in the Using the Protection System section.
Active Directory Import

The Active Directory Import allows users contained in the Windows Active Directory to be
imported into the Working Papers user list. In addition to the user name and extra
information such as the user’s last name will be brought in.
Using the Active Directory, you can use the same user list for logging in to Working Papers
that is used to log in to Windows and your company network. This means a user can have
one ID and password that logs him or her in to your firm's network and automatically
authenticates the user when he or she logs in to Working Papers.
Note the following:
• The Active Directory Import is only available if a shared data store is being used and if
Active Directory Integration is turned on in the Administrator options dialog (Tools |
Options | Central Data Store | Administrator Options).
• The import can only be done from the default Active Directory server. It is possible to
import from several Active Directory servers. However, the import for each server must
be done from a computer which connects to that server by default.
• If a Time-integrated shared data store is being used, users are imported as non-
Timekeepers for Time. If a user is to be designated as Timekeeper, the user must be
explicitly set as such in the Staff dialog in Time.

To import users from the Active Directory:
1 Start Working Papers but do not open a client file. You cannot disconnect from or
connect to a new shared data store while in the client file.
page opens.
4 Click the Administrator Options button. If the currently logged in user is not an
administrator, the Log in as Administrator dialog opens requesting the user name and
password of an administrator. In that case, enter the data and click OK. The
Administrator Options dialog opens.
5 Ensure the Enable Active Directory Integration check box is selected.
6 Click the Synchronize With Active Directory button. The Active Directory Integration
dialog opens.
7 To specify a default password for imported users, type a password in the Default
Password for New Users box. If a default password is not specified, all imported users
are imported with a blank password. In this case, it’s a good idea to force the user to
change the password when the user logs in; see the following step.
8 To ensure the user changes the password when the user logs in for the first time, select
the Require user to change this password check box. The Require user to change
this password check box is available regardless of whether a default password is
specified or left blank.
9 Select the Synchronize check box beside the Windows users who are to be imported as
Working Papers users. Users who had previously been imported will automatically be

selected for re-synchronization. This allows Working Papers to update the information for
its users (synchronize the information) with the information stored in the Active
Directory.
Important: If the Synchronize check box is cleared for a user that had previously
been imported from the Active Directory (that is, the user exists in the Active Directory
user list and Working Paper’s user list), the user is removed from the Working Paper’s
user list but remains in the Windows Active Directory.
10 To import the user as active, select the Active check box beside the user. If the check
box is cleared, the user is imported as inactive. Only active users can be assigned to
groups.
Importing Users from Legacy User Lists

Instead of using Active Directory, some firms may wish to continue using the user list they
used with previous versions of Working Papers.
In older versions of Working Papers (2005 and previous), the user list was stored in the file
em.dbf that was stored in the program folder of Working Papers.
The legacy user list import can only be performed while a client file is open.
Important: The legacy user list import is not available when using a Time-integrated store.
To import users from legacy user lists:

1 Open a Working Papers file.
2 Turn on protection by selecting Tools | Protection | Turn Protection On. The Login
dialog opens.
3 In User Name, type SUP and in Password, type sup (note lowercase on the password).
4 Click OK. A message opens asking if you are sure you want to turn protection on.
5 Click Yes if you are sure. If you are not sure, click No to cancel turning on protection; in
this case you cannot continue to import users.

6 Once protection is turned on, select Tools | Protection | Protection Setup. The Users
and Groups dialog opens.
7 Click the drop-down arrow beside Add and select From File.
8 Locate the legacy em.dbf database. The Import Users dialog opens.
9 To import a user, select the Synchronize check box beside that user. Note the
following:
• When the dialog opens, the check box is automatically selected for any user not already
in the Central Data Store.
• Even if a user is already in the Central Data Store, it is still possible to import that user.
However a warning message will appear indicating that the existing user’s information
will be overwritten with the information stored in the import database.
• Passwords imported from the em.dbf will be converted to lowercase.
10 Click OK.

Using the Protection System
Once the initial setup has been completed, the protection system is ready to be used in
Working Papers client files.
It is possible to have multiple users with administrative rights, simplifying management of
administrative processes. When first installed, Working Papers will contain one administrator
SUP, with password sup (note lowercase on the password). This user serves as a starting
point for protection setup. Using the SUP administrator, administrators can be added. Upon
adding other administrators, the SUP administrator can then be removed. At a minimum,
the default password for SUP should be changed for security reasons.
To turn on the protection system for a client file:

1 Open the Working Papers file.
2 Select Tools | Protection | Turn Protection On. The Log In dialog opens.
3 Type your administrator user name and password. Initially you can use SUP as the user
name and sup (note lowercase) as the password.
4 Click OK. A message opens asking if you are sure you want to turn protection on.
5 Click Yes if you are sure. If you are not sure, click No to cancel turning on protection; in
this case you can not use protection.
Users and Groups

A user is someone who can be assigned to a group in a Working Paper client file. Once
assigned to a file, the user then may perform actions (such as, entering adjusting journal
entries) on the file. The types of actions the user may perform depend on the properties of
the group(s) to which the user has been assigned.
A group is a collection of users who have the rights to perform certain actions in a Working
Papers file.
Once protection is turned on, a client file is ready for user and group setup.

With protection on in the client file, select Tools | Protection | Protection Setup. The
Users and Groups dialog opens.
The left pane of the dialog contains information about users stored in the Central Data
Store. The right pane contains information about groups.
In the above setup, there are seven users (in the Central Data Store). There is one group,
REV to which three users are assigned.
Adding Users
Users are stored in the Central Data Store. It is preferable that if a shared data store is being
used, changes to the user list be done while the shared data store is available.
1 Select Tools | Protection | Protection Setup. The Users and Groups dialog opens.
2 Click the Add button.
3 Enter information about the new user:
User Name Type the user name to be used for log in purposes.
• No other user may have the same user name as the name uniquely identifies a
user.
• User names are not case sensitive. That is, john.smith is considered to be the
same user as JOHN.SMITH.
Identifier Type an abbreviated identifier for the user.

• The identifier is used as the default role completion initials for automatic
documents.
• Identifiers are always converted to uppercase in Working Papers.
• If a Time-integrated shared data store is being used, the identifier must be
unique between users.

• For Time-integrated shared data stores, the identifier is limited to four
characters. For non Time-integrated shared data stores, the limit is 8 characters.
Administrator Select this option if the user is to be given administrator rights.

An administrator is allowed to:
• Log in to any Working Papers file with full access to the file.
• Turn protection on and off for any client file.
• Control advanced features such as Windows Active Directory integration.
The administrator option may only be set if the currently logged in user is an
administrator. That is, only an administrator may grant or revoke administrative
rights. The administrator option may not be removed if the user in question is the
last administrator remaining in the user list.
Type Enter the status of the user.

A user may either be active or inactive. Only active users can be assigned to
groups.
Position Enter a general purpose property position for the user. It can be used for purposes
such as identifying partners, managers, juniors, etc. The position is specified by
selecting the correct value from the drop-down box or by adding a new position by
selecting the Create new item in the drop-down box.
• If a position is added, it must have a unique name.
• Positions may also be created clicking the Setup button in the Users and Groups
dialog.
• If the shared data store is Time-integrated, this control is disabled in Working
Papers and the position must be set in Time.
Password A password should be entered for the user.

Unlike previous versions of Working Papers, passwords are now case sensitive.
Deleting Users
You can delete users, but note the following:
• The currently logged in user can not be deleted.
• There must always be at least one user with administrator privileges. That is, a user can
not be deleted if it is the last active administrator in the file.
• For Time-integrated files, active and inactive Time Keepers can not be deleted. They
must be deleted within Time.
• For Time-integrated files, user SUP can not be deleted.
• A user can be deleted only if the user has not been assigned to any groups.
To delete a user:
In the Users and Groups dialog (Tools | Protection | Protection Setup), do one of the
following:
• Select the user and click the Delete button.
• Right-click the user name and select Delete from the context menu.

Modifying Users
The properties of a user can be modified, but note the following:
• The user name of an existing user can not be modified.
• If a Time-integrated shared data store is being used, the identifier cannot be changed.
• The Administrator check box can only be modified if the currently logged in user is an
administrator.
• The Administrator check box can be cleared only if there is another active administrator
in the user list.
• An administrator can not be set to inactive unless there is another active Administrator in
the user list.
• The following properties of users that were imported from a Windows Active Directory
cannot be modified: Pre-Name, First Name, Last Name, Position and Designation. This is
enforced so that the Working Papers user list and Windows Active Directory’s list remain
synchronized.
To modify user properties:

In the Users and Groups dialog (Tools | Protection | Protection Setup), do one of the
following:
• Select the user and click the Properties button.
• Right-click the user name and select Properties from the context menu.
Adding a Group
Add groups using the following procedure:
1 In the Users and Groups dialog (Tools | Protection | Protection Setup), click the Add
button on the right side of the Users and Groups dialog. The Group Setup dialog opens.

2 In the Group tab, enter a group name and description. Important: The group name
must be unique for the client file.
3 In the Rights tab, grant the rights for users in the group. For example in the following
setup, the user has the right to Modify Engagement Properties (that is,
Name/contact information for the client file) but not to perform a Lockdown.
Important: Group information is stored with the Working Papers client file, not in the
Central Data Store. This means that the rights that a user has changes from client file to
client file, depending on which group(s) the user has been assigned to in a particular
client file and what the rights settings are for those group(s). The only exception to this
rule is for users who are administrators. Administrators always have full rights to every
client file.

3 In the CaseView Rights tab, select the CaseView access level for the user.
4 Click OK.
The Members tab is described in the next section, Assigning Users to Groups.
Assigning Users to Groups

A (non-administrator) user receives the rights to work on a client file by being assigned to
one or more groups. There are three ways to assign a user to a group:
• Dragging and dropping the user to the group in the Users and Groups dialog.
• Selecting the group in the Member of tab of the User Properties dialog.
• Selecting the user in the Members tab of the Group Profile dialog.
Assigning Users using the Dragging and Drop Method

In the Users and Groups dialog (select Tools | Protection | Protection Setup), you can
assign a user to a group or unassign a user from a group by dragging and dropping the user
to or from a group or by using the arrow buttons between the Users list and the Available
Groups list.
Assigning Users from the User Properties dialog

You can select the group in the Member of tab of the User Properties dialog.
1 In the Users and Groups dialog (Tools | Protection | Protection Setup), select the
user and click the Properties button in the Users pane. The User Properties dialog
opens.

2 Click the Member Of tab.
3 Select the groups you wish the user to be a member of.
4 Click OK.
Assigning Users from the Group Profile dialog

You can select the group in the Members tab of the Group Profile dialog.
1 In the Users and Groups dialog (Tools | Protection | Protection Setup), select the
group and click the Properties button in the Available Groups pane. The Group Profile
dialog opens.

2 Click the Members tab.
3 Select the users to be included in the group.
4 Click OK.
Importing Groups
As mentioned earlier, group information is stored with a Working Papers file. The group
information stored in one Working Papers file is not shared with other Working Papers files.
If the same group setup that exists in one Working Papers file is needed in another file, the
group setup from the first file can be imported into the second.
To import group(s):
1 Select Tools | Protection | Protection Setup. The Users and Groups dialog opens.

2 Click the drop-down button beside the Add button and select From Client File. The
Import Groups dialog opens.
3 In Source File Path, specify the path to the Working Papers file from which you wish to
import groups.
4 Select the groups you wish to import.
5 Click OK.

Logging In
Once users and groups have been set up, a file is now secured. Whenever a user attempts
to open a client file, a logging in process will occur. The following chart lists the log in
process. Steps 3-6 are Windows Active Directory features which are skipped if Windows
Active Directory integration is not enabled.
1 File Opened
• The same process occurs for turning on protection/changing users.
2 Is file protected (is protection on)?.
• Yes. Go to next step.
• No. Use identity system. Go to step 11.
Directory
Windows Active
3 Is Windows Active Directory integration on?

• No, skip Windows Active Directory authentication. Go to step 7.
4 Get current logged in Windows user (john.smith for example).
5 Is john.smith an administrator?
• Yes. Go to step 11.
• No. Go to next step.
6 Is john.smith in a group?
Log In Dialog
7 Log in dialog. Get user name and password.
8 Is user an administrator?
Working Papers can verify that a user is an administrator only if the user exists in the
user list (Central Data Store). If an administrator is assigned to a group in a client file
and the user is subsequently deleted from the user list, the user in the client file will no
longer be recognized as an administrator and must log in as a regular user.
9 Is the user in a group in the client file?
• No. Go to step 7.

10 Is the password correct?
• No. Go to step 7.
For administrators, the passwords are always read from the user list (Central Data
Store). If the security ID for the shared data store is set, further verification takes
place. See the Security ID section.
For non-administrators, the password for the user comes from the user list (Central
Data Store) if the user exists in the store. If the user does not exist, Working Papers
will use the copy of the password for the user which is stored in the client file.
Success
11 Log in successful. Open the file and allow access according to the user’s rights.
12 Is the user required to change his password as specified in the Active Directory import?
• Yes. Bring up change password dialog.
This step only occurs if the shared data store is currently online. If it is not online,
Working Papers will wait to prompt the user for a new password the next time the
shared data store becomes available.
Windows Active Directory authentication is never performed if the shared data store of the
Central Data Store is not online.
If the automatically logged in Windows user is not the desired user, the user may be
changed by selecting the Tools | Change User item from the main Working Papers menu.

Security ID (Securing the Central Data Store)
As discussed in the previous section, administrators are allowed full access to any client file.
The list of administrators is contained in the Central Data Store, not individual client files.
This could be of concern if a client file is sent outside a firm because any user who is an
administrator as denoted in his/her Central Data Store will have full rights to the file.
For example, if a client file is sent outside the firm to John.Smith who is an administrator in
his firm, John.Smith will have full rights to the client file.
To solve this problem, Working Papers uses a security ID. With this system, the first time a
client file is accessed, the security ID of the Central Data Store is written into the client file.
This ID provides a link between a Working Papers client file and the Central Data Store and
ensures that only administrators connected to the proper Central Data Store be granted full
access to a particular file.
The security ID works in the following way:
Suppose the security ID of the Central Data Store at Firm A is secretid1. The first time a
client file is opened in Working Papers, this ID (secretid1) is written into the client file. This
provides a link between the client file and the Central Data Store that was being used when
the client file was first accessed within the firm.
Now suppose the client file is sent to Firm B. The firm will have a different Central Data
Store which will have a different security ID, say pass342. When the client file is opened in
Firm B, Working Papers detects that the security ID of the Central Data Store does not
match the ID contained in the client file. That is, Working Papers detects that the client file
is being opened outside the firm.
In this case, the user in Firm B is not allowed to log in to the client file as an administrator;
but, only as a regular user assigned to a group contained in the client file.
Note: It is recommended a guest user be created for files being sent outside the firm.
Disabling the Security ID

A file can be configured so that the security ID for it is not verified. From time to time, it
may be desirable to disable a security ID for a particular client file. For example, a large firm
with several offices may have several Central Data Stores with different security IDs. Since
the stores have different IDs, client files that were created in one office can’t be opened in
another office by an administrator.
Only administrators can disable the security ID for the file.
To disable the security ID:

1 in the client file, select Tools | Protection | Protection Setup. The Users and Groups
dialog opens.
2 Click the Setup button. The Setup dialog opens.

3 Click the Administrator tab.
4 Select the Allow administrators connected to a different Central Data Store to

log onto this file check box if you want users connecting to foreign Central Data Stores
to be allowed to access the file as an administrator.
5 Click OK.
If a user who is connected to a foreign Central Data Store opens this file as an
administrator, this option is cleared automatically and the security ID of the new store is
written into the client file; that is, the client file becomes associated to the foreign Central
Data Store.

Section II: Registering Working Papers
by Administrative Install
In order to use Working Papers, it must be registered on each user’s computer. To simplify
the registration process, you, as an administrator, can perform an administrative install. This
allows you to install and electronically register Working Papers automatically on multiple
computers.
Before you can perform an administrative install, you must obtain the authorization code for
multiple computers. The number of licenses requested at the time of purchase is
incorporated in the authorization code by the CaseWare sales department. The authorization
code is provided to each customer either by email, on the invoice, or on a label affixed to
the Working Papers CD.
You can set the electronic registration to occur at the time an end user opens Working
Papers for the first time or you can enter a command line parameter on each computer to
automatically install and register Working Papers. Follow this process when performing an
administrative install.
• Create the cwreg.ini file and save it in the preferred location.
• Install Working Papers by launching the executable or running the command line
parameter.
• Open Working Papers and complete the registration.

If the automatic registration fails for any reason, for example the end users may not be
connected to the internet, then provide the end users with the authorization code and they
can proceed with a manual registration. See Registering your software in the Working
Papers online help for details.
Once the registration is successful, the licenses are tracked by CaseWare license server by
authorization codes and locking codes if the computer information was transmitted to
CaseWare.
Important: You cannot electronically register licenses on a Citrix Terminal Server.
Creating the cwreg.ini File

The first step in registering Working Papers on multiple computers is to create the
registration file. This consists of creating an .ini file and then saving the .ini file to a specific
location.
The .ini file contains the registration data to place in the registry.
When Working Papers is installed, the setup looks for this file and uses it for automatic
registration.
Section II: Registering Working Papers by Administrative Install 29

To set up the cwreg.ini file:
1. Create a file named cwreg.ini using the keys and values provided in the following table.
Key Value description
[Settings] Type [Settings] as the first entry in the cwreg.ini
file.
AuthorizationCode= Enter the authorization code sent by the CaseWare sales
department for the registration of Working Papers on
multiple computers.
AutoRegister= Enter one of the following values:
0 No
1 Yes
If 1 is selected, the registry setting is changed to 0 after
Working Papers is registered. This prevents the
registration from occurring every time Working Papers is
opened.
SilentRegister= Enter one of the following values:
0 Default
1 if AutoRegister
DoNotSendName= Enter one of the following values:
0 Default
1 if AutoRegister
For example:
Save the cwreg.ini file in one of the following two places:
• If you have access to the setup files, place the cwreg.ini file in the same folder as
the Working Papers’ setup.exe file.
• If you don’t have access to the setup files, you can place the file in any folder that you
wish. In this case, you must run a command line parameter to install and register
Working Papers.
Now that the cwreg.ini file is created and saved to the appropriate folder, you can install
Working Papers and then automatically register it electronically.

Automatically Registering Working Papers on Multiple
Computers
Once you’ve created the cwreg.ini file, you can automatically register Working Papers
electronically on multiple computers.
Depending on where the cwreg.ini file is located, you can either launch the setup.exe
file or you can run a command line parameter to launch the setup.exe and then
automatically register Working Papers electronically.
Note: Even if the cwreg.ini file is in the same folder as the setup.exe file for Working
Papers, you can place the cwreg.ini file elsewhere and run a command line parameter to
install and register the program. The command line parameter always takes precedence over
the file in the same folder as the Working Papers’ setup.exe file.
To register Working Papers automatically:

1 Do one of the following on each user’s computer:
• If the cwreg.ini file is in the same folder as the Working Papers’ setup.exe file,
double click setup.exe. The Working Papers Installation wizard opens.
• If cwreg.ini file is not in the same folder as the Working Papers’ setup.exe file,
run a command line parameter,
i. Select Start | Run. The Run dialog box opens.
ii. In the Open box, type the path where the Working Papers setup.exe file is
located followed by a space and then the command line parameter (/p) and then
the location of the cwreg.ini file. For example:
Z:\WP\Disk1\Setup.exe /p“C:\My Documents”
Note: If the file path has spaces in it, enclose the file path in quotation marks, for
example “C:\My Documents”.
iii. Click OK. The Working Papers Installation wizard opens.
2. Follow the instructions on the Installation wizard. When the setup is complete, click Finish
on the Installation wizard.
3. Open Working Papers. The Authorization page of the Registration wizard opens.

4. As part of the registration, the computer name is transmitted to CaseWare in order to track
the authorization codes and locking codes. This information is used by technical support to
diagnose installation and licensing issues. If you do not want this information transmitted,
select the Check here if you do not wish your Computer Name to be sent check box.
5. Click Continue. If the Check here if you do not wish your Computer Name to be
sent check box was selected, a message opens asking if you are sure you do not want the
information transmitted.
6. Do one of the following:
• To continue with the installation without sending the computer name to CaseWare,
select Yes.
• To change your selection and send the computer name to CaseWare, select No to close
the message and clear the Check here if you do not wish your Computer Name
to be sent check box. You can then click Continue to proceed with the registration.
7. The following page of the Registration wizard opens identifying that automatic registration
was successful.

8. Click Done to close the Registration wizard.
Important: If the automatic registration fails for any reason, for example the end users
may not be connected to the internet, then provide the end users with the authorization
code and they can proceed with a manual registration. See Registering your software in
the Working Papers online help for details.

Protectionand Site License

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Protectionand Site License

Uploaded by

Copyright:

Available Formats

WORKING PAPERS

R EGISTERING W ORKING P APERS BY

SECTION I: WORKING PAPERS PROTECTION SETUP 2006 4

SECTION II: REGISTERING WORKING PAPERS BY ADMINISTRATIVE INSTALL 29

CREATING THE CWREG.INI FILE 29

Section I: The Protection System in version 2006 3

• Log in procedures and authentication in Windows;

• Integration with CaseWare Time;

• Synchronization of users with the Windows Active Directory.

• Creating and setting up permissions on shared data folders on a network server;

• Active Directory user management;

• Working Papers Users IT requirements.

Section I: The Protection System in version 2006 4

• It allows for automated verification/logging in of such users. This feature is referred to as

Central Data Store

• Personal Data Store

• Standalone Shared Data Store

• Time-integrated Shared Data Store

Personal Data Store only

Standalone Shared Data Store

Time-integrated Shared Data Store

Section I: The Protection System in version 2006 5

Deciding whether to use a Shared Data Store

Creating the Shared Data Store

Section I: The Protection System in version 2006 6

Section I: The Protection System in version 2006 7

7 Click Next and do one of the following:

Section I: The Protection System in version 2006 8

8 Click Next. The Choose Security Id page opens.

Section I: The Protection System in version 2006 9

Setting Administrative Options

Section I: The Protection System in version 2006 10

To set administrative options:

Connecting other computers to the Shared Data Store

Section I: The Protection System in version 2006 11

2 Select Tools | Options. The Options dialog opens.

Populating the User List

• Active Directory import

• legacy import from previous versions of Working Papers

Note the following:

Active Directory Import

Section I: The Protection System in version 2006 12

Section I: The Protection System in version 2006 13

Importing Users from Legacy User Lists

To import users from legacy user lists:

Section I: The Protection System in version 2006 14

• Passwords imported from the em.dbf will be converted to lowercase.

Section I: The Protection System in version 2006 15

To turn on the protection system for a client file:

Users and Groups

Section I: The Protection System in version 2006 16

2 Click the Add button.

3 Enter information about the new user:

Identifier Type an abbreviated identifier for the user.

Section I: The Protection System in version 2006 17

Administrator Select this option if the user is to be given administrator rights.

Type Enter the status of the user.

Password A password should be entered for the user.

• The currently logged in user can not be deleted.

• For Time-integrated files, user SUP can not be deleted.

• Select the user and click the Delete button.

Section I: The Protection System in version 2006 18

• The user name of an existing user can not be modified.