Q-A8 Does License Broker™ work with mobile PC's (laptops)?

Q-A9 Does License Broker™ support Active Directory?

 
Technical Requirements

Q-B1 What are the database requirements?

Q-B2 What version of Java is required for the License Broker Administration tool?

 
Technical Features

Q-C1 Does License Broker meter all applications run by users OR does it meter only applications registered in License Broker database?

Q-C2 Does License Broker™ detect and enforce licensing on renamed executables?

Q-C3 Does License Broker™ employ wrapper technology?

Q-C4 Does License Broker™ clog the network with traffic?

Q-C5 What are the security implications with the web based License Server?

Q-C6 We have 30 licenses of WORD 2000. Can we use License Broker to limit access to 30 concurrent users?

Q-C7 How does License Broker™ handle abnormal shut down of end-user PCs? Does it cleanup open licenses on behalf of the client?

Q-C8 If a licensed application crashes, does License Broker™ immediately return the license held by the application?

Q-C10 What is the role of Java in License Broker™? Does Java affect the performance?

Q-C11 Can I use License Broker to control access to software applications from Autodesk® and MapCAD®?

Q-C12 Does License Broker™ track both hardware and software installed on a PC?

Q-C13 Is there a Developer Toolkit or API available with License Broker™ to allow application vendors to embed licensing into their applications?

Q-C14 Does License Broker™ spy on end users?

 
Reporting with License Broker™

Q-D1 How do I customize the model I have created in Integrated Auditor™?

Q-D2 How can I print only the main window? I do not want the left navigation frame on my printer output!

 
Evaluating License Broker™

Q-E1 We are a large enterprise with thousands of users. How can we evaluate License Broker™?

 
Installing & Using License Broker™

Q-F1 We use a mix of Windows 95, 98, Me, NT and 2000 at our site. Since License Broker Client SETUP package is different for different OS, it is inconvenient to install License Broker Client enterprise-wide. Is there a single install for all clients? Also is there a way the SETUP can be tracked for success or failure across the enterprise?

Q-F2 How can we meter both older Microsoft Office and new Office XP applications at our site?

Q-F3 I get a message "....has expired! Call ...." in the License Server Administration screen - but I only just installed the License Server!?

Q-F4 Using the License Broker™ Administration tool I have configured E-mail recipients. But the recipients do not receive E-mail alerts on license overrun condition!

Q-F5 Offline usage does not appear to be monitored!

Q-F6 When I attempt Define License Policy from Software Discovery report, the Path field shows one long entry with the executable name and internal name and description, version, vendor all on same line. As a result the application is not metered!

Q-F7 The License Broker™ Administration tool hangs with no display in the center frame of the browser!
OR it hangs with with the message "Loading applet..."
OR it displays a "System Error 500" in the browser center frame against a white background

Q-F8 Sometimes we get a message "No J2RE 1.4 or higher support for Applet!!" in the License Broker Server administration tool

Q-F9 I can ping the License Server machine from the License Client machine. The License Client is installed on the Client machine and License Server is installed on the Server machine. But the License Server does not meter the applications I am running on the client machine!

Q-F10 Web service stops frequently!

Q-F11 Sometimes we get a message "License Server is inaccessible!" from the License Client but the Server and IIS are running?

Q-F12 In the License Server Administration screen we attempt to configure 65 licenses for an application. However, it limits the entry to 50.

Q-F13 We are a thin client shop using NT Server Terminal Server Edition. We installed the License Broker Client for Terminal Server, but we sometimes get an error "User license limit exceeded! Can't run ..." on the end-user terminal when attempting to run any licensed application. This happens even when the specific application has free licenses available.

Q-F14 The .pdf files included in the release are not valid file formats - Adobe Reader cannot open this file.

Q-F15 The client machine hangs when attempting to run any application, and the server INETINFO.EXE process shows nearly 100% CPU utilization.

Q-F16 We are using Windows 2000 Server with Active Directory Domain Controller. License Broker™ group policy does not work.

Q-F17 We upgraded our server from Windows 2000 to Windows 2003. Prior to upgrade we uninstalled License Server and after upgrade we re-installed License Server. Now License Server is not working!

Q-F18 We attempted to delete applications from Software Discovery Report, however the applications persist in the report!

Q-F19 The application serial number for some applications do not get saved in the serial table after entering in the Track Serial#!

Q-F20 We are unable to generate SQL trace from Control Panel ODBC Data source administrator for System DSN=SILICBKR300!!

Q-F21 After installing J2RE Plug-in, previous Java applets from other applications no longer work in the browser!!

Q-F22 License Broker™ Administration url silicadm.htm returns page not found or HTTP 404 error!

Q-F23 How do I migrate to a new Server?

Q-F24 We are using Microsoft SQL Server on one machine and IIS/License Server on another machine. We have defined a System DSN name SILICBKR300. However License Broker™ continues to use embedded database!

Q-F25 We have defined a policy for an executable using network path. However License Broker™ does not enforce the policy!

Q-F26 We are an educational institution and all our desktop PCs receive a ghost image at the beginning of the year. Since all License Broker™ client(s) will be XP clients, can we deploy the client(s) as part of the ghost image?

Q-F27 We know all clients are active, however not all applications appear to be metered! It is rather random, sometimes we see activities in the server admin screen, while at other times the client seems to enter in to the offline metering mode. What could be wrong?

Q-F28 We recently set up an Oracle 9i and configured the ODBC System DSN silicbkr300 to point to this new Oracle 9i database. License Broker is no longer metering applications. It was working before with the default ACCESS mdb database.

 
Installing & Using Integrated Auditor™

Q-G1 Auditor program SIAudit.exe quits without scanning the PC!

Q-G2 Integrated Auditor™ Administration url siaudit.htm returns page not found or HTTP 404 error!

 
Using Component License Broker™

Q-H1 I see Software Discovery report shows many DLLs and OCXs. How do we know what applications are using these components?

Q-H2 I have defined a policy for MSHTML.DLL(EXPLORER.EXE) to restrict access to the web from Windows Explorer. Yet, users are able to surf the web!

Q-H3 Can I use Component License Broker™ to control access to ESRI® ArcGIS® extensions?

 
Solutions

 
Environments Supported

Q-A1. Does License Broker support Windows 7, VISTA, XP and 2000 Professional and Terminal Services on Windows 2000 Server and Windows 2003 Server?

Yes. We have tested License Broker™ Client for Windows NT on Windows 2000 Professional and License Broker™ Client for Terminal Services on Windows 2000 Server, Windows 2003 Server running Terminal Services, Windows XP, Windows 7 and Windows VISTA Editions (Intel 32 bit). Further, we have tested License Broker™ Server on both Windows 2000 Server and Windows 2003 Server.
For further information: refer to Question-C5 and Question-F7 - how enhanced NTFS security under Windows 2000/IIS affects License Broker™ Server.

Q-A2. What is the Service Pack level of NT Server supported by License Broker™?

License Broker™ Server has been tested with NT Server 4.0 SP3, SP4, SP5 and SP6.

Q-A3. Does License Broker™ run on a Novell® network?

Yes. License Broker™ is NOS (Network Operating System) independent. Providing you have a Windows NT Server running Internet Information Server (IIS) in your LAN, you can run License Broker™!

Q-A4. Does License Broker™ support Citrix® MetaFrame™?

Yes. We have tested License Broker™ Client for Terminal Server under Citrix® MetaFrame™ 1.8 on both NT Server 4.0 Terminal Server Edition and Windows 2000 Server (and Advanced Server) with Terminal Services.

Q-A5. We are a UNIX shop, all our servers are UNIX. We are concerned about NT Server and specifically IIS ability to handle load. Does it scale to meet demands of a large enterprise?

License Broker is a metering tool. By nature of the application (i.e. License Clients are installed on every end-user machine to monitor usage), load under the worst case scenario is deterministic - it is directly proportional to the number of employees in your enterprise. Considering each employee runs some 50 applications in a typical day, the load on IIS (and License Server) is easy to determine. Now it is a matter of simulating this load to test both License Server and IIS before rolling into production. We have done extensive testing with IIS 4.0, 5.0 and 6.0 on both uni- and multi-processor Intel machines for the usual symptoms such as memory leak over time and poor performance. Further, License Server is designed to scale - for instance:

It is an ISAPI extension DLL, not a CGI application (and ISAPI extension DLLs by design are cached by IIS);

It keeps a constant database connection to the ODBC database (if you are using an ODBC database instead of embedded database) thus the database connection is not established and torn down for each inbound license request from License Clients

All license policy information is kept in memory with shadow updates to the database for instant validation when license requests come in from clients. Since you only ever actively enforce license policies on some 25-50 applications (the rest are merely tracked, not enforced), it is possible to maintain the policy database as a small foot-print, memory resident and a fast database.

The entire License Server is under 1 MB!

From the above you can see that License Server is designed to accommodate rather heavy load.

For further information: see Question-E1  for information on testing tools included with License Broker to facilitate a more thorough evaluation by enterprises. We have also tested the License Server and IIS independently with a Microsoft testing tool INETLOAD that does not require any License Client to be installed in your site to test the server alone.

Q-A6. Does License Broker™ support multi-processor NT machines?

Currently License Broker™ supports only Intel platforms and it is fully tested on both single and multi-processor machines.

Q-A7. Does License Broker™ work with all Virus software?

Yes! License Broker™ has been tested and works with all Virus software.

Q-A8. Does License Broker™ work with mobile PC's (laptops)?

Yes! You can load the License Broker™ Client software onto your mobile PC's. When the License Server is not accessible, for instance when the mobile PC is not connected to your corporate network, you will still be able to run your applications normally and the License Client will continue to track application launch. Then when reconnected, the License Client will update the License Server.

Q-A9. Does License Broker™ support Active Directory?

Yes! License Broker™ supports both NT 4.0 domain and Windows 2000, 2003 Active Directory. Group policy (ability to control access to an application based on membership in a group) is fully supported in both NT 4.0 domain and Windows 2000, 2003 Active Directory.

 
Technical Requirements

Q-B1. What are the database requirements?

To be scalable from small to large organizations, License Broker™ Server comes with an embedded database for small organizations and interfaces to any ODBC-compliant external DBMS for large Organizations.
The embedded database is a light weight proprietary object-oriented database. It is efficient for organizations not exceeding a few hundred nodes.
During run-time, License Broker™ Server checks for the presence of appropriate database in System Integrators' namespace (specifically an ODBC database with a SystemDSN=SILicBkr300). If found, License Broker logs all usage information to this database. Else, License Broker™ defaults to the embedded database. Note: the external DBMS is only used for run-time recording of all usage information. The more static license policy information is still maintained in the embedded database for reasons of efficiency.
The License Broker™ Server is object-oriented and under this model, each license policy information is an object.  Hence an object-oriented database offers maximum efficiency. Thus license information, such as application name, policy information (concurrent licenses, reserved licenses with authorized user list, reserved licenses with authorized node list, list of users and or nodes specifically excluded from accessing the application etc.) is stored as objects in the embedded database. Further, these objects are small in size and have minimal memory requirements. Further still, a typical site actively enforces license policies on only a relatively small number (say 30-50) of applications (the remaining applications are simply monitored for usage statistics, which are recorded in the external ODBC database, if one exists at the site, else they are recorded in the embedded database).
Note: should you choose to use an external ODBC database, SQL Script files have been included in the License Server release to help with database table creation.
The database requirements are detailed further in the hardcopy pre-installation document included in the shrink-wrap (alternatively, the SIQUICK.doc Word document in the evaluation version).

Q-B2. What version of Java is required for the License Broker Administration tool?

The Administration tool runs from any browser. For your convenience we ship the J2RE Standard Edition (SE) plug-in version 1.4.2_04 available freely from Sun® as part of the License Server SETUP. When you use the administration tool for the first time, the J2RE (Java 2 Run-time Environment) will be automatically installed for your browser (both Netscape® Navigator™ and Microsoft® Internet Explorer are supported) if no J2RE 1.4 or higher version is currently installed. No additional Java SETUP is required by the Administrator.
For related information: see Question-F8.

 
Technical Features

Q-C1. Does License Broker™ meter all applications run by users OR does it meter only applications registered in License Broker database?

License Broker™ detects application launch by intercepting the OS loader. Hence License Broker detects all applications launched regardless of whether the application is registered in the License Broker database! However, to conserve network bandwidth, License Broker does not meter applications launched from local Windows, Windows\System, Windows\System32, Windows\Command ... directories (with the exception of all game software and the 16 bit subsystem (WOW - Windows On Windows) NTVDM.EXE) as these applications are shipped as part of the Windows® Operating System (license validation for these apps such as Regedit, Notepad etc. is unnecessary).

Q-C2. Does License Broker™ detect and enforce licensing on renamed executables?

Yes! License Broker™ 3.0 or later detects and enforces licensing on renamed executables. This is possible because License Broker relies on built-in version information (right click on the executable in Explorer and select Properties, then select Version tab) and not the executable name itself. This version information is unchanged even if the executable is renamed. Additionally in the case of old 16 bit legacy applications, since there may not be a version resource available, License Broker™ also attempts to validate the license by using the Module name built into the header of the executable.

Q-C3. Does License Broker™ employ wrapper technology?

License Broker™ does not employ a wrapper!
When you deploy a new application, there is no special wrapping performed around the application. You do not run a utility to modify the signature or application code as some other metering tools in the market do. A popular tool describes a keying process to modify select applications to enforce license policies. This process of keying is in fact wrapping the application. The disadvantage is that if your site already has a number of these applications installed on end-user machines, you would first have to uninstall these applications and key and then reinstall the software applications, to enable the tool to enforce license policies.
License Broker™ on the other hand is seamless and can enforce license policies on both existing installed applications and new applications deployed after License Broker™ is installed. Administrators do not have to wrap applications before deploying for use by end users.

Q-C4. Does License Broker™ clog the network with traffic?

In short, No.  Each License Client communicates with License Server whenever an end-user or a program launches an application. If the application is one where the license policy is being enforced, then License Client will also communicate with License Server when the said application terminates. The communication protocol is HTTP and the frame size is typically less than 96 bytes long. The information transferred consists of application name, username, machine name and bitness information (whether 32 bit or 16 bit application). Obviously compared to end-users surfing your intranet and browsing pages containing few kilobytes of text and graphics, License Broker™ traffic is minimal! For example, if a typical end user runs 10 applications in a day, network traffic due to License Broker will be around 960 bytes a day from each client. If there are 1000 users, traffic would only be approximately 960KB a day!

Q-C5. What are the security implications with the web based License Server?

Consider the following:

License Broker™ is intended for use on corporate intranets, not over the Internet.  The License Server should not be accessible from outside the corporation except via secure RAS dial-in or other secure means.

Do not share the License Server folder for access over the network nor allow FTP access to this folder.

Windows 2000 Server and NTFS offers more granular control on securing the folder.

Use an external, secure ODBC database.

Use your domain administrator account sparingly, especially if you frequently leave your computer unattended. Otherwise your computer could become the source of an internal security breach whereby an employee accesses the vital resources on the network (given that unified single-logon uses your initial logon credentials). For instance, Microsoft Internet Explorer uses the initial logon credentials when you use the web-based License Broker Administration tool. However the security risk is not limited to License Broker Administration alone; network resources in general are vulnerable if you use your domain administrator account to logon to the domain and leave your computer unattended. Therefore, we recommend you use a domain user account to logon instead of your domain administrator account.

If you like you can move the log files to another folder so as not to compromise other binary files (ISAPI extension DLL - the brain of the License Server) with write/update access to the folder. To do this, create a sub-directory logs in the License Server folder and update the path in the following 4 string values under,
HKEY_LOCAL_MACHINE\Software\System Integrators\License Server\1.8x
in the registry:
1. Chkoutfilename
2. LicenseDBname
3. Logfilename and,
4. Statfilepath
You need only allow Administrator(s) or LBAdminGrp members and IUSR_machinename (Internet anonymous guest user account) write access to this logs folder. Do not give write / modify access to License Server folder as this contains critical binary files.

Q-C6. We have 30 licenses of WORD 2000. Can we use License Broker to limit access to 30 concurrent users?

First, read the End User License Agreement that came with the software. If you purchased 30 shrink-wrap boxes of a certain application and the license agreement explicitly states that each is a single user license and that it may be only installed on a single computer, then you may not use concurrent policy to control access to the software application. For this reason, License Broker™ supports multiple licensing policies: concurrent, user-based, node-locked and a combination of these 3 policies. In addition group policy can be used to restrict access to members of certain groups (both NT and 2000/2003 Active Directory groups supported). Additionally you can explicitly deny access to certain software applications by certain users and/or machines. If the software application in question fits the node-locked model, you would use node-locked (seat) licensing policy and define the machine names where WORD 2000 is authorized to run. This will ensure your site is compliant.

It should be noted, License Broker™ aids administrator(s) in ensuring vendor license agreement compliance. It is not intended to be used to defeat vendor license agreements. Microsoft OFFICE is sold under seat license policy for node-locked use and not concurrent use. Unless you are a volume license user such as Academic School, Campus Agreement or one of the other volume license agreements, you may not configure License Broker™ policies for concurrent use. Of course, you will benefit from License Broker™ usage reports when it is time to renew your volume license agreement subscription each year by analyzing real-time use for the preceding year to determine new license requirement.

For further information: the on-line reference guide for administrators installed with License Server contains detailed information on configuring license policy information for software applications.

Q-C7. How does License Broker™ handle abnormal shut down of end-user PCs? Does it cleanup open licenses on behalf of the Client?

Yes. As long as a client PC has open licenses, the License Broker™ Client periodically sends a short "KeepAlive" message to the License Server. By default if there is no application launch/termination activity on a client for 10 minutes and the client has open licenses, then a "KeepAlive" message is sent to server. Any form of communication between client and server indicates to the server that the client PC is alive! If there are no communications for 3 consecutive periods (30 minutes), the client PC is assumed to be shut off and the License Server returns all open licenses on behalf of the client back to the pool.

Q-C8. If a licensed application crashes, does License Broker immediately return the license held by the application?

Yes. License Broker™ detects crashed application immediately and returns the license.

Q-C9. Does License Broker recoup license immediately when an end-user closes the licensed application or is there a cyclic delay before License Broker will detect the application termination?

The License Broker™ Client on all platforms detect and surrender the license immediately when an application terminates. The exception is License Broker™ Client for Terminal Server where you may see a delay of up to 1 minute (maximum) before the license is surrendered.

Q-C10. What is the role of Java in License Broker™? Does Java affect the performance?

A client-server product such as License Broker™ consists of 3 components: (i)Client (ii)Server and (iii)Administration tool (to configure, maintain server and generate reports etc). To allow the server to be administered by authorized personnel from anywhere on the intranet, the administration tool is browser based. With the J2RE plug-in available for free for the popular browsers, Java is the obvious choice for this third piece. As for performance, the current plug-in supports caching as well as state of the art Hotspot technology and JIT compiler to guarantee the best performance.

Q-C11. Can I use License Broker to control access to software applications from Autodesk® and MapCAD®?

Vendors such as Autodesk and MapCAD have embedded licensing within their software applications. As such these applications enforce their own licensing upon startup. Hence you do not need License Broker to control access to these applications.
If you are a License Broker user and prefer the web based graphical usage reports generated by License Broker, you could meter any application but enforcement in the case of above vendors is built into the applications, hence it would be redundant.

Q-C12. Does License Broker™ track both hardware and software installed on a PC?

Yes! Integrated Auditor™ is included with License Broker™ and tracks hardware + PC configuration information.

Q-C13. Is there a Developer Toolkit or API available with License Broker™ to allow application vendors to embed licensing into their applications?

This is planned for a future release.

Q-C14. Does License Broker™ spy on end users?

License Broker™ is not a key logger. License Broker™ only monitors application launch and termination events for the purpose of license agreement compliance. License Broker™ does not monitor end user interactions with the applications. Key strokes within WORD or OUTLOOK or URLs visited within a browser etc. are not monitored by License Broker™.

 
Reporting with License Broker™

Q-D1. How do I customize the model I have created in Integrated Auditor™?

A "model" is an XML file that describes the report view. You will find the XML file named "model"_FILTER.XML under \Program Files\System Integrators\License Server folder. Open this XML file in notepad and edit as appropriate. For example if you have created a model named "CoreOffice" and wish to customize it so that the model reflects all office files regardless of version, you may wish to modify the version element(s) in the CoreOffice_FILTER.XML file with a wildcard (*) as seen here:

<auditfilter>
  <app>
    <appname>WINWORD.EXE</appname>
    <bitness>*</bitness>
    <internalname>*</internalname>
    <description>*</description>
    <version>*</version>
    <vendor>*MICROSOFT*</vendor>
  </app>
       |
       |
       |
       |
  <app>
    <appname>EXCEL.EXE</appname>
    <bitness>*</bitness>
    <internalname>*</internalname>
    <description>*</description>
    <version>*</version>
    <vendor>*MICROSOFT*</vendor>
  </app>
</auditfilter>

Note: Make sure that all open and close tags match and that there are no characters such as line feed following the </auditfilter> tag. This tag should be the end of the XML file! Further, the wildcard (*) is only supported when used with an external ODBC database! Finally, the wildcard (*) can be at start and/or end of a string, it cannot be embedded within a string - for ex: MIC*OFT is not valid!

Q-D2. How can I print only the main window? I do not want the left navigation frame on my printer output!

Please note, frames are used in all reports. If the browser you are using does not allow the main frame to be selectively printed, then use the frameless versions of the reports:

License Policy Definition Report:

http://servername/SIScripts/silicrpt.htm

Software Discovery Report:

http://servername/SIScripts/siunl.htm

Buy/Upgrade Recommendation Report:

http://servername/SIScripts/sirecom.htm

Hit/Reject Report:

http://servername/SIScripts/sireject.htm

Relative Usage Report:

http://servername/SIScripts/sirel.htm

Time Report:

http://servername/SIScripts/siact.htm

Client Inactive Report:

http://servername/SIScripts/siinact.htm

Hardware & Software Serial# & Service/Contract Report:

http://servername/SIScripts/siserial.htm

Auditor Status Report:

http://servername/SIScripts/samain.htm

Hardware Audit Report:

http://servername/SIScripts/sahwrpt.htm

Software Audit Report:

http://servername/SIScripts/sarpt.htm

SOE Compliance Report:

http://servername/SIScripts/sacomp.htm

IT Help-desk Report:

http://servername/SIScripts/samiscrpt.htm

 
Evaluating License Broker™

License Server version 1.82 or later contains a simple test program LODTST.EXE in the /utils directory of the License Server installation folder which repeatedly launches another program in quick succession like a super fast end-user. Typical end-users run and terminate applications about 50-100 times a day. This robot test program launches 10,000-20,000 applications (the same application is launched and terminated repeatedly) during the same time period, depending on processor speed of your test machine. The challenge for License Broker™ Client is to detect each of these launches and terminations and enforce license. By running this test on a few machines (say 50 to 100) you will generate excessive load on server, thus you will be able to test the License Server as well. Be aware that this test is resource intensive as there is no "think-time" that normally occurs when real end-users are running applications. Further, this test is a foreground application. Hence if you run this test on the same machine as IIS/License Server, then it would impair performance of IIS and License Server. (This is the same reason that you also do not enable high graphics or resource intensive screensaver programs on server machines such as NT Server where critical services like IIS are running.) The test runs on both Windows 95/98/Me and NT/2000.
For further information: Read the readme.txt file found in the /utils directory. Also see Question-A5 for information on scaling issues with IIS applications.

 
Installing & Using License Broker™

Q-F1. We use a mix of Windows 95, 98, Me, NT and 2000 at our site. Since License Broker Client SETUP package is different for different OS, it is inconvenient to install License Broker Client enterprise-wide. Is there a single install for all clients? Also is there a way the SETUP can be tracked for success or failure across the enterprise?

We have made every effort to make distribution of License Client as painless as possible on Administrators. Both the License Broker™ Client for Windows 9x/Me and License Broker™ Client for Windows NT/2000 SETUP contain a sample logon script fully tested on both NT Server based network and Novell Netware®. These scripts are also tested with other third party scripting tools such as ScriptLogic™. Also included is a sample Installshield script and Package Definition File. License Broker™ Client installation is a transparent process regardless of OS. If you are using the logon script to push License Broker Clients across your enterprise, then the logon script has built in intelligence to detect the client OS and install appropriate software. Similarly, if your site uses Systems Management Server, then SMS makes pushing appropriate software by OS a snap. If your site is not a NT Server based network nor Novell Netware® based, then you may alternatively push the logon script itself to end-users via E-mail or set up a web page on your corporate intranet web server with links to the License Client SETUP programs so that end-users may click-install the client from their browser.

One limitation with pushing License Broker™ Client for Windows NT/2000 using logon script is that the SETUP requires the user to have administrative privilege on the local machine. This is because License Broker™ Client for NT/2000 is an NT Service and for a SETUP program to install an NT Service, it requires administrative privilege. Typically NT/2000 is used by a more sophisticated user and end-users are most likely to be local administrators of their own machines which allows them to install software locally. While most end-users are not Domain Administrators, they do add their domain userid to the local Administrators group. This allows them to install software locally without becoming a Domain Administrator. In the rare event that end-users do not know their own local administrator password, License Server version 1.82 or later includes an utility ADDADMIN.EXE in the /utils directory of the License Server installation folder to allow a local administrative account to be created on every desktop via logon script. Read the readme.txt in the /utils folder for more information.

Please note, if you are evaluating License Broker™, only the License Server has a 30 day expiration. The License Client is always the retail version except in the case of License Client for Terminal Server. Hence if you distribute License Client enterprise-wide for evaluation purposes, you won't have to distribute again when you purchase the retail version. Once you purchase the retail version, you simply need to reinstall the License Server from the retail CD to remove the 30 day lock. Hence you are able to evaluate License Broker™ with real load from all workstations.

License Broker™ version 1.82 or later also enables you to track success or failure of SETUP across the enterprise. The License Client SETUP program sends status information to the License Server which logs this information in two plain text files: inststat.suc records successful client setup information and inststat.fai records failure information. The information includes username, machinename, platform (9X, NT) and a description of error if unsuccessful setup. These log files are comma delimited and can be imported into Excel or similar tools. The License Server must be installed and running before you attempt large scale License Client distribution across the enterprise.

Q-F2. How can we meter both older Microsoft Office and new Office XP applications at our site?

Starting with License Broker version 3.0, multiple versions of any application can be discovered and controlled. Use the Software Discovery report to detect all versions of software and simply click on Define License Policy from the popup menu of appropriate version of software.

Q-F3. I get a message "....has expired! Call ...." in the License Server Administration screen - but I only just installed the License Server!?

The 30-day evaluation version of License Broker™ comes with a lock on the License Server to prevent repeated installation of the same evaluation version (i.e. uninstall followed by install of same version). Further, the evaluation version of the License Server detects any attempt to reset the system clock and invalidates the 30-day license. If you have a genuine need to extend the 30 day license, simply call or E-mail support@sintegrators.com and request an extension.

Q-F4. Using the License Broker™ Administration tool I have configured E-mail recipients. But the recipients do not receive E-mail alerts on license overrun condition!

First, make sure you have defined exact Internet E-mail address in the format "johnsmith@mycompany.com". If that is not the problem, your IIS and/or Exchange Server is not set up properly. We will discuss two scenarios: (i) You are using Exchange Server as your Internet Mail Service, (ii) You are using any other Internet Mail Service. 
Note that the following is not intended to be a tutorial on how to enable Internet E-mail at your site nor how to send and receive E-mail over the Internet using the Internet Mail Service, Outlook Client and Exchange Server. It is assumed that you are already sending and receiving E-mail over the Internet successfully from your site. Instead, the following is designed to help you diagnose why License Broker™ Server is not able to send E-mail alert messages.

Exchange Server as Internet Mail Service
To help diagnose any future problems beyond the ones identified here, first enable full logging:
> Start the Exchange Administrator and double-click on your site in the left pane. You should see the Configuration container.
> Under Configuration, double-click Connections. The Internet Mail Service appears on the right pane.
> Double-click the Internet Mail Service. The Internet Mail Service Properties page appears.
> Select the Diagnostics Logging tab and select the Maximum radio-button to set the maximum logging level for all categories.
This will create a .log file in your ExchSrvr\imcdata\log directory. You will examine this log file for future diagnostics. This log file, in conjunction with entries in the Event log (Start | Administrative Tools | Event Viewer), will help diagnose most problems. In case the following does not help resolve your E-mail problems, communicate errors from these two sources to support@sintegrators.com for resolution.

1. Wrong Pickup directory path used for outbound E-mail
This is the most common problem from the field. There is a SMTP (Simple Mail Transfer Protocol) Service that is shipped with both IIS 4.0 and Exchange Server. One is light-weight and the other is feature rich. The problem arises from the fact that the default directory structure is different for each. You need to do two things. First, force the default directories for both to be the same; then disable the light-weight SMTP service that came with IIS 4.0 (Microsoft SMTP Service in the Services Control Panel applet) and enable the feature rich SMTP service (Microsoft Exchange Internet Mail Service in the Services Control Panel applet). Please go to Microsoft Knowledge Base and search for the article ID: Q235681 that details the steps. This will most likely fix your problem and License Broker™ Server should be able to send E-mail alert messages to configured recipients.

2. If above does not fix the problem, examine the .log file generated in the ExchSrvr\imcdata\log directory. If you see any error description that suggests the Sender=Admin@LicenseBroker.com is not recognized, then you need to configure License Broker™ Server to use another safe alias that fits your site's security policy. For instance, you may specify your E-mail address as the value for Sender Email address string under the \HKEY_LOCAL_MACHINE\Software\System Integrators\License Server\1.80 key. If such a string value pair does not exist under the key, then install the most current License Broker™ Server update which exposes this string value.

Any other Internet Mail Service
If you are not using Exchange Server as your SMTP service for outbound E-mail on the Internet, then you need to install the light-weight SMTP service that comes with IIS 4.0. The Quick Start and Setup Guide included with License Broker™ describes the steps to install and configure the Microsoft SMTP service to redirect E-mail sent by License Broker Server to a smarthost (real SMTP server in your site that handles outbound E-mail on the Internet)

Q-F5. Offline usage does not appear to be monitored!

From the License Broker™ Server machine, ensure the string value for Offline under
HKEY_LOCAL_MACHINE\Software\System Integrators\License Server\2.10
is set to 'Yes'.

Q-F6. When I attempt Define License Policy from Software Discovery report, the Path field shows one long entry with the executable name and internal name and description, version, vendor all on same line. As a result the application is not metered!

This is a problem with Internet Explorer versions earlier than 5.0. You must upgrade to version 5.0 or higher. If you must use Internet Explorer 4.0, you may position the cursor at the end of the executable name in the Path field and hit the Enter key. If there is an internal name, place the cursor at the end of the internal name and again press the Enter key. This will split the Path field in to two or more separate lines each containing a valid entry.

Q-F7. The License Broker™ Administration tool hangs with no display in the center frame of the browser!
OR it hangs with the message "Loading applet..."
OR it displays a "System Error 500" in the browser center frame against a white background

The center frame of the browser is where the Java Applet should load. You may have security issues with your License Server install folder on NTFS file system. For successful operation, both IUSR_MACHINENAME (Internet Guest User) and Administrator(s) must have create/read/update/write access for this folder (see Question-C5 for any security concerns you may have). Note you need to be an administrator to modify folder security. To verify access:
> Right click on the License Server folder and select Properties.
> Click on the Security tab.
- If you are running NT 4.0 Server, click Permissions.
- If you are running Windows 2000 Server, click Advanced, then Permissions.
> Ensure the Internet Guest User and Administrator(s) have sufficient access.

You may have specified an invalid PDC / BDC / Active Directory! Try deleting the value for the string-value pair PDCname under registry key HKLM\SOFTWARE\System Integrators\License Server\version. DO NOT DELETE THE KEY OR THE PDCname STRING, JUST DELETE THE VALUE (leave it empty)!

If using Microsoft Access database, then the silicdb.mdb file or the folder where the file resides, must also be given full-control access to the above Internet Guest User and Administrator(s) accounts.

Further, ensure the following is selected in Internet Service Manager: go to the SIScripts Properties page, Directory Security settings, and ensure 'BASIC' is selected in the Authentication Methods panel.

If you are using a proxy server at your site, check the "Use Browser Settings" check-box under the Proxies tab in Java(TM) Plug-in Control Panel (Control Panel | Java Plug-in).

You may additionally try bypassing proxy server for local addresses in your browser.

If you did not see the J2RE plug-in SETUP run automatically the first time you used License Broker™ Administration tool, it may be due to ActiveX security settings in your Internet Explorer which prevents execution of the plug-in SETUP. You may manually install the plug-in. For your convenience the plug-in is shipped as part of License Broker Server installation. You will find the executable j2re-1_4_2_04-windows-i586-p.exe under docs folder in your License Server directory - typically \Program Files\System Integrators\License Server\docs. Run this executable on the browser machine where you wish to run the License Broker Server administration tool. If the browser machine is an NT/2000, remember you must be an administrator to complete the plug-in setup

Q-F8 Sometimes we get a message "No J2RE 1.4 or higher support for Applet!!" in the License Broker Server administration tool

The browser where you are trying to run the License Broker™ Administration tool is a Windows NT or Windows 2000 machine and it does not have the Sun J2RE plug-in installed (see Question-B2). The License Broker™ Administration tool will automatically install the plug-in if your user account is a member of Domain Admins or local Administrators group. If not, you will get the message you are seeing. It is typical for most install or SETUP programs to work, you need administrative privilege on the local machine. When you run the License Broker™ Administration tool, you may see the browser prompting you for your administrative userid and password to authenticate your access to the License Server. This has nothing to do with J2RE plug-in install which is a Sun supplied SETUP program. For a successful J2RE plug-in install you must be logged on the local Windows NT/2000 with local administrative privilege.

If you did not see the J2RE plug-in SETUP run automatically the first time you used License Broker™ Administration tool, it may be due to ActiveX security settings in your Internet Explorer which prevents execution of the plug-in SETUP. You can manually install the plug-in. For your convenience the plug-in is shipped as part of License Broker Server installation. You will find the executable j2re-1_4_2_04-windows-i586-p.exe in docs folder under License Server install directory. Run this executable on the browser machine where you want to run the License Broker™ Administration tool. If the browser machine is an NT/2000, remember you need to be an administrator to complete the plug-in setup.

Q-F9. I can ping the License Server machine from the License Client machine. The License Client is installed on the Client machine and License Server is installed on the Server machine. But the License Server does not meter the applications I am running on the client machine.

This could be due to either/or:

You may have firewall on end user desktop blocking outbound connections from client to server. Starting with Windows VISTA, newer firewalls can block not only inbound, but also outbound connections. Ensure LICCLTS.EXE (WWW License Broker service) is excluded from firewall settings. V7.9 License Broker Client SETUP automatically adds an outbound rule to the Windows Firewall Advanced Security settings.

You may have configured the client with a WINS name of server instead of IP address of server, and you may be manually connecting to a wireless or Wi-Fi network after the machine boots. License Broker Client service only attempts to resolve name to IP address at the time the service starts. As name lookup is an expensive operation, the client does not attempt name-ip resolution upon every application launch to validate license. Otherwise, end user will experience performance degradation (hour-glass effect) every time end user launches any application. If you are manually selecting a network after the PC boots, then you may stop and restart WWW License Broker service. Alternatively, since all servers are typically on fixed IP addresses, it is recommended customers configure License Broker client during SETUP to use the server IP address instead.

License Clients communicate with License Server using Anonymous access for license checkout/checkin operations. The Administration tool on the other hand uses BASIC authentication to validate user.  Ensure the following is selected in Internet Service Manager: go to the SIScripts Properties page, Directory Security settings, and ensure 'Allow Anonymous Access' and 'BASIC' are selected in the Authentication Methods panel.

You may have security issues with your License Server install folder on NTFS file system. Make sure both IUSR_MACHINENAME (Internet Guest User) and Administrator(s) have full access on this folder (see Question-C5 for any security concerns you may have). Note you must be an Administrator to modify security on a folder. To verify access:
> Right click on the License Server folder and select Properties.
> Click on the Security tab.
- If you are running NT 4.0 Server, click Permissions.
- If you are running Windows 2000 Server, click Advanced, then Permissions.
> Ensure the Internet Guest User and Administrator(s) have sufficient access.

If using Microsoft Access database, then the silicdb.mdb file or the folder where the file resides, must also be given full-control access to the above Internet Guest User and Administrator(s) accounts.

License Broker™ does not attempt to meter applications launched from local Windows, Windows\System, Windows\System32, Windows\Command ... directories as these applications are shipped as part of the Windows® Operating System (license validation for these apps such as Regedit, Notepad etc. is unnecessary). The exception to this general rule is all Windows game software and the 16 bit subsystem (WOW - Windows On Windows) NTVDM.EXE - these native Windows programs are monitored by License Broker despite the fact they reside in Windows sub-folders.

You defined licenses for certain applications, but did not specify the full exe name in the Path Definition field. For instance, if you defined licenses for MS WORD 97, the path must read "WINWORD.EXE". If you merely entered "WINWORD" for the path without the file type extension .EXE, then the Server will fail to meter WORD.

You have excluded core hard drives from metering during License Broker Client SETUP. Ensure the string-value pair DriveExclusionList under registry key HKLM\SOFTWARE\System Integrators\License Client\version is set to the default value of AB. This will ensure all other drives are included in metering.

You are using a 30-day evaluation version of License Server with an expired license!

Q-F10. Web service stops frequently!

This problem is more common in machines that are also running Proxy server and Index server. If using NT Server 4.0 with IIS 4.0, this problem will be resolved by applying Service Pack 6A followed by an IIS Specific fix for a problem described in Microsoft Knowledge Base article Q300972. 

To download and apply the Service Pack 6A, go to SP6a. Next, instead of applying the IIS specific fix, Microsoft recommends that you apply all security related fixes including the fix for IIS specific problem described in the above Knowledge Base article by downloading and applying the conveniently packaged Post-SP6a Security Rollup Package SRP.

The above two steps will resolve the web service stoppage problem.

Q-F11. Sometimes we get a message "License Server is inaccessible!" from the License Client but the Server and IIS are running?

This would typically happen if you have enabled a screensaver program on the Server. Any resource intensive foreground application such as a 3D screensaver or the testing tools included with License Broker™ (see Question-E1) will impair performance of IIS and License Server. Instead of a screensaver, you may consider enabling energy saving features such as standby power mode on inactivity, etc.

Q-F12. In the License Server Administration screen we attempt to configure 65 licenses for an application. However, it limits the entry to 50.

License Server limits the number of licenses for any application to the number of License Broker™ Client licenses you purchased. For example, if you purchased 50 License Broker™ Client licenses, it suggests that you are monitoring application activity on 50 end-user machines. As such, you cannot meter more than 50 licenses of a given application with only 50 end-user machines (i.e. 50 client licenses). As you purchase additional License Broker™ Client licenses, this limit will increase by the same number.

Q-F13. We are a thin client shop using NT Server Terminal Server Edition. We installed the License Broker Client for Terminal Server, but we sometimes get an error "User license limit exceeded! Can't run ..." on the end-user terminal when attempting to run any licensed application. This happens even when the specific application has free licenses available

If you purchased a 50 user License Broker Client for Terminal Server, and if there are 50 terminal users already running some licensed applications, then License Broker Client will reject any additional users from running any licensed applications. You must purchase as many user licenses of License Broker Client as number of terminal users!

Q-F14. The .pdf files included in the release are not valid file formats - Adobe Reader cannot open this file.

The .pdf files included in each client and server release are not Portable Document Files. Instead they are a Package Definition File required by Microsoft® Systems Management Server. Unfortunately both Adobe Reader and SMS use the same extension. If you are looking for the pre-installation document, it is included in the shrink-wrap as a hardcopy document or for the evaluation version, as a WORD document (SIQuick.doc). After the License Server is installed, you can also read the License Server Admin. Guide online on your server.

Q-F15. The client machine hangs when attempting to run any application, and the server INETINFO.EXE process shows nearly 100% CPU utilization.

This happens if you change the machine name of the server or copy the contents of License Server folder from old server machine to a new server machine. It is recommended customers do not use ghost images to backup and restore License Server folder from old server machine to new server machine. Whenever migrating to a new server or simply renaming the machine name of the existing server, it is recommended customers perform a clean install of the License Broker Server software. To migrate license policy information from old to new server, you must first ensure the old server is disconnected from clients for at least 30 minutes till the License Server Administration screen shows all application licenses are released and none is in use by any of the clients. Only then uninstall old License Server and copy the residual files (except licheck300.log) from the old server machine to the new server machine.

Q-F16. We are using Windows 2000 Server with Active Directory Domain Controller. License Broker™ group policy does not work.

You may have specified an invalid PDC / BDC / Active Directory or there is a typo in the PDCname parameter! Make sure the value for the string-value pair PDCname under registry key HKLM\SOFTWARE\System Integrators\License Server\version is correct.

License Broker™ runs under the anonymous Internet Guest (IUSR_machinename) account. While this account had enough rights under old NT domain to validate group membership of the user across IIS and PDC, under the new Active Directory in Windows 2000, this account does not have the rights to successfully query group membership! You must explicitly add the IUSR_machinename (or any substitute account like DOM/lbuser you may be using in place of default anonymous account) to the "Pre-Windows 2000 compatible access" group.

Additionally if you are using a substitute account like DOM/lbuser in place of IUSR_machinename (for example, you would do this when your IIS and Active Directory Domain Controller are on two different machines), then you must also ensure that Log on locally right is assigned to both the DOM/lbuser and the administrator that is administering the License Broker™ Server. Administrator should have this same privilege to ensure Group policy administration will work. Remember that Log on locally must be an effective policy setting, not just local security policy.

The same goes for the LBAdminGrp as well. If you are restricting access to the License Broker™ Administration tool to members of LBAdminGrp instead of Administrators, then that group must also be given Log on locally right as above. Otherwise drill-down from Software Discovery Report to Group policy definition screen will not auto-populate the group names of users that ran the application.

Additionally, the IUSR_machinename or the substitute domain account DOM/lbuser and the administrator account or LBAdminGrp must also have full-control access privilege to the folder where License Broker Server is installed (usually \Program Files\System Integrators\License Server).

Finally, Ensure the following is selected in Internet Service Manager: go to the SIScripts Properties page, Directory Security settings, and ensure 'Allow Anonymous Access' and 'BASIC' are selected in the Authentication Methods panel. Ensure 'Integrated Windows' is not selected!. Otherwise drill-down from Software Discovery Report to Group policy definition screen will not auto-populate the group names of users that ran the application.

Q-F17. We upgraded our server from Windows 2000 to Windows 2003. Prior to upgrade we uninstalled License Server and after upgrade we re-installed License Server. Now License Server is not working!

Previously under Windows 2000, your License Server install folder had security settings that allowed access to the Internet Guest account (IUSR_machinename) and the Administrator(s) group and if you were using a remote SQL Server, you may have also configured a domain user account that is valid on both IIS and SQL Server machines. Since the new IIS 6.0 under Windows 2003 runs under the NETWORK SERVICE account, we must also add this account to the security settings on the License Server install folder. On a clean install on Windows 2003, the License Server SETUP successfully creates the install folder and assigns security settings to allow NETWORK SERVICE account access to this folder. However when you upgraded from Windows 2000 to Windows 2003, the License Server install folder already exists! The uninstaller did not remove the entire folder because your database files were left behind as residual files! Hence in this case, you must manually add the NETWORK SERVICE account to the License Server install folder to fix this problem. You would do this from Windows Explorer by right-clicking on the License Server folder and selecting Properties, then clicking on the Security tab and Add button.

Q-F18. We attempted to delete applications from Software Discovery Report, however the applications persist in the report!

This could be due to:

You are using Microsoft ACCESS database with License Server, and there is a security issue with the .mdb file. Make sure both Administrator(s) and IUSR_MACHINENAME (Internet Guest User) have full access to the .mdb file (see Question-C5 for any security concerns you may have).

Q-F19. The application serial number for some applications do not get saved in the serial table after entering in the Track Serial#!

The application for which you are entering serial# and warranty / service (date) information, must be run at least once after defining license policy! This problem will occur if the application was never used since policy was defined.

Q-F20. We are unable to generate SQL trace from Control Panel ODBC Data source administrator for System DSN=SILICBKR300!

Open Internet Service Manager and right-click on SIScripts and select Properties. Click on Virtual Directory tab and change Application Protection to "Low (IIS Process)" Click on Apply and OK buttons. The SQL trace should now work.

Q-F21. After installing J2RE Plug-in, previous Java applets from other applications no longer work in the browser!

Open Java Plug-in in Settings | Control Panel. Click on Browser tab and unselect all checkboxes that associate the J2RE as the default Java Runtime for the browser. Click on Apply button. The other application Java applets should now work using their respective JREs.

Q-F22. License Broker™ Administration url silicadm.htm returns page not found or HTTP 404 error!

If you are running Microsoft Windows SharePoint Services 3.0 or Microsoft Office SharePoint Server 2007 on the same server as your License Broker™ Server, then it is likely the default port 80 is in use by a SharePoint application and the Default Web Site which otherwise would have used port 80, is now stopped to prevent conflict. Remember, when you installed License Broker™ Server, it was installed under the Default Web Site. To resolve the issue, you must enable Default Web Site to use a different port say port 8080 or any other unused port and restart the Default Web Site. To do this, go to Internet Information Services Manager found under Control Panel | Administrative Tools. Expand the Web Sites folder. Right click on Default Web Site and select Properties. Under Web Site tab, you will find TCP port. Change it from the default 80 to say 8080 and click the Apply and OK buttons. Next right click on Default Web Site and select Start. Now try going to the License Broker™ Administration url (be sure to include the port in the url - ex: http://servername:8080/SIScripts/silicadm.htm).

There is still one more action to perform: When you installed the License Broker™ Client on your PCs, you may have selected the default port of 80. To reconfigure the clients to use the new server port of 8080, edit the client PC registry using Regedit. Under HKLM\SOFTWARE\System Integrators\License Client\version key, edit the LicenseServerPort DWORD-value pair with the decimal (not Hexadecimal) value of 8080. Clients will require a reboot for the changes to take effect.

If you are running an older version of SharePoint, then you may need to exclude the SIScripts application path (\Program Files\System Integrators\License Server) from SharePoint management. Please read the Microsoft Knowledge Base article KB828810 for more information.

Q-F23. How do I migrate to a new Server?

Go to License Server Administration screen on the old server machine and monitor / wait until all application licenses are released and none is in use by any of the clients.
Note: It may be easier to disconnect server from the network for 30 minutes or so until all licenses are released.

Stop IIS Admin. Service on old server.

Uninstall server software from the old server (when prompted, opt to leave the data files intact - do not remove these files).

Install server software on the new server.

Stop IIS Admin. Service on new server.

Copy all files from the old server License Server install folder, to the new server License Server install folder except the licheck300.log file.

Configure System DSN SILicBkr300 in new server ODBC to point to the same database that was used by the old server System DSN SILicBkr300 settings.

Restart Web Publishing Service on new server.

Edit all client PC registry to point to the new server. Under HKLM\SOFTWARE\System Integrators\License Client\version key, edit the LicenseServerHostname string-value pair with the correct IP address of new server. Clients will require a reboot for the changes to take effect.

Q-F24. We are using Microsoft SQL Server on one machine and IIS/License Server on another machine. We have defined a System DSN name SILICBKR300. However License Broker™ continues to use embedded database!

The problem is to do with the fact that the anonymous account or Internet Guest account IUSR_machinename used in IIS is a local account that is only valid on the IIS machine! It is not valid on the remote SQL Server machine. You need to define a domain guests account named say lbuser (or anything you like) and specify this account in the anonymous user setting for SIScripts virtual directory. When setting the anonymous user account in SIScripts, you must enter the fully qualified account in the format dom\lbuser and specify the password and uncheck the Enable Automatic Password Synchronization check-box. This lbuser account must be given Log on locally right. Further you must give this account full-control type of access to the folder where License Server is installed. Additionally this user must be granted public, db_datareader, db_datawriter access to the silicdb SQL database. Also, you must use License Broker™ Server version 3.3.2 or higher. Finally, ensure the following is selected in Internet Service Manager: go to the SIScripts Properties page, Directory Security settings, and ensure 'Allow Anonymous Access' and 'BASIC' are selected in the Authentication Methods panel. Ensure 'Integrated Windows' is not selected!. Otherwise administrative query reports will not work as SQL Server will be unable to authenticate the administrator. NTLM challenge response or Integrated Windows authentication only works at IIS machine; the authentication is not passed through to the SQL Server. BASIC authentication overcomes this limitation.

The problem could also be due to settings in the IIS that recycle the worker process under Windows 2003 after a period of activity. Turn off the recycle checkbox located in the IIS Application Pool property page for the LicenseBroker application pool.

Q-F25. We have defined a policy for an executable using network path. However License Broker™ does not enforce the policy!

It is recommended customers define policies by drilling down from Software Discovery report to avoid typo in policy definition. If defining the policy manually, be aware that drive information should not be included in path definition as License Broker™ client software is already configured with drive exclusion list. For tamper-proof detection despite renaming of executables, version information is sufficient rather than path. In case the executable is on a network share, License Broker™ client software may not be able to determine version information as the client runs under local SYSTEM account on NT/2000/2003/XP systems and may not have sufficient privilege to remotely examine the file property on the network share. If you have placed various versions of the application on various shares, then you may distinguish the policies by specifying full path for each. For example, if the mapped drive is 'Y' and the application is located in Y:\My Long Path\App1.exe, then policy must be defined with path=\My Long Path\App1.exe or simply App1.exe. The latter gives the flexibility in that the policy will be enforced despite migrating to a different folder. If using UNC naming convention, for example \\Dm2350\SharedDocs\My Long Path\App1.exe, then specify only the path within the share. In this case, \\Dm2350\SharedDocs represents the share (similar to drive Y: in previous example) and the path within the share is \My Long Path\App1.exe.

Note: 16 bit application policies are only enforced when the application is run using drive specification (Y:\MyLong~1\App1.exe) and not UNC. Further the 16 bit policy must be defined using the 8.3 paths as \MyLong~1\App1.exe.

Q-F26. We are an educational institution and all our desktop PCs receive a ghost image at the beginning of the year. Since all License Broker™ client(s) will be XP clients, can we deploy the client(s) as part of the ghost image?

Yes, so long as all desktops are alike (same OS). Before you create the ghost image however do the following:
- Stop WWW License Broker service
- Go to registry under HKLM\SOFTWARE\System Integrators\License Client\version. If you see a data value for KeepAliveCookie delete that value (this string-value must be empty)
Now proceed with creating the ghost image. DO NOT START THE WWW LICENSE BROKER SERVICE UNTIL AFTER THE GHOST IS CREATED! You can now deploy this ghost on all desktops.

Q-F27. We know all clients are active, however not all applications appear to be metered! It is rather random, sometimes we see activities in the server admin screen, while at other times the client seems to enter in to the offline metering mode. What could be wrong?

Chances are, you are either running License Broker Server on a non-server Windows platform. Or you have configured IIS Default Web Site property to limit the number of web site connections. Note, IIS on a non-server Windows platform is limited to 10 concurrent connections and cannot be configured for unlimited connections. On a Windows server platform however IIS by default is configured for unlimited connections. To configure IIS, ensure the following is selected in Internet Service Manager: go to the Default Web Site Properties page, Performance tab. Select 'Unlimited' under Web site connections. Click on Apply and OK buttons and stop and restart IIS for the changes to take effect.

Q-F28. We recently set up an Oracle 9i and configured the ODBC System DSN silicbkr300 to point to this new Oracle 9i database. License Broker is no longer metering applications. It was working before with the default ACCESS mdb database.

When you tested the connection from the ODBC Data Source Administrator, you were an authenticated user and hence the connection was successful. However License Broker runs under the anonymous IUSR_machinename account (or any other account you may have created to replace the anonymous account). Hence you must give this anonymous account 'Read', 'List Folder Contents' and 'Read & Execute' privileges to the ORACLE_HOME folder or the folder where Oracle Client software is installed. Otherwise IIS / License Broker will be unable to load the ODBC driver, and hence database connection will fail.

 
Installing & Using Integrated Auditor™

Q-G1. Auditor program SIAudit.exe quits without scanning the PC!

Auditor requires both Windows Management Instrumentation (WMI) and Windows Media Format Audio (WMFA) support files to be present on the PC. WMI is standard on Windows Me and later operating systems, but under Windows 9x and NT, you must manually install WMI. Look for WMICORE.EXE in the utils folder under the server install directory. You may also search Microsoft web site for current version of WMI available for download for these platforms.

WMFA redistributables are packaged as a self-extracting executable WMFAInst.exe also located in utils folder under the server install directory. This executable will examine the PC for presence of WMFA and only install WMFA if same is not present on the PC.

Q-G2. Integrated Auditor™ Administration url siaudit.htm returns page not found or HTTP 404 error!

If you are running Microsoft Windows SharePoint Services 3.0 or Microsoft Office SharePoint Server 2007 on the same server as your Integrated Auditor™, then it is likely the default port 80 is in use by a SharePoint application and the Default Web Site which otherwise would have used port 80, is now stopped to prevent conflict. Remember, when you installed Integrated Auditor™, it was installed under the Default Web Site. To resolve the issue, you must enable Default Web Site to use a different port say port 8080 or any other unused port and restart the Default Web Site. To do this, go to Internet Information Services Manager found under Control Panel | Administrative Tools. Expand the Web Sites folder. Right click on Default Web Site and select Properties. Under Web Site tab, you will find TCP port. Change it from the default 80 to say 8080 and click the Apply and OK buttons. Next right click on Default Web Site and select Start. Now try going to the Integrated Auditor™ Administration url (be sure to include the port in the url - ex: http://servername:8080/SIScripts/siaudit.htm).

If you are running an older version of SharePoint, then you may need to exclude the SIScripts application path (\Program Files\System Integrators\License Server) from SharePoint management. Please read the Microsoft Knowledge Base article KB828810 for more information.

 
Using Component License Broker™

Q-H1. I see Software Discovery report shows many DLLs and OCXs. How do we know what applications are using these components?

The server maintains two log files named license300.lo0 and license300.lo1 that show running history of all license requests received from client(s). The two files are capped to approximately 1 MB in size as they are only intended for diagnostic purposes. The two files are used in a round-robin manner. To see what applications used the dlls, open the most current log file in notepad and search for the DLL name. Do the search in reverse order from the end of the current log file (as determined from the time stamp on the log files) to ensure you are searching the most recent activity. The entries are of the form "Appname=Filename.DLL(Parent=Filename.EXE)".

Q-H2. I have defined a policy for MSHTML.DLL(EXPLORER.EXE) to restrict access to the web from Windows Explorer. Yet, users are able to surf the web!

Component Metering is not supported under Windows 95/98/Me. With respect to Windows NT/XP/2000/2003 client(s), make sure you have specified yes to Meter Windows folder? option. You can set this in client registry under HKLM\SOFTWARE\System Integrators\License Client\7.0 MeterWindowsFolders string-value pair. If you modify this registry value, be sure to reboot the client for the changes to take effect. Please note, administrator privilege is required to modify this registry setting. Needless to say, you need to define policies for the executables as well, such as IEXPLORE.EXE.

Q-H3. Can I use Component License Broker™ to control access to ESRI® ArcGIS® extensions?

ArcGIS® and third-party extensions that run under ArcGIS are licensed under either single-use or floated license terms. Licensing is embedded within the application and extensions and hence use of Component License Broker™ is redundant. You do not need License Broker™ to control access to these applications and extensions. If you are a License Broker user and prefer the web based graphical usage reports generated by License Broker and Component License Broker, you could meter any application and extension from vendors such as ESRI only for the purpose of measuring usage and reporting on compliance.

In the event you do define redundant license policies for these extensions using License Broker, please be aware an extension sold under single-use license term is intended for use on a single PC, and hence seat (not concurrent) policy is the appropriate license policy to be used when defining license within License Broker. Please consult the vendor that supplied the extension and be sure to read the End User License Agreement (EULA) that accompanied the extension for more information.