I'm back, with one of most delicate issue regarding license tracking and control within large organizations, using OVSD capabilities. I know that OVSD can't do this without help from other tools for scanning/inventory such as SMS, for example. While counting of number of installations for each SW CIs will be used to feed [Installations number] custom field, the [Max.installation] field will be used as a reference to calculate [Licensing drift] value, another important SW custom field. Value for [Max. Installations]field is an amount of all licenses bought to cover associated software used in terms of existing license agreements. Values for these two fields are manually feed in. As long as [Installations number]<[Max. Installations] everything is OK, and we even have available licenses in a license "pool" with [Licensing drift] value, calculated using a DB rule . The problem comes when [Installation number]>[Max. Installations] and corrective actions should be taken to avoid licensing breach. Which user(s) are not entitled to use that software product? To have an answer to this, we record the licenses as CIs and relate to users based on existing RFCs and license acquisitions documents. The following relations are used between CIs and users: 1. SWk-->installed on-->HW1...HWn 2. HW1-->USER1....HWn-->USERn 3. LICk-->USER1...USERm (m licenses for SWk) Have somebody used an application, script or any to identified licensing violation based on described relations and calculated fields values mentioned above? This means that license tracking and control is in place, as a main activity of License Management process.
Yes, we do what you ask about. But what is your question?
I think the key thing to clear about in using OVSD for this purpose is to decide if OVSD is supposed to represent the real state of the infrastructure, or the authorized state of the infrastructure. It is clear from the functionality that the intention is to represent the authorized state, not the real state.
Anyway, we consider each licensed version of an application to be a non-unique CI. We do not depend on RfCs to know who is responsible for an instance of an application: - if licensed by installation, we use the attribute "Owner" of each platform on which the application is installed; - if licensed by user, we use the list of users of those platforms; - if licensed on some other basis - for example, Solaris licensing - we have an ad hoc algorithm based on other CI attributes.
I should also mention that part of request authorization (for a new application) is proactively checking the availability of licenses.
Hi Josh, Thanks for your quick answer. To be more specific I'm giving a real example. MS Visio 2003 Professional has been detected to be installed on 62 workstations (real state). The amount of licenses bought to grants Visio 2003 usage is 56 (authorized state). Of course, there is a list of authorized users due to relations created at CMDB level between Visio 2003 Pro license CI and authorized users, based on their previously requests. So, 6 people are not entitled to use Visio. Don't ask me how is this possible! The scope is to bring real state to authorized state, but, as possible as, automatically based, taking into consideration that are hundreds of software products used within organization and human resources allocated for license tracking and control are limited! Comparing authorized user list with list of workstations having Visio 2003 installed a report should be provided to help to generate a RFC regarding a quick uninstall procedure for those 6 workstations. Same time, this will be an warning to identify security breaches or unauthorized installing procedure. The problem is to avoid to do this on manually basis!
I think you should separate the question of provisioning, which you might be able to automate, from license compliance, which will be extremely difficult to automate. If you have 60 installations and 50 licences, how do you decide is not authorized? Remember, you must keep in mind not only the RfC to install the software, but also all changes of equipment, all RfCs to uninstall software, all personnel that has left the organization, not to mention simple errors that may occur.
I should think that it would not be too hard to link a provisioning tool to the execution of a work order as a way of automating. You would just need to automate the query that compares installed versus licenses first, to make sure that you have not exceeded the number.
I your example, you are saying that the only people who should have an application installed
I understood your point of view. Indeed, is difficult to automate licence compliance process using OVSD. However, I'm sure that OVSD could be used for licence tracking in same manner we use to manage desktop info for owner/user relations, for example. In your example, (60 installation and 50 licenses bought) this means that we have a list of 50 entitled users based on 50 existing relations between LIC CIs and those users, which are maintained based on assigned WOs during licenses lifecycle. So, we can compare the list of 50 entitled people with list of users/owner of 60 desktops having installed that software. Based on CMDB existing relations (SW->HW, HW->USERs, LIC->USERs) a script could be periodically started to provide a report about compliance of specified software products and indicate who are unauthorised users. Of course, only "installation" type of software and associated licenses could be controlled in this manner, but, anyway, is a huge support if we are talking about over 5000 end-users. Something similar could be used for servers (Apps. and OS)using agents to identify software instances installed on and LIC->HW relations. I am looking for a model or practical approach regarding license tracking and control, because we are trying to implement License Management process in order to reduce at a minimum our organizational risk.
Your first question is whether your installations are licensed. You check the reality of what is installed with some tool, and you compare that reality with the number of installations licensed (which you may have in Max. Installations in OVSD). OVSD is not really going to help you very much with this, except to hold the number of licenses.
Next, Suppose you find that you have more installations than licenses. You know you have to either buy more licenses or uninstall software - but can OVSD make that decision for you? In fact, you have identified a problem, and your problem manager will use the change management data in OVSD to identify what is going wrong in the software installation process, and suggest making changes to that process, as well as identifying how to solve the current imbalance between installations and licenses.
I would suggest first starting with a set of reports to be analyzed (for example, licenses for people who are no longer active, installations performed more than x years ago, without any changes in the interim, etc.), rather than trying to automate a process form the beginning.
I think there is something curious about wanting to automate a procedure to fix something which should never be broken in the first place, if only the installation procedure where performed correctly.
Thank you again for these valuable suggestions. Indeed, if installation procedures as a part of Change Management process is put in place and there is no violation, shouldn't be any concern regarding license compliance for a specified software product. I talk before about a legacy, for somebody (License Manager) which will be involved in license tracking and control. As long as OVSD could help in this area I will not hesitate to customize it for this purpose!