Best Practices for Managing Windows Server Licensing Changes

Best Practices for Managing Windows Server Licensing Changes

For most software licensing managers or server admin teams, enterprise server licensing is one of the most feared components of implementing a server environment. The only thing that changes faster than technology itself is the licensing of that technology, and 2011 is no different. For instance, Microsoft is ending the Mainstream Support phase for Windows 2003 and beginning the Extended Support phase on July 13, 2010. Many enterprise businesses have begun to migrate those server environments to Windows Server 2008 R2.

In this article we’ll take a look at some of the new technical components being implemented by Microsoft that force your business to comply with those licensing components and what may happen if you decide to ignore them.

Managing Microsoft Server Remote Desktop CALs Licensing Changes

Software licensing enforcement technology is nothing new, but many of the techniques employed by today’s authors have changed significantly and most require Internet connectivity in order to validate the licensing keys that have been purchased. It’s also important to note that all businesses should have a well-documented and well-communicated process in place that will provide the means to maintain a record of each of these entitlements as they are purchased and updated. They also should be able to provide proof of purchase and produce all required licensing keys at a moment’s notice.

Many vendor licensing models have become increasingly complex to manage. With the increased demand for businesses to get more out of every licensing dollar, it’s even more important than ever to understand and keep up to speed with each available licensing option provided by various software authors. (We’ll touch on this topic later.)

One such important licensing model and enforcement technique that has changed drastically is with Microsoft Server Remote Desktop CALs, formerly Terminal Services Client Access Licenses. The honor system and option for Terminal Services connections are no more. In Windows Server 2008 R2, a terminal server connection is now referred to as an RD Session Host server, or Remote Desktop connection. Additionally, Terminal Services client access licenses or TS CALs in Server 2008 R2 are now called Remote Desktop Services client access licenses or RDS CALs.

With the title change, Microsoft also created an enforcement policy change. Just as Windows Server 2003 Terminal Services brought us a huge change in licensing methodology when they required each client connecting to the Terminal Server to have its own Terminal Services CAL reserved for it via a separate TS Licensing Server. Windows Server 2008 R2 Remote Desktop now has not only the same additional Licensing Server CAL requirements but a licensing key or your Microsoft Select agreement number, as well as Internet connectivity (TCP/IP, port 443), are now also required to unlock your purchased number of Remote Desktop CALs. When entered in the Remote Desktop CAL licensing wizard during CAL setup, the Remote Desktop Licensing Manager will automatically contact the Microsoft Clearinghouse website to validate and confirm your purchase. Windows Server 2008 R2 Standard, Windows Server 2008 R2 Enterprise, and Windows Server 2008 R2 Datacenter are all effected by this policy change. Licensing Server is not available in Windows Web Server 2008 R2 and Windows Server 2008 R2 for Itanium-based systems.

Microsoft does provide a reasonable grace period of 90 days, which begins after the first connection to your RD Licensing Server is made and only after installing the RDSH Role Service on that server. The grace period offered by Microsoft is mainly designed to allow your team enough time to correctly install, configure or test your Remote Desktop Session Host Server as well as Remote Desktop Licensing Server. There are also trial versions of Server 2008 R2 that can be downloaded and used for evaluation purposes.

Failing to purchase the required version and number of RD CALs for each Remote Connection will cause some users or devices to be denied a connection to the Remote Desktop Session Host server when the 90 day grace period has expired. Also, Remote Desktop does still include two concurrent connections to remotely administer a computer. You do not need a license server for these two included Remote Desktop connections. The best way to prevent any Remote Desktop connections from failing is to plan ahead and educate yourself and your team on the proper policies.

Choosing the Right Windows CAL

There are two types of Windows Client Access Licenses from which to choose: device-based or user-based, also known as Windows Device CALs or Windows User CALs. This means you can choose to acquire a Windows CAL for every device (used by any user) accessing your server, or you can choose to acquire a Windows CAL for every named user accessing your servers (from any device).

The option to choose between the two types of Windows CALs offers you the flexibility to use the licensing that best fits the needs of your organization. For example:

  • Windows Device CALs might make the most economic and administrative sense for an organization with multiple users for one device, such as shift workers or businesses with KIOSKs such as those used at sales counters.
  • Windows User CALs might be more economical for an organization with many employees who need access to a corporate network from many devices such as iPhones, iPads or other smartphones as well as for those associates who travel and may have both a desktop and a laptop. It’s important to remember that any device access to the server is counted as one (1) connection in a Device CAL scenario.

Here’s the best way to decide which licensing mode would be more cost effective for your specific scenario:

  1. First, count the total number of users connecting to the server.
  2. Count the total number of clients (smartphones, laptops, PCs, etc.) that those users will connect to the server from. It’s important to note that you should not count concurrent connections.

If you have more users than clients, a “per device” licensing model would likely be more cost expensive. Conversely, if you have more clients than users (e.g. their smartphones, office PCs, laptops, etc.), a “per user” model would be more cost effective.

Share the Post:
Heading photo, Metadata.

What is Metadata?

June 1, 2023

What is metadata? Well, It’s an odd concept to wrap your head around. Metadata is essentially the secondary layer of data that tracks details about the “regular” data. The regular

XDR solutions

The Benefits of Using XDR Solutions

May 24, 2023

Cybercriminals constantly adapt their strategies, developing newer, more powerful, and intelligent ways to attack your network. Since security professionals must innovate as well, more conventional endpoint detection solutions have evolved

AI is revolutionizing fraud detection

How AI is Revolutionizing Fraud Detection

May 23, 2023

Artificial intelligence – commonly known as AI – means a form of technology with multiple uses. As a result, it has become extremely valuable to a number of businesses across

AI innovation

Companies Leading AI Innovation in 2023

May 22, 2023

Artificial intelligence (AI) has been transforming industries and revolutionizing business operations. AI’s potential to enhance efficiency and productivity has become crucial to many businesses. As we move into 2023, several

data fivetran pricing

Fivetran Pricing Explained

May 17, 2023

One of the biggest trends of the 21st century is the massive surge in analytics. Analytics is the process of utilizing data to drive future decision-making. With so much of

kubernetes logging

Kubernetes Logging: What You Need to Know

May 16, 2023

Kubernetes from Google is one of the most popular open-source and free container management solutions made to make managing and deploying applications easier. It has a solid architecture that makes

ransomware cyber attack

Why Is Ransomware Such a Major Threat?

May 15, 2023

One of the most significant cyber threats faced by modern organizations is a ransomware attack. Ransomware attacks have grown in both sophistication and frequency over the past few years, forcing

Show More