Windows License YIKES

  • This is slightly off-topic, but I wonder what others think / have done about this issue:

    Windows Server 2003 apparently now requires the following licensing for this typical scenario for SQL Server:

    1. An organization has a web application that its employees use (authenticating, not anonymously) from all over the place.

    2. The web application connects with SQL Server running on Win 2003 OS

    3. The SQL Server is licensed per processor, as that is the economical choice to legally support many users in a multiplexing setup (even though the web app itself might represent only one or a few connections, it "represents" all the users by proxy, so the license has to cover all of them ... old news)

    4. Here's the gotcha: with Windows 2003 it looks like one is required to have WINDOWS CAL's in addition to the SQL Server license, because the users out there are accessing the SQL Server service on a Windows 2003 server machine. $40 a pop times all those users out there?

    I imagine several of these things:

    a. Lots of people are running systems that are technically not in compliance because it's so preposterous to consider buying Windows CALs for this scenario that they never even imagined it would be required

    b. Other people are saying "wwaaaaaaiiiit a minute, I think you can keep your Windows Server 2003, thank you very much." (Put me in this category)

    c. Maybe I am wrong? Is one expected to purchase Windows CALs for all users of a dedicated SQL Server machine, atop the SQL Server license?

    Anyone else hit this issue?

  • What I make out from that article is that if you were using per user licencing within a domain then each user would require a CAL but this would be valid for every server in the domain, thus if each user already has a CAL for the domain and the SQL Server has a processor licence then you have all the CALs you require?

  • >>. An organization has a web application that its employees use (authenticating, not anonymously) from all over the place.

    If it's over the web, is the SQL Server box sitting behind a firewall?  Because, if it is, even though the users are authenticated, then it's possible (according to how I read that article) that you have a per-device CAL situation? IOW, that it is a single (or small cluster) of boxes or a single application that serve as a proxy for these users.

    If not, or if this is too weird an idea <g>, then  I agree with previous poster.  If these are employees, then they have CALs for the domain already.  You only need  one separate CAL for each individual who uses the server software "on any of your servers".

    >L<

  • I don't think the licence allows for multiplexing through a seperate device, I belive the device/user count is based upon the final end point of the connection regardless of the devices in-between.

  • Yeah, I was afraid it was too weird a thought <g>.  Thanks.

    >L<

  • It also depends on how the users are authenticating through the Web application.  If it using NT Authentication, then yes, each user needs a Windows Server 2003 User CAL.  This CAL allows the user to access any server owned by the company.  If the Web app is using SQL authentication, then a Windows Server 2003 CAL is not needed, as SQL is handling the authentication of the users and you are covered under your per processor license.

  • Lynn - I'm not so sure; check this language carefully, from

    http://www.microsoft.com/windowsserver2003/howtobuy/licensing/priclicfaq.mspx:

    "Q.The End User License Agreement states that CALs are required for access or use of the server software and goes on to list usage examples. If I am using the server in a way that is not listed (e.g., as an application server), do I still need CALs?

    "A. Yes. The list of examples in the End User License Agreement is not exhaustive but is instead meant to illustrate some common uses of the server software. If a device or user is accessing or using the server software, a CAL is required, unless:

    • access is through the Internet and is unauthenticated, or

    • access is to a server running Windows Server 2003 Web Edition, or

    • access or use is by an External User and External Connector licenses are acquired instead of CALs. "

    In the scenario outlined, none of those exceptions actually fit.

    Also:

    "Authenticated access is defined as an exchange of user or application credentials between the server software and a user or device. An example of this exception would be if unidentified users browsed your public Web site. Windows CALs would not be required for those users."

    It appears to me that the method of authentication, Win NT or other methods, is not in play, only the _fact_ that the user "exchanges credentials"

    And for others, this hypothetical scenario I am laying out includes the fact that the users are NOT windows domain users and previously didn't need to be because they do/did not use any other windows service outside the web app/SQL server combination. They are not typical office workers having a workstation with file sharing and office and so on.

  • Another question:

    "SQL Server Central ... Welcome to the largest Microsoft SQL Server community on the web with 371,536 registered members... "

    What does a site like this one do, if it wants to use Windows Server 2003 to host this forum? 371,500 Windows CALs? Windows Server 2003 Web Edition with SQL Server Express on the same machine? $30,000 "external connector" license? Server-side CALs? It seems you'd either have to manage under the limitations of Express, or shell out a LOT (I mean seriously a LOT) of cash.

  • Wouldn't this be handled more by the "Concurrent user" thing?

    IOW, what is the max number of users who are on-line at any given time?

    >L<

  • As I understand it.  It you are using Integrated Security, yes you need User CAL's for everyone who could potentially access your system.  If you are using SQL Authentication, Windows Server is not doing the authentication, SQL is.  If you have purchased SQL Server on a per processor basis, it allows unlimited acces to your databases.

  • That sounds great - can you perchance point to a document on MS web site that says so? I can't find anything like that.

  • Some more info, but still ambiguous:

    http://www.microsoft.com/sql/howtobuy/faq.mspx

    See:

    "Q.What exactly is a processor license and how does it work?

    "A.A processor license gives you the right to install any number of copies of SQL Server 2005 on a single computer, ...

    "In addition to the installation rights to the actual server software, processor licenses also grant any number of devices or users the right to access and use the server software running on those processors. These access rights are available to all devices or users, regardless of whether they are inside the organization (intranet scenarios) or outside the organization (intranet or extranet scenarios). The processor license contains all that you need. With a processor license, there is no need to purchase separate server licenses, CALs, or Internet connector licenses."

    At first glance, this seemed like the access to the OS ("server software") is included in the SQL Server processor license. But a second reading, with "server software" meaning "SQL Server software" means it's still a question. Is this "All you need" or "All you need FOR SQL SERVER assuming you have OS CALs already."

    Ironic: in a profession (software) that demands removing ambiguity, the marketing/licensing people always find a way to bring it back.

    My friend here at work calls this the "sucker punch." Just when you think you're OK some impenetrable text in an agreement like this turns out to mean something different than you thought.

  • From the Microsoft Web Site:

    Under this structure, a customer acquires a separate Processor license for each processor that is located in the server running the SQL Server software. If you have made a processor inaccessible to all operating system copies on which the SQL Server software is set up to run, you do not need a software license for that processor. This licensing model is most appropriate for applications that are accessible through the Internet and for internal applications with a high client-to-server ratio.

    This tells me that you can have any number of users access data from a per processor licensed SQL Server system without having to purchase user or device CAL's.  This could potentially include using Windows Authentication as well.  If the users are making use of other services of the OS, printing, file serving, ftp, etc, then you may also need a User or Device CAL for those purposes.

    That is how I would actually interpret the license agreement regarding SQL Server.  This is also how I justified purchasing SQL Server 2000 Standard Edition on a per processor basis at my previous employer.  The server hosting SQL Server only provided SQL Server services, so no CALS needed to be purchased for the 120+ users access data from the server.

  • I also thought so, and that was true with Windows 2000 as far as I can tell, but with Windows 2003 Server it appears that they have changed the licensing details such that operating system CALS are now required. My struggle is that I cannot find a clear, unambiguous document from MS to refute that, only documents that support it. If true, it could represent an obstacle for many companies to upgrade to Windows 2003 Server -- basically any company that doesn't already shell out for Windows domain CALs.

Viewing 15 posts - 1 through 15 (of 20 total)

You must be logged in to reply to this topic. Login to reply