Overview for Multi-Level License Servers
Cloud licensing gives you the option of allowing customers to set up a second level of license servers to provide greater control over the distribution of network seats within an organization and to minimize the overhead of license administration.
Working with Multi-Level License Servers
Multi-level license servers enable a customer to:
>Control the distribution of network seats from a license with concurrency among users connected to LANs at different locations.
>Ensure the availability of network seats at remote locations, even if Internet connectivity to the cloud license server is not available or is not reliable.
>Allow groups of users to access network seats without providing a client identity to each user.
For a given customer, the vendor defines the total number of network seats available to the customer. The customer decides how to divide the seats among their secondary license servers.
When an end user starts a protected application from a machine on the same LAN as a second-level license server, the protected application consumes a seat or automatically detaches a seat from the second-level license server.
The detached license on the second-level license server acts as an SL license, not a cloud license. The end user does not require a client identity.
The primary license server machine is the main repository for licenses. Licenses are detached from the primary license server machine to second-level license server machines either online or offline (as described below).
When working with multi-level license servers, the following limitations exist:
>Network seats cannot be detached from a Product if all of the Features in the Product have unlimited concurrency.
>A network seat can be detached from a second-level license server using automatic detach. However, it cannot be detached using on-demand detach.
>A detached license with concurrent seats cannot be partially cancelled. If the license is cancelled, all the seats are cancelled.
> As long as any network seats are detached (using automatic detach) from the second-level license server, the detached license on the server cannot be cancelled.
Cloud licensing with multi-level license servers can be implemented in the following configurations:
>Vendor-hosted implementation: The vendor hosts the SL licenses on their own primary license server. The customer sets up one or more second-level license servers to host the detached network seats.
A license is detached from the primary license server using one of the following methods:
•Online detach
The vendor defines a client identity with special permission to detach network seats with concurrency for the customer. The customer installs the client identity on each second-level license server.
Using the second-level license server, the customer detaches a license with network seats from the SL key on the primary license server over the Internet. The customer has direct control over how many network seats from the pool are assigned to each second-level server.
•Offline detach
Using email or other offline means, the customer sends a machine ID file to the vendor for each second-level server to receive a detached license with network seats.
Using the primary license server, the vendor applies the machine ID files and detaches the required number of network seats from the SL key for each of the customer's second-level license servers. The vendor coordinates with the customer to determine how many seats are required for each second-level server. The vendor sends the required number of seats for each second-level license server to the customer in an H2R file by email or other offline means.
The customer applies each H2R file on the appropriate second-level server.
The customer does not require a client identity on the second-level server.
>Customer-hosted implementation: You can enable your customers to host the SL licenses on their own primary license server and to set up second-level license servers to host the detached concurrent network seats.
The customer can use online detach or offline detach as described above. However, for the customer-hosted implementation, all of the license servers are controlled by the customer.
NOTE For either level of implementation, cloud licensing is only available if you have the Cloud Licensing module in your Sentinel LDK Master license at the time that you generate the SL licenses.
This section describes how to set up your license server machines. The setup is the same for both the vendor-hosted implementation and the customer-hosted implementation, except as noted.
Implementation Summary
The following steps summarize the process of implementing the cloud licensing model with multi-level servers. Detailed instructions are provided in the sections that follow.
Each of the steps below is performed by the vendor unless stated otherwise:
1.Protect your applications using Sentinel LDK. Ensure that the Locking Type includes the option to use SL AdminMode keys.
2.Use Sentinel EMS to generate a separate SL AdminMode license for each customer organization. Ensure that your Sentinel LDK Master license contains the required modules. The license must allow concurrency. Specify the total number of network seats that are available to the customer organization.
3.Set up a primary license server machine. Install each SL license on the server. For vendor-hosted implementation, install each SL license in a separate SL key on the server.
4.Do one of the following:
To support online detach:
a.Ensure that the primary server machine has Internet access.
b.For each customer organization that will use second-level license servers, use Sentinel Admin Control Center on the primary license server machine to generate a client identity. Configure the client identity to allow detaching a license with concurrent seats (select Allow Concurrency for Detached Licenses).
For more information, see the Configuration screen – Client Identities tab in Admin Control Center.
c.Using Sentinel Admin Control Center, copy the identity string from the client identity. Provide the identity string to the customer organization.
d.The customer's administrator installs Sentinel Run-time Environment and installs the client identity on one or more machines that will serve as second-level license servers.
e. For each second-level license server, the local administrator uses Admin Control Center to detach the required number of seats and sets up the License Manager to allow access to the relevant end users.
To support offline detach:
a.The customer's local administrator installs Sentinel Run-time Environment on one or more machines that will serve as second-level license servers.
b.On each second-level machine, the local administrator generates a machine ID file and sends the file to you (the vendor).
c.Apply the machine ID files on the primary license server machine.
d.After consulting with the customer, detach the required number of seats for the machine ID of each second-level license server. An H2R file is generated for each server. Send the files to the customer.
e. For each second-level license server, the local administrator uses Admin Control Center to apply the provided H2R file to install the detached licenses. The local administrator sets up the License Manager to allow access for the relevant end users to the server.
5.The end users install and run Sentinel Admin Control Center and the protected application on a machine in the same LAN as the second-level license server. Each instance of the protected application consumes a network seat from the second-level license server.