Named User Licensing

Named user licensing is introduced since the Sentinel RMS v10.2 release. This feature is available only in the Connected (Cloud LM) deployment mode. With the introduction of this feature, the Sentinel RMS license version is upgraded to v23.

The topics covered are:

>How Does Named User Licensing Work?

>Named User Licensing APIs

>Configuring Users

>Configuring the Limits

>Examples for the Limits Set

>Frequently Asked Questions

For more information...

For a high-level overview, including user management and Sentinel EMS, refer to Knowledge Base article KB0028158 in the Customer Support Portal.

How Does Named User Licensing Work?

Named user licensing restricts access to the licensed application to a pre-defined set of users. These are users in the organization who have been granted privilege by the system administrator to access the licensed application. Any other users who attempt to access the licensed application are blocked and will receive the SNTL_USER_NOT_ALLOWED error.

Named user licensing provides the following controls:

>The total number of users who can use the licensed application is set by the software vendor in the license model during the product-definition stage. Refer to Configuring the Limits.

>The names of users, referred to as user accounts, are managed by the Contact (Administrator Type) in a customer's organization after a license is deployed on RMS Cloud LM. Refer to Configuring Users .

>The management of user accounts is done with the help of RMS Cloud LM REST APIs. Refer to Named User Licensing APIs.

Named User Licensing APIs

Named User Licensing APIs	Description
PUT /rmslm/features/{featureId}/licensedUserAccounts	Configures the user accounts list when called for the first time and replaces the existing list with the new list in subsequent calls.
PATCH /rmslm/features/{featureId}/licensedUserAccounts	Appends a new user accounts list to the existing list.
GET /rmslm/features/{featureId}/licensedUserAccounts	Obtains the existing user accounts list.
DELETE /rmslm/features/{featureId}/licensedUserAccounts	Deletes a particular user account from the user accounts list.

Configuring the Limits

Named user licensing is governed by the following limits. The software vendor sets these limits in the Flexible License Model of Sentinel EMS:

Limit	Description	Configuration
User Limit	>The concurrency limit associated with the licensed feature—the maximum limit for simultaneous use of the licensed feature. >When the user limit is reached, even named users cannot obtain a license. See Also: Calculating the User Limit	The software vendor sets the user limit in the Flexible License Model during the License Model definition stage in Sentinel EMS.
Named User Limit	>The maximum number of users allowed to use the feature. >A value greater than zero indicates that named uses are allowed. >Only the users included in the user accounts list are allowed to use the license.	The software vendor sets the named user limit in the Flexible License Model during the License Model definition stage in Sentinel EMS (v 5.6.100 and later) for Connected (Cloud LM) mode. NOTE The named user limit setting is independent of the user limit. Therefore, the named user limit can be set higher than the user limit. Refer to the following table for several examples.

Limit

Description

Configuration

User Limit

>The concurrency limit associated with the licensed feature—the maximum limit for simultaneous use of the licensed feature.

>When the user limit is reached, even named users cannot obtain a license.

See Also: Calculating the User Limit

The software vendor sets the user limit in the Flexible License Model during the License Model definition stage in Sentinel EMS.

Named User Limit

>The maximum number of users allowed to use the feature.

>A value greater than zero indicates that named uses are allowed.

>Only the users included in the user accounts list are allowed to use the license.

The software vendor sets the named user limit in the Flexible License Model during the License Model definition stage in Sentinel EMS (v 5.6.100 and later) for Connected (Cloud LM) mode.

NOTE The named user limit setting is independent of the user limit. Therefore, the named user limit can be set higher than the user limit. Refer to the following table for several examples.

Configuring Users

The user accounts list is configured by the Contact (Administrator Type) using any customized option or utility that calls the PUT licensedUserAccounts API.

The software vendor must direct the Contact (Administrator Type) to finalize the user accounts list—tasks of adding, deleting, and updating user accounts—prior to accessing the licensed application.

Examples for the Limits Set

#	User Limit	Named User Limit	User Accounts List	Outcome
1	100 (default)	Not enabled (default setting)	>Configured. >5 user accounts added in the list.	Any user can obtain the license. The user accounts list is ignored. The license works as a version 22 concurrent (floating) license.
2	100 (default)	5	Not configured.	No user can obtain the license.
3	100 (default)	5	>Configured. >10 user accounts added in the list.	Only the first 5 named users who attempt to access the license are able to do so.
4	100 (default)	5	>Configured. >5 user accounts added in the list.	Only the 5 named users included in the list can obtain the license.
5	100 (default)	1 (default value when enabled)	>Configured. >5 user accounts added in the list.	Only the first user from the list can obtain the license.
6	2	5	>Configured. >5 user accounts added in the list.	>Only two licenses can be issued. >When the user limit is reached, even the users whose names are set, cannot obtain a license. >If a single user account uses all the available licenses, the remaining users are not able to run the application.
7.	100 (default)	150	>Configured. >150 user accounts added in the list.	>Up to 100 licenses can be issued. >The priority order of the names in the user accounts list is equal and available on first-come, first-served basis to 150 user accounts added in the list.
8.	100 (default)	100	>Configured. >150 user accounts added in the list.	>Up to 100 licenses can be issued. >Up to 100 user accounts in the list have equal priority. Users beyond 100 are not considered for issuing a license.

Frequently Asked Questions

Question: How does a named user license differ from a network license hosted on RMS Cloud LM?

Named user licenses are similar to network license as they both have an associated seat count (user limit). With network license, any user in the network can obtain a license, if available. However, a named user license can only be obtained by users configured in the user accounts list.

Question: What should be specified as the user name in the user accounts list? How does it get verified on a licensing call?

The user name is a standard term—an identifier used to log on to a computer. A userName is also passed in the licensing API calls and thus gets verified against the configured user accounts list.

In the case of SCP-integrated library, the user name (the user that is used for logging on to the machine) is extracted by the library from the system and is seamlessly passed to the RMS Cloud LM. In the case of Cloud LM REST API, the user name is explicitly passed in the web service body.

Question: Do the Unified APIs in the SCP-integrated library support named user licensing integration?

Named user licensing is integral to the RMS Cloud LM sessions created using the login API. The session-related APIs can be implemented both with the REST API and Unified APIs in the SCP-integrated library. However, named user accounts list management can only be implemented with the REST API.

Question: Is the named user account functionality supported with service accounts?

Yes. The named user licensing can be implemented for both the on-premises and SaaS applications (including service accounts). However, the user accounts list can be managed only by:

>The software vendor's administrator

>Contact (Administrator Type)

Question: Is it possible to reserve a named user license for a user?

If the user accounts list has only one named user, then it is reserved for that user.

If the user accounts list has more than one user, it is not possible to reserve a license for a user, as all the users have equal priority. For details, refer to Example: 7 and Example: 8.

Question: Does the named user limit get aggregated if the license type is aggregate?

Yes. When the licenses have a named user limit greater than zero, their named user limits can be aggregated to serve users. For example:

#	License 1	License 2	Meaning
1	Named User Limit = 0	Named User Limit = 0	These licenses do not have a named user limit associated. Compatibility of remaining license properties will determine license aggregation.
2	Named User Limit = 0	Named User Limit = 5	Compatibility of remaining license properties determines license aggregation. Named user limit is not aggregated.
3	Named User Limit = 5	Named User Limit = 11	Compatibility of remaining license properties determines license aggregation. If compatible, the named user limits are aggregated to 5 +11 = 16 to serve users.