Getting Started with Sentinel RMS—Network On-premises Mode
This document provides step by step instructions for generating and consuming Sentinel RMS licenses for the
This document uses Sentinel EMS for defining the product catalog and generating entitlements and licenses. It also uses the code sample provided with the Sentinel RMS SDK for consuming licenses and Sentinel RMS tools for generating license fingerprints and installing licenses.
Sentinel EMSPrerequisites
The Steps
Follow the steps below to generate and consume a license using Sentinel EMS with Sentinel RMS enforcement.
You need to download and install Sentinel RMS SDK before executing the Sentinel RMS samples.
Downloading the Sentinel RMS SDK
NOTE If you are a production customer, refer to the Thales order emails for links to download the SDK. Alternatively, you can log in to your Thales support account and use the available links to download the SDK. If you are an evaluation/trial customer, the SDK download links are present in the trial portal, details of which are shared with you over emails.
1.Open the Thales Sentinel Order email. In the Download Details table, click the Download link corresponding to the Sentinel RMS SDK field.
2.For trial licenses, clicking the link will directly start the SDK download. For all other licenses, you will be redirected to the Thales Support Portal.
Installing Sentinel RMS License Manager and Sentinel System Driver on Windows
The installation program (at <installdir>\Redistributable\LicenseManager) installs both the Sentinel RMS License Manager and Sentinel System Driver on Windows systems. The installer detects whether the operating system is Windows 32- or 64-bit and installs the version of the Sentinel System Driver accordingly.
Given below are various methods to perform the installation.
Method 1 - Wizard-based Installation
The wizard-based graphical installer provides step-by-step interactive instructions that enable your customers to complete the installation on their own.
Method 2 - Quiet Installation
You can call the setup.exe in quiet mode either during the application installation or afterwards. The installation runs without any noticeable user interaction (quiet mode). This method is very similar to the first method, except that you call setup.exe yourself.
The following files are required totaling about 8 MB:
•Sentinel RMS License Manager <version>.msi
•Data1.cab
•Setup.exe
The command-line switches are as follows:
•Use the following option to install both the License Manager and Sentinel System Driver from command-line:
msiexec /quiet INSTALLLEVEL=101 /i "Sentinel RMS License Manager <version>.msi"
•Use the following option to install only the License Manager from command-line:
msiexec /quiet /i "Sentinel RMS License Manager <version>.msi”
Method 3 - Calling the MSI
With your application's Windows Installer-based installation program, you can easily call the License Manager MSI file. It is a supported custom action built into Windows Installer. The trick is to allow the installer to find the files it needs to install. The Sentinel RMS License Manager installer is written using InstallShield for Windows Installer and has all its files placed in the data1.cab archive. After you add a custom action to call this MSI file from your installer, all the components will be installed quietly along with your application in a seamless manner.
NOTE You must have Windows Installer 2.0 (or later) installed on the target machine.
The following files are required totaling about 4 MB:
•Sentinel RMS License Manager <version>.msi
•Data1.cab
NOTE It is possible that you use InstallShield for Windows Installer and you also have a .cab file corresponding to your application. In this case, the two files need to be merged together—as they need to reside in one directory. Otherwise, just include the Sentinel RMS License Manager MSI file and the .cab file in the same directory as your own MSI.
In this step, you connect to the Sentinel EMS Portal using the credentials shared by your Thales representative.
1.Navigate to the URL shared by Thales.
2.Log on using the User ID and Password provided by Thales.
On the first login to Sentinel EMS, the getting started page is displayed which provides links to help you get started with Sentinel EMS. For existing users, the Entitlements page is displayed.
A license model is a combination of various parameters that define how a product can be used by an end user. You need to use the Flexible license model as the base for defining a license for the
1.From the navigation pane, select Catalog > License Models.
2.In the License Models page, search by Name for the Flexible License Model.
3. Under the Actions column, click Copy 
.
4.In the Copy License Model page, in the Name field, enter any license model name, for example, MyLicense.
5.From the Deployment Mode drop-down, select On-premises.
6.From the License Type drop-down, select Network.
7.Under the Policy section, toggle Enforce Clock Tampered to No. This disables time tampering detection.
Clock tampering is handled by the license manager itself.
8.Under the Locking section, you can select the desired locking criteria. In our case, let's use the default locking criteria, Disk ID.
9.Click Save.
You've successfully configured the license model. Next, you will create a feature using this license model.
The first step in creating a catalog is defining features.
1.From the navigation pane, select Catalog > Features.
2.In the Features page, click Add Feature.
3.In the Add Feature page, from the Namespace list, select General.
You see the Namespace list only if multiple namespaces are available in the system.
4.In the Name field, enter a feature name, such as Addition.
5.In the Version field, type 1.
6.In the Identifier field, leave the default Identifier for now.
When you create your own features, you can use the default Identifier or apply another Identifier to match an existing feature in one of your company's products. The Identifier must match the feature Identifier in your licensed application.
7.In the Available License Models area of the Associate License Models pane, click the license model you created to add
8.Click Save.
You've created your first feature. Next, you will add the feature to a product.
Now that you created a feature, you can add it to a product. This is known as associating a feature with a product.
1.From the navigation pane, select Catalog > Products.
2.In the Products page, click Add Product.
3. In the Add Product page, from the Namespace list, select General.
4.In the Name field, enter any product name, for example, MyProduct.
5.In the Version field, type 1.
6.In the Available Features area of the Associate Features pane, click the feature you created to add it to the Associated Features list.
7.Click Save. The product is created as a draft.
8.In the Products page, for the product you created, in the Actions column, click the Complete 
button.
9.In the confirmation box that opens, click Complete (not shown). This makes the product available for distribution.
You've successfully created your first product. Next, you will create an order, known as an entitlement, for the product.
In this step, you are creating an entitlement.
1.From the navigation pane, select Entitlements.
2.In the Entitlements page, click Add Entitlement.
3.Associate this entitlement with a new customer.
a. In the Add Entitlement page, next to the Customer field, click Add Customer 
.
Tip: You can also define customers directly from the Customers tab.
b. In the Add Customer dialog box, in the Name field, enter any customer name, for example, MyCustomer.
c.
d. Click Add to finish creating the customer.
4.Add user details to the customer you just created.
a. In the Add Entitlement page, next to the User Email field, click Add User to open the Add User dialog box.
b. In the Email field, add the email address to which the entitlement certificate will be sent.
c. Click Add. The user is created and the user email address is associated with the customer you just created.
5.In the Associate Products / Product Suites pane, under Available Products, click the product you created to add it to the Associated Products / Product Suites section.
6.
Let's suppose that the customer ordered 10 copies of your product.
In the Available Quantity field, change the value to 10.
7.Click Save to save the entitlement as a draft.
8.In the Entitlements page, in the Actions column, click to complete the entitlement.
(The image shows the Draft status prior to confirmation.)
9.In the confirmation box, click Complete (not shown). The entitlement details are saved. An Entitlement Certificate email is sent to the user email address you entered earlier.
(The image shows the Completed status post-confirmation.)
You've successfully created your first entitlement.
Licenses can be locked or unlocked. Licenses generated for Sentinel RMS in this guide must be bound to the fingerprint of the device on which the license is going to be used. You will first generate a fingerprint and then use it to activate the product.
Fingerprint generation is a client-side operation. This guide demonstrates the process of fingerprint generation using the Wechoid utility, which is a Windows-only graphical utility provided by Sentinel RMS. In the real-time environment, your customers might use a different utility or process, as defined by you, to generate the fingerprint.
To generate a fingerprint using Wechoid, perform the following steps:
1.Run the Wechoid.exe on the device on which you want to run the sample with the license.
2.Under Locking Criteria, ensure that none of the fields except Disk ID is selected. This is because for the purpose of this guide we are using only Disk ID as the locking criteria.
NOTE The locking criteria must be the same as specified in the license model associated with the entitlement; otherwise, the fingerprints in the license will not match the fingerprint on the machine/device.
3.The Code field automatically displays the fingerprint based on the selected criteria. Select and copy it.
NOTE The terms “locking criteria”, “primary criteria”, and “locking selector” are used interchangeably throughout this guide and within Sentinel EMS, tools, and documentation. Likewise, the terms “locking code”, “client info”, and “fingerprint” are used interchangeably. The former are used to define what machine characteristics the latter will be based on. Combined, the ‘criteria’ and ‘fingerprint’ are referred to as the ‘locking data’.
For details of these terms, refer to the Sentinel RMS Developer Guide.
Product activation refers to the method of generating a license code specific to a device. The license code ensures that the product can be used only on the device to which it is locked. To generate a license code for a device:
1.After obtaining the device fingerprint, open the Activate Products page. To do so, expand the entitlement you just created, select the checkbox for the product you created, and click Activate.
2.In the Activate Products page, in the Primary 1 Value field, paste the fingerprint generated earlier.
3.Click Complete Activation to generate the license string. The License Certificate screen is displayed.
4.Click Save License to create a lservrc file that contains the generated license string.
5.Click Close.
To consume the license, you need to compile the sample, install the license, and run the sample.
NOTE
•Before compiling and running the sample, ensure to complete the prerequisites.
• Microsoft Visual Studio 2012 has been used to explain the steps in this section.
• In the steps below, change 10.x to the Sentinel RMS version you are using where path is referring to the location of sample or output.
Compile the Sample (MSVS 2012 and Later)
You need to compile the sntl_demo.c sample to get the executable application, which can be run to consume the license.
To compile the sntl_demo.c sample:
1.Open Microsoft Visual Studio as Administrator.
2.Open the Samples32.MSVS2012.sln solution file in Visual Studio. This file is available in the C:\Program Files (x86)\Thales\Sentinel RMS Development Kit\10.x\Samples\C folder.
3.Edit the sntl_demo.c file:
a.In the Solution Explorer, navigate to the sntl_demo folder, expand Source Files and double-click the sntl_demo.c file to open it.
b.You do not need to make changes in #define CONTACT_SERVER if your server is hosted on same machine.
NOTE If you are using a different sever, you need to provide the IP address of the server (where the license is present) in #define CONTACT_SERVER; otherwise, it is localhost by default.
c.(Optional) By default, the feature name is Addition and feature version is 1 in the sample source file. However, if you have created a feature in Sentinel EMS by a different name and version, you can change the defaults in the sample. In the source file, change the feature name and feature version to the values defined in Sentinel EMS.
4.Before building the sample, you need to add the library legacy_stdio_definitions.lib (Configuration properties > Linker > Input > Additional Dependencies). To do so, right-click the sntl_demo folder in the Solution Explorer, click Properties.
5.Build the sample. To do so, right-click the sntl_demo folder in the Solution Explorer, and click Build. The output is the sample application executable created at
C:\Program Files (x86)\Thales\Sentinel RMS Development Kit\10.x\Samples\C\Out\MSVS2012\x86\Debug\sntl_demo.exe.
Install the License
Before executing the sntl_demo.c sample, you need to install the license.
1.For network applications, place the license file (lservrc) in the same directory where the license manager is installed, which is C:\Program Files (x86)\Common Files\Thales\Sentinel RMS License Manager\WinNT.
NOTE If you don't have the license file, you can generate license and place it in the folder containing the compiled sample. You can assign a different file name (other than lservrc) using the environment variables, licensing library API functions, and command-line switches.
2.Restart the License Manager.
Run the Sample
Next, you need to run the sample application executable (.exe) to consume licenses. To run the sntl_demo.exe file:
1.Open the command prompt as Administrator.
2.Change the directory to the output folder by running the following command:
C:\Program Files (x86)\Thales\Sentinel RMS Development Kit\10.x\Samples\C\Out\MSVS2012\x86\Debug.
3.Execute the sntl_demo.exe file.
Once the sample compiles and runs, the Console window displays the execution results.
1.First, an application context is created.
2.When a valid license is present, information about the Addition feature is displayed.
3.Press Enter to call the login API. This requests the license for the Addition feature. Errors are thrown, if the license is not present (error 210018) or if the existing license on the machine has expired (error 214109).
4.The session information is displayed, which is the information for the current license session. Note that a successful license request creates a license session. For example, <tokensInUse> is shown as 1 because one license has been used with the call to the login API.
5.Next, the refresh API is called to periodically refresh the license and keep the license session alive for a longer period.
6.Afterward, a refresh call is executed to refresh the licenses and the logout call is executed to release licenses.
7.Press Enter to close the sample.
Congratulations! You've successfully generated and consumed Sentinel RMS licenses for a
Error Codes
Refer to the Sentinel RMS API Reference Guide for information about errors and status codes.