I’ve been asked to think about a licensing setup for our application.
- Customers ‘hire’ 10 workspaces (defined as a user with a workstation)
- Customers always have a server running with our softwarre.
We’re thinking about the following setup.
- One of our internet facing servers* does the workspace validation (*license server)
- User machines have ‘some’ unique fingerprint that are reported to our license server
- The customer’s local server ‘tracks’ all fingerprints in use and reports a list of validated workspaces to our license server
Our current problem is how to generate and collect an unique fingerprint for all user machines. Esp if they are running on virtualisation stacks like citrix.
For normal machines we can just use a mac address with some added extra details.
Is there a global unique hardware ID on all machines and especially citrix environments that is always unique per workstation?
Are there some must read links to people implementing license environments with stories based on experience.
Some extra information:
- The customer local server is always connected to the internet
- If our licensing server is down we can always use a grace period or a telephone unlock code.
Facts you’ll have to think about:
It means, you’ll have to think about a system more tied to users than to machines.
I would avoid installing drivers, dongles or hardware stuf, or special processes or services with elevated priviledges because this may not support every scenario, from now on.
So you can implement this by giving keys (like Microsoft product keys), tied to users (you can have a database that store user <-> key relations). You could store a key cache “per-user” on every machine where the user logs on, so every time a users logs in, you check if he has a valid key, and if he hasn’t you “activate” it and store the key (or a hash preferrably). How you defined keys and how you store them (credit card, usb key, etc…) is up to you.