In my office i have a Windows 2003 R2 Enterprise server and i have installed *only* Apache Tomcat 5.5, no other Windows Services/Applications are running like Active Directory etc.
In Apache, i m running a Web Application that communicates with 25 Remote PCs across the Internet. Those PCs require a password and login name to authenticate and fetch specific type of media like photos,videos etc from the server. All these usernames and passwords are stored inside Postgre SQL that communicates with the Web Application. They don't use VPN or any other type of windows authentication to communicate, they just "talk" each other via http.
The question is, do i need to buy CALs for the remote PCs or not?
Microsoft clearly states:
"Windows CALs are not required when access to the *server software* is unauthenticated and conducted through the Internet. Authenticated access is defined as an exchange of user or application credentials between the server software and a user or device. An example of this exception would be if unidentified users browsed your public Web site. Windows CALs would not be required for those users."
What exactly *server software* means? It means Win 2003 in total or Active Directory etc?
Thanks for your time!