mtmtech
asked on
Restricting terminal server device license acquisition
I'd like to know if there is a way that I can restrict my TS device Cals to a specific subnet. Other devices are using up my TS device that I use for my thin clients. I'd like to be able to restrict the licenses to devices on a single subnet. I had tried a product called SecureRDP by 2X thinking that it would do this for me by restricting RDP connections to only a single subnet for thin clients. The problem is that even though no RDP connection is made, a license is still acquired by the connecting device. Is there any way to accomplish this?
ASKER
We use a per device license. This helps when you run call centers that can have a high rate of turn over. From what I understand, per user licenses will stick with that user until they haven't logged in for 58 to 90 days. I thought there'd be a way to limit the distribution of licenses to a particular subnet.
Per User licenses are not tracked and thus never decrement although, legally, you are best with per device if your users outnumber your devices. They haven't put a tracking mechanism in place for per user TCALs yet so if you are pretty much even users:computers then Per User is the way to go.
I have never seen a built-in way to limit the distribution of TCALs but you can use GPO to direct your servers so it is certainly possible that way.
I have never seen a built-in way to limit the distribution of TCALs but you can use GPO to direct your servers so it is certainly possible that way.
ASKER
I currently use a GPO to tell any device connecting to the server farm where to get a licesne. The problem is that if an RDP session is opened by a PC, it also will pick up a license. All of the thin clients that we use are on the same subnet. PCs exist on a different subnet. Our users are actually equal to our devices and should never be uneven. If anything we should have more devices than users do to someone no longer working for the company. So, what happens when all of the per user TS Cals are used? Does it give temp licenses like the TS per Device method?
Per User TS CALs are never 'used' or tracked/enforced. So you never run out of them if you understand it. This is the opposite from per device TS CALs where if one is not available and your temporary one expired you are actually denied a connection to the TS.
I just do not understand what your problem is.
If a device that is not supposed to get a license gets one, that device, if not used, will 'return' that license after a maximum of 89 days. During the meantime if another device that really needs a license connects, if there are no licenses available they get a temporary one, good for 90 days. So by the time it needs a full one the one the other device took will be back to the pool and you should be ok.
If you are not ok that means there are devices that are actually using licenses and you do not have them or these devices may have older firmwares (if thin clients) and there is a bug on them regarding licensing handling (most manufacturers released new firmwares that addressed that).
Claudio Rodrigues
Microsoft MVP
Windows Server - Terminal Services
I just do not understand what your problem is.
If a device that is not supposed to get a license gets one, that device, if not used, will 'return' that license after a maximum of 89 days. During the meantime if another device that really needs a license connects, if there are no licenses available they get a temporary one, good for 90 days. So by the time it needs a full one the one the other device took will be back to the pool and you should be ok.
If you are not ok that means there are devices that are actually using licenses and you do not have them or these devices may have older firmwares (if thin clients) and there is a bug on them regarding licensing handling (most manufacturers released new firmwares that addressed that).
Claudio Rodrigues
Microsoft MVP
Windows Server - Terminal Services
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Forced accept.
Computer101
EE Admin
Computer101
EE Admin
On the other hand...why don't you simply reissue you TCALs as Per User; Per User TCALs are not tracked at all and the number will never decrement.