What happens if Server 2016 doesn't have enough CALs?

What happens if Server 2016 doesn't have enough Client Access Licenses (CALs)?

My organization purchased 35 "OLP WIN SVR CAL 2016 SNGL NL USR CALs" for our Server 2016 server but now we have around 50 users who each have their own Active Directory user account.

So far we haven't noticed any issues with user logins but I just wanted to know what the consequences are for us not having enough of the client access licenses (CALs).
IT GuyNetwork EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nothing happens. You are just no longer compliant and need to buy more licenses.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Scott CSenior EngineerCommented:
As McKnife said, you are no longer compliant.  What are the consequences?  You could hit with a hefty fine if you do not take steps to become compliant.
IT GuyNetwork EngineerAuthor Commented:
So even if we don't have enough Client Access Licenses (CAL)s all users will be able to login to Active Directory at the same time without receiving any warning or error messages and these users will be able to access and use all network resources without any issues even though there aren't enough Client Access Licenses (CALs) being used?
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Scott CSenior EngineerCommented:
That is correct.  The licenses are paper licenses.  If you purchase more CALs, there isn't anything to "do" on the server.

You keep the CAL paperwork in a safe location in case of an audit.

But the fines are steep, far more than if you simply purchase the CALs.  All it take is a disgruntled employee with the knowledge to make a  call and start the audit process.
Hello ThereSystem AdministratorCommented:
You will not be affected at all. CALs are just peaces of paper. Means nothing unless you are under audit. (just another MS nonsense how to get more money)

So if you do not have enough CALs you should buy them to be prepared for audit that might never happen.

But if it will happen and you don't have enough CALs, you are in troubles.

We experienced MS audit just once in last ten years.
IT GuyNetwork EngineerAuthor Commented:
Do we need a separate CAL for each individual Active Directory user or do the CALs only account for users who are logged onto the server at the same time (concurrent logins)?

While we do have 50 total users now we only have 30 of them logged onto the server at the same time since some work mornings and others work nights.

Please clarify.
Hello ThereSystem AdministratorCommented:
You need CALs for all created users.
So you need 50 CALs.
Lee W, MVPTechnology and Business Process AdvisorCommented:
Let's be clear - you don't need CALs for created users.  You DO need CALs for each HUMAN BEING that accesses the network.

CALs are assigned to HUMAN BEINGS (if you purchase User CALs) or DEVICES (if you purchase Device CALs).
Microsoft does not license by concurrent connection.
Licenses are transferable once every 90 days (so you can't transfer them at the end of a shift or while someone is away on vacation).
If you try to license by device, keep in mind, every device a person uses that touches the Windows server would need a license - for example, their phone getting a DHCP address would need a CAL, their iPad would need a CAL, their parent's computer when they remote in to work from their parents home would need a CAL.  This is why in MOST cases, User CALs are preferable - with a user CAL, only one CAL is required for that human being and any device they use is covered.
IT GuyNetwork EngineerAuthor Commented:
Does a single user CAL cover an unlimited number of devices that the individual user might use (such as two laptops, an iPad, a cell phone,  two desktops, a home computer, etc.) including using several of these devices at the same time?
Hello ThereSystem AdministratorCommented:
Yes, it does. You can use unlimited number of devices.
Wayne HerbertIT SpecialistCommented:
An anecdote:  I am aware of a rather unethical, unscrupulous fellow who made lists of all the companies he considered to be his competitors.  He then reported all of them to the various anti-pirate websites.  I understand that his underhanded behavior did result in several fines.
IT GuyNetwork EngineerAuthor Commented:
Can you please provide me with website documentation that explains the consequences of not having enough Client Access Licenses (CALs) for Server 2016 and how a fine can result?

I need to share this with my organization to convince them to buy more licenses to cover the increase in the number of employees within our organization.
Wayne HerbertIT SpecialistCommented:
Here's the best answer for your organization:  Microsoft requires a CAL for every user accessing a Microsoft driven server.  If you don't have a number of CAL's equal to the number of users, you are violating the terms of your license agreement, which is both unethical and can possibly subject you to fines and penalties.
Now, it is true that your violations have to be discovered in order for your organization to run into trouble, so if it chooses to operate unethically, it can do so for quite some time.  Various software suppliers have, in the past, performed random audits, but these are relatively rare.  
However, there are at least two organizations that provide an opportunity disgruntled employees and less than scrupulous competitors an opportunity to rat on you.

https://reporting.bsa.org/r/report/add.aspx?src=us&ln=en-us - report piracy
http://www.siia.net/piracy/report/report.asp - report piracy - do note the reward program in effect
As far as the penalties are concerned:  https://legalbeagle.com/6130124-legal-penalties-software-piracy.html
Again, though, is your organization ethical and honest?  Would it try and cheat on its utility bill?  Would it steal an extra box of paper from Office Depot?  Would it cheat on its taxes?  If not, then complying with software licensing is just one more thing to do... even though CAL's exist ONLY for the purpose of extracting more money out of your wallet.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 10

From novice to tech pro — start learning today.