OneWorld Audit License Tool experiences ?

A customer I am involved with was recently audited with the Peoplesoft EnterpriseOne Audit License tool. They're running Xe with Citrix servers only - and after receiving the results, they were more than displeased.

It seems that they were 50% over on their licensing according to the study - which was a little high in my estimation.

I checked through the results from the audit tool, and I'm not positive that it is accurate based on the method of collecting "concurrent users" from the system - it seems as if the tool works by auditing login and submitted UBE events on the server - and somehow also ensures that users who log out correctly are also audited. However, I am not positive that disconnected sessions are correctly identified, since there are always a large number of sessions counted at the end of each day (before services are reset for the nightly backups).

Has anyone else looked into this tool ? If you were also audited, were you surprised by its results ? I think I've heard of several posters comment about the auditing tool before - I'd like to hear if this is common.

I'm going to spend some time compiling more information on how the auditing tool operates - but as I stated, even a 20% difference from reality could equate to more than $200,000 for many companies.

I'd look forward to hearing some comments...

Jon,

I have had a couple of clients audited with this tool. I agree with your assessment that the concurrent user count may not be accurate. There probably needs to be some intelligence added around hung sessions.

For sites with NAMED USER licenses the tool works properly. I had a client who recently got hit with this. Althought it may not sound believable I find that many people are confused by the machine count licensing and Citrix deployment. The client was well over their named user count by 50 users. They had the notion that each Citrix machine only counted as 1 license. I said yes in practice it does only decrement 1 license from your key but that does not mean you can load up as many users as you want regardless of your contract. The reseller was aware of this but did not correct the misconception. All anybody had to do was read the contract but it was signed long ago and not review by the people currently responsible for policing the licenses. The audit tool analyzed a series of transaction files and the user profile master and came up with a pretty dead on record of the users who had been active at any time in the system over the last year. The PSoft rep did some manual corrections to deal with duplicate user ids and such.

In the end they negotiated a deal to delete some occasional users and to upgrade to Metaframe XP and use the published application user limit feature to control the number of concurrent users.

The moral of the story is that if you have a named user contract and not a concurrent user contract then you must be in compliance based on the number of users you have setup in the F0092.

I have noticed in E1 there is a new field in the User Profile which records the user's license type. I am hoping that a more robust license server will be added soon.

Regards,

hi justin,

my client has 60 named user licenses and more than 80 active user ids in user profile (F0092).

do u have any detail information how they judge license violation?

do they count no. of user ids existed in transaction tables in daily/weekly/monthly/yearly basis?

will it be ok if I cut down no. of user ids to less than 60 in user profile?

edith
consultant

Can anyone use this tool?

I ask because peoplesoft was just out here to do our audit, someone showed up and was here for about 2 hours doing this audit, and I haven't got the results yet, but he said it will probably be around 300 users, which I belive is high. I would like to validate his findings somehow and I didn't have any ideas until now.

Nick

Hi Jon,

I do not have any specific experience with the "OneWorld Audit Licence Tool", however, if it uses the F9312 as its datasource, I would agree that its concurrent count may be suspect. A coworker and I recently compared the F9312 data against data we collect using Citrix RMS. This was mainly just an exercize to verify the validity of the data we were getting from RMS.

In a nutshell, we dumped all of the login & logout records from the F9312 into a spreadsheet. We then sorted all of the records by date and then time. We then added a column in which we assigned login records a +1 value and logout records a -1 value.

Finally, we created a calculation that performed a running count at every row and used that to graph daily concurrency.

The F9312 data reported 50% higher concurrency (give or take...depending on the day) than RMS - which freaked us out. I, being the CNC admin - which bleads over to DBA, Citrix, etc...was able to immediately identify the data as incorrect. Even eyeballing it using Citrix Server Administrator quickly identified the data as wrong.

Looking more closely, we could see that the Excel model using the F9312 data still showed about 40 people logged everynight before midnight...which I can gaurantee to be more like zero. So the moral of the story, I think somewhere login records are being orphaned in the F9312 (or rather logout records are sometimes never created) or something to that effect.

Oh, btw... We used the same Excel model using Citrix RMS data and calcualted the exact same concurrency that RMS did - for every day over a 6 month period. So, the Excel calculation were correct.

Hope this helps. I turned out to be long winded...

Ryan

I just looked at my Security History table F9312 and there are no sign in or sign out records. There are other event types. Is there a setting in the jde.ini file that would prevent these records from being written?

Patty

I believe a line in the [SECURITY] stanza in the jde.ini file on your security server turns on the ability to track login/logoff. Just add the line History=1