Results 1 to 8 of 8

Thread: JDE License Audit

  1. #1

    JDE License Audit

    Hi, Can anyone throw some insights on JDE License Audit process? Which tables and transactions to query and standard scripts to run?

  2. #2
    What type of audit?
    Jeremy Shearer

  3. #3
    Senior Member peterbruce's Avatar
    Join Date
    Jan 2004
    Location
    NSW Australia
    Posts
    2,121
    Oracle has a tool they install and run to retrieve the required metrics. It has been over 5 years since we had an audit, so things may have changed. When we had the audit, their tool was not compatible with our JDE TR so I had to take hourly screen shots of the user sessions screen(s) in SM and save the html code for each screenshot, during normal work hours over 5 days
    Thanks, Peter

    "Give a person a fish, feed them for a day, teach them how to fish, feed them for a lifetime."

    E9.1 TR9.1.2.1, Enterprise Server: Sun, Database Server: Sun, Oracle DB: 11g, Weblogic.
    Create!form 7

  4. #4
    Senior Member Chan Rana's Avatar
    Join Date
    Aug 2005
    Location
    PA,USA
    Posts
    1,009
    I think they normally would scan all transaction tables for a period and derive the active user list.

    Chan
    Chandrakant Rana
    E1 Xe-9.0, AS/400, XML, BSSV
    E1 Integration,C,HTML,Java,CreateForm 3.0

  5. #5
    Hi Jeremy, Its Oracle License Compliance Audit.

  6. #6
    Member
    Join Date
    Dec 2000
    Location
    Australia
    Posts
    562
    For the most part I agree that the standard audit approach (which was may have been inherited from PeopleSoft) is to count distinct user id's in the audit column (USER) of the core transaction tables by module. However, license terms appear to actually be based not on what a user *does* but what they *can do*.

    Have a look at this white paper written by some ex-Oracle License Management Services (LMS) consultants: http://white-paper.b-lay.com/white-p...i-agavriloaiei They talk about the idea that security grants are actually the basis for a full license audit. If you use all doors open security you are probably in a position to argue but if you are using say Q-Soft or All-out Security with all doors closed then you are not really in a position to defend giving access to people who do not need a particular application.

    Also keep in mind related licensing such as Watch Lists (OVR foundation required), Core Tools and Technology, JDE OVR applications which are intended for specific OVR reports which are in turn license per module/per user and integration licensing for devices through the Orchestrator/AIS.

    Oracle has not yet grabbed all integrations for licensing but I expect to see transaction type license metrics in the future for the likes of DSI dcLink/MEP, Point-of-Sale integrations and perhaps others where a third-party system is acting as a proxy for a named user to interact with JD Edwards. There is a general lack of clarity on all that but based on where they are headed with mobile device/AIS licensing and more cloud type, utilization-based license metrics, I expect to see some API type licensing eventually. I think this is especially likely when the integration involves a human on one side and JDE on the other. The B-Lay site also discusses custom apps against standard tables and how those are essentially consuming licenses for the modules that own the tables that they interact with. (After all, you couldn't reasonably avoid licensing Sales Order Management by simply making x56xxxx copies of every x42xxxx object right?)

    None of this is spelled out clearly by Oracle. I expect they like to keep it fuzzy so that they have room to argue. I am sure that corporate lawyers could argue at lot of this in your favor should it ever come to that but I take the view that you should at least be aware of the entire license footprint assuming a worst case interpretation where any human that interacts either directly or indirectly with a JDE licensed module is accounted for. This is well established in Oracle DB licensing, where for instance, if you have a forklift and on it is a human operated bar code reader that works with an application that uses an Oracle DB, each driver of the forklift is a named user for user-based DB licensing.

    My focus for internal license audits is now to use the security master to document what users can do. I feel that that is the most compliant way to count usage.

  7. #7
    Clarification: OVR foundation is not required for 'delivered' watchlist. Oracle put out a useful whitepaper detailing what is included with the basic functional application license and what requires and OVR foundation or OVR Application license: http://www.oracle.com/webfolder/tech..._rebranded.pdf.

  8. #8
    Member
    Join Date
    Dec 2000
    Location
    Australia
    Posts
    562
    That is good information. I had not seen that document. In practice I rarely see delivered watchlists satisfy the functional consultants. Watchlists have become a bit of a cottage industry on my projects. Imagine a status board with 15 watchlists used like a process control dashboard. To be fair I haven't had a single project implement UXOne roles yet. We have started to use Splunk to roll up the same type of data as watchlists and expose to JDE in context via CafeOne. This obviously does not have the capability of updating the E1 Page tile watchlist counts but serves the dashboard need far better than the 15 watchlist scenario.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
The legal restrictions and terms of use applicable to this site are available here.
Use of this site signifies your agreement to the terms of use.
JDELIST is NOT affiliated with JD Edwards® & Company, Oracle or Peoplesoft. Contents of this site are neither endorsed nor approved by JD Edwards® & Company and, or Oracle.