By now most people are familiar with the basics of MetaFrame Access Suite version 3 licensing, the core tenet being that you download license files from Citrix and put them on your license servers. But what exactly are these license files and how do they work?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Note: This article applies to the MetaFrame Access Suite components that are version 3 and newer. At the time of this writing, both Presentation Server and Conferencing Manager are at version 3. Password Manager and Secure Access Manager are still at version 2.x, so their licensing components are different. In the next version of the MetaFrame Access Suite (version 4), all components will use this licensing mechanism.
As you know, all version 3 licensing is centered on the concept of the license file. A license file is just a regular text file with the extension “.LIC” that you place on your Citrix license server. The license server reads the licensing information contained in the license file and then hands out licenses to users as they connect via various MetaFrame servers.
These license files are only available from one source: Citrix’s web portal called “MyCitrix.” If you are a corporate customer, your licenses magically appear in the portal whenever you buy new products. If you are a smaller customer, you’ll get a license code with each copy of Citrix software you buy. Instead of entering that code into the product (like in the old days), you create a MyCitrix account (if you don’t already have one) and enter your license number into the web portal. This will associate those licenses with your account, just like enterprise customers.
To get a license file from Citrix, you login to MyCitrix, specify the quantity and type of licenses you want to bundle into the license file, specify the name of the server you want to use the file on, and click “download file.” A link is created to a .LIC file that contains all your information. Then you drop that file in a special directory on your license server and you’re all set!
Now that we’ve reviewed the basic license process, let’s take a deeper look at the license file itself. Each license file contains some important information:
- The name of the server that it was generated for.
- The product type and number of connections.
- The date that your subscription advantage expires.
- A digital signature that prevents you from changing any of these. :)
- The TCP ports that the license server will use to communicate with other MetaFrame servers.
The name of the server that the license file was generated for
One of the biggest complaints that Citrix received about licensing before MPS3 related to license pack activation and how people were treated like criminals if they had to reactivate licenses. (Reactivating licenses was fairly common as migrations and consolidations took place or as farms were rebuilt.)
To address this, Access Suite 3 licenses come “pre-activated,” which means that once you download the license files from Citrix, you can use them again and again without having to activate them over and over. While this is a great thing for admins everywhere, it also means that there would be nothing stopping someone from downloading a license file and posting it to an underground website for all the world to use.
To combat this, the MyCitrix website asks you to enter the computername of your license server before you download a license file. When you do this, the downloaded license has that computername embedded into it, and it will only work on a license server whose name matches the embedded name. (Against all logic, this name is actually case sensitive, so make sure you use the Citrix-provided “lmhostid.exe” utility to get your license server’s hostname instead of using the built-in “hostname” command.)
The bottom line is that you can use a single license file again and again as long as you use it on a license server with the name that’s embedded into the file. This even applies if you rebuild the server or move domains (as long as the NetBIOS name does not change). Once that server name changes, however, you’ll have to go back to the MyCitrix portal and “return” your current license file and generate a new one.
The Product Type and Number of Connections
The fundamental purpose of a license file is to specify how many connection licenses you have. Since Citrix now has several products in their Access Suite, the license file must also specific which of the products the various licenses correspond to.
One interesting thing about the license file is that it does NOT specify the version of the product along with the license information. Instead it specifies the type of product and the number of licenses.
For example, a license file will NOT specify that you have 100 connection licenses for MetaFrame Presentation Server 3.0. Instead it would only specify that you have 100 connection licenses for English MetaFrame Presentation Server Enterprise Edition or German MetaFrame Presentation Server Advanced Edition.
The date your Subscription Advantage Expires
Citrix’s “Subscription Advantage” is just a fancy name for a software maintenance contract where you get to use the most recent version of a Citrix product as long as your Subscription Advantage is active. Every Citrix product comes with one year of Subscription Advantage, and you can buy additional years for about 20% of the initial product’s licensing price.
One thing that’s important to note about Subscription Advantage is that you don’t have to buy it in order to use a product indefinitely. If you buy a MetaFrame product today, that product is good forever regardless of when your Subscription Advantage runs out.
For example, if you buy MetaFrame Presentation Server in February 2005, your Subscription Advantage would last until February 2006. The current version of Presentation Server as of February 2005 is 3.0. If 4.0 comes out in May 2005, you’ll get that for free since your Subscription Advantage is active. If 4.1 comes out in December 2005 you’d also get that since your Subscription Advantage would still be active.
Whatever version of Presentation Server is released before your Subscription Advantage expires is the version that you’ll be allowed to use forever.
So what does this have to do with license files? Every single .LIC license file that you download from MyCitrix has the date that your Subscription Advantage expires embedded into it. This means that the license file “knows” the valid dates of products you’re allowed to use.
To make this work, every single product from Citrix has what they call a “burn in” date hard-coded into the product itself. For example, MetaFrame Presentation Server 3.0’s burn-in date is April 27, 2004. MetaFrame Presentation Server 4.0’s burn-in date might be something like May 10, 2005. These dates are built-in to each product and cannot be changed.
Then, when users connect to a MetaFrame server, the server simply looks for an appropriate connection license from a license file for the right type of product with a Subscription Advantage expiration date that’s later than or equal to its own burn-in date.
The brilliance of this design means that you can start using the newest products from Citrix without having to change or modify your license files. Of course the downside to this is that you’ll have to generate new .LIC license files whenever you renew your Subscription Advantage.
The Digital Signature
If you open up a .LIC license file in notepad you’ll notice that everything we’ve talked about here is just sitting in the file in plain English. To prevent people from simply opening this file and adding licenses or changing the server name, Citrix license files also contain a 480-bit signature that corresponds to the specific settings of that file. If you change any of these parameters, the license file will stop working.
TCP Communication Ports
The license files also let you specify which ports will be used as the license server communicates with the MetaFrame servers. Talking about port usage is kind of useless outside of the context of a larger discussion about license server architecture, so we’ll cover that in tomorrow’s article.