Knowing the Rules, Beating the Audit

When Microsoft demanded that a customer cough up nearly $200,000 for unlicensed SQL Server use, the customer turned to Software Licensing Advisors and Pica Communications, who found other ways to make the customer compliant, including a $0 solution.

According to Microsoft, the company's anti-virus software was using SQL Server as its configuration storage database. The customer also used SQL for other applications that were accessed by a few hundred employees who had been assigned SQL Server Client Access Licenses (CALs). Since every employee's PC accessed the antivirus system, Microsoft said all the other employees needed CALs as well, which brought the bill close to $200,000.

The company asked Software Licensing Advisors (SLA) and Pica Communications to confirm this requirement.

Pica informed the customer that it had other options. After reviewing the installation software for the antivirus solution, Pica's consultant noted that when the anti-virus software is installed it gives the installer the choice of installing a copy of SQL Server Express, which is free and would serve up to 5,000 clients, or of installing the software on an available SQL Server that the installation software had identified.

Unaware of the consequences, the technician installing the software chose the second option, thus triggering the CAL requirement. According to the Microsoft audit team, once a customer begins with CALs it can not switch to a different licensing option that may be less costly, such as per-processor licenses.

Pica challenged that assertion. Mixing SQL Servers licensed with CALs alongside SQL Server licensed by processor is not only permissible, but a superior solution in some cases. The customer's usage profile was a perfect match for a mixed solution—using processor licensing for a SQL Server accessed by everyone, and using CALs for a limited number of employees who needed to access application-specific SQL instances.

Pica recommended that the customer challenge Microsoft's proposed remedy by asking the audit team to show where, in the customer's contract documents, the “once CAL, always CAL” rule was written.

Microsoft failed to respond to that request, but continued to tell the customer it needed to purchase the required CALs.

The customer eventually purchased about $30,000 worth of SQL Server processor licenses to cover the anti-virus solution as well as a few other SQL instances for which processor licensing was more appropriate.

It then informed Microsoft that in its view, the friendly SAM engagement had succeeded in identifying some compliance issues, those issues had been dealt with appropriately, and no further communications on the subject would be entertained.

Microsoft took no further action.