Re: what's gonna happen if the 75 user limit is exceeded?

Historically, If access to server resources is authenticated in any way, then that session required a CAL, regardless of the engine that provides authentication (AD, database, etc.).

For example, lets say you are running a public website. Part of the website is accessible anonymously to anyone on the internet. However, users can also register with the site, and then log in to the site to access content only available to authenticated users. In that scenario, when a user logs in to the website and authenticates, that session must be covered by a CAL (either the user or the device). This is true regardless of what is authenticating the connection (it isn't solely restricted to Active Directory - any authenticated access against any authentication provider would require a CAL).

Obviously SBS isn't able to monitor and enforce compliance on alternate types of authenticated connections - but again, historically any authenticated access requires a CAL. Also, there is no external connector license for SBS. If you need to do something like host a website with authenticated access, the best route is to use an external hosting provider :^) If you need to do this in-house, then best route is to stand up a vanilla Windows Server (preferrably stand-alone in a DMZ) and purchase an external connector license for that server, which allows unlimited connections. Of course, if you set up a stand-alone (not joined to the domain) vanilla Windows Server, you can select to run that box with a concurrent connection licensing model, in which case you would only need to buy enough Windows Server CALs to cover the maximum number of concurrent connections. If you need more than 40 CALs for the Windows Server, it makes sense to buy the external connector. But it is important to note that the external connector only licenses users external to your organization. If you have users in your company that need to access the server, you still need the appropriate number of CALs to cover their access.

Isn't licensing fun? :^)

--

Chad A. Gross
http://www.msmvps.com/blogs/cgross


"Pedro M. Leite" <pleite@xxxxxxxxx> wrote in message news:#PjRGAUsJHA.3848@xxxxxxxxxxxxxxxxxxxxxxx
Thank You Very Much

Now I see this clearly. just to be sure, my thoughts on database
authentications were correct ? using IISuser.
this concept can be extended to any other source of authentication than
no ad, such as openldap, database, textfile, whatever.

thanks
pleite

On Mon, 30 Mar 2009 08:40:22 -0500, Les Connor [SBS MVP] wrote:

No, a User CAL is assigned to a human, and it stays assigned to that
human regardless of whether that human is logged on or not. With 10
CALs, only those 10 humans can legally access the SBS.

You're asking about concurrent connections, and that doesn't apply. The
CALs can't by dynamically assigned to different humans so that 10 user
CALs can be shared by more than 10 humans.

10 humans can each have 2 (or more) devices though - think a workstation
and a mobile device - and all be logged on with both devices, at the
same time, for a total of 10 connections. That's legal.

.

Relevant Pages

  • Re: Is there a samba server for windows?
    ... > connections only, and does not support CALs. ... > the need to use workstations as a server for data under ...
    (microsoft.public.win2000.networking)
  • Re: Pricing Confusion.
    ... You need CALs for authenticated access. ... Note the following general exception to Windows CAL requirementsWindows ... CALs are not required when access to the server software is ... So, in your case, with the "plain text authentication" (I assume you mean ...
    (microsoft.public.inetserver.iis)
  • Re: How many CALs do I need?
    ... >> that accesses or uses the Server Software, ... >> or Device that accesses the Server Software ... IIS FTP uses Windows User Accounts for authentication, ... If you authenticate against the domain, CALs get ...
    (microsoft.public.windows.server.sbs)
  • Re: whats gonna happen if the 75 user limit is exceeded?
    ... Changing the web server to something not MS changes how you will need to ... authentication by my understanding puts you into the anonymous catagory. ... With 10 CALs, only those 10 humans can legally access the SBS. ...
    (microsoft.public.windows.server.sbs)
  • Re: SMTP Virtual Server Settings --- Lots of Sessions and Junk in
    ... successfully authenticate to relay, regardless of the list above" in case ... And under authentication you can uncheck all but the anoumous authentication ... if you are on a single server if you have more then one exchange server the ... connections trying to send spam) connections coming from companys or "Zombie ...
    (microsoft.public.exchange.admin)
Loading