Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Software Piracy in my Workplace - What To Do? 6

Status
Not open for further replies.

ppark001

MIS
Jul 11, 2001
102
US
Hi All,

Last week I was asked to "figure out" the technology in my company. So I spent the whole week auditing the various servers, software, client computers etc.

What I found at this point is that we have no original software C.D.s, every server has a different key and serial number for the server software (Windows 2000 Advanced Server). The Network Guy is using his personal software to support the server software. He reactivates remote "Terminal Services" users by using tricks to refresh the licensing, as we have no official licenses.

The "Network Guy" uses his same Windows XP Professional to install on multiple workstations.

So in a nutshell, at the most, one of the server installations maybe valid, but I have no way of proving it for legal,insurance or any other reason.

I am fairly freaked out over this, yet when I hold discussions with the 2 or 3 I.T. people, they just kind of shrug it off. I know the Management will be very concerned. My question to you is, how common is this and what is your take on it. It seems to me, our computer system is at risk, legally and security-wise. If the server should die, we are dependent on our Network Guy to use his personal software. My other question is, how can I tell without receipts and disk covers, if any of the software actually belongs to use. I have all the keys from software audit software, but I don't know what to do with it.

Thanks All,

Signed: "Sorry I accepted this Task"

 
Very simple. If your management is concerned about software piracy, just buy licenses for the shortages.
 
Thank you Peter,

That is answer in the end, that is very true. But the question is how to get there. If I call to order additional licenses, am I not expected to provide the keys? I want to avoid having to purchase a brand new copy of MS Advanced Server 2000, so again the question is, is there any way by using the keys I have, to know which is bogus and which may be our authentic original.

Thanks

Paula
 
ppark001

The only way to find out what keys are good is to go through Microsoft themselves and that will open a whole can of worms -

If the BSA gets wind of your company bootlegging ways the fines could be in the millions -

Your best bet is to swallow the cost and purchase new software and licenses and fire the network guys who put the company in this dilema.



bob

Jones' Law
The man who can smile when things go wrong has thought of someone he can blame it on.
 
Fire 'em? Nah, then they can collect unemployment... Change their job to include swabbing out the restrooms and emptying dustbins...

JTB
Senior Microsoft Consultant
MCSE-NT4+W2K, MCP+I, MCP-W2K, CCNA,
CCDA, CTE, MCIWD, i-Net+, Network+
(CCNP, MCSA/MCSE-2K3 in progress)
 
swabbing still to good for them - I find it hard to believe that there are so called network engineers who would but a company in such a perdicament - If they get nabbed by the BSA the so called network guys just walk away where the company is going to fined up the nose - no ethics and gives us a bad name.

bob

Jones' Law
The man who can smile when things go wrong has thought of someone he can blame it on.
 
ask the guy if he use`s Open licence ? one key can be for millions of clients
 
My advise is gather all your Software Medias (CDs etc) and paper licenses, count them and put them in one safe place. Check through the purchasing records to determine what has been purchased. I'm not sure how big your company is, and whether your company is on any select program with Microsoft. But in my case, buying additional licenses will still cost the same. There's no previous key's required to purchase additional/new licenses.

It is tedious job, but somebody's got to do it. At the end of the day, it will give you and your management peace of mind. Trust me, I've been there.
 
Licensing is a pain the the rear, period. Microsoft tries to make it easier with their Open and Select license agreements. I know that with the Open agreement we can log into a web site and see what we have actually paid for. If I buy a new server from HP we usually get it with a license for Server 2003 (that can be downgraded to 2000). When we order it we tell them that we're a select customer and the order comes with a number that we can key into the MS Open web site that updates our profile with the new license. We don't even have to get media from HP since we already have the Open media on site. The same goes if we buy a license pack from CDW or wherever.

The gist of what I'm getting at is that it can be perfectly legal to have multiple devices using the same license key, assuming that the licenses have been bought. Unless you're actually involved with licensing, you won't have any way to know what's been purchased and what hasn't. A lot of times relatively inexperienced IT people come in guns blazing because they don't see a shrink-wrap license for every piece of software, even though the software may be totally legal.

This is what we know for sure:

1. If you report your company to the BSA, they WILL demand an audit.

2. If the BSA demands an audit, your company will have to prove that everything is 100% in compliance from a licensing standpoint.

3. When the audit is performed you will be found lacking in licenses, no matter what the true situation is. This will cost your company (at the minimum) the cost of adding the licenses need for compliance. This is because Microsoft licensing is so complex that even the best-intentioned most diligent companies will be in violation. For example, are you licensing per seat or per server? Do you have a Client Access License for every device that is going to connect to a server? Not just for PCs, but for every printer that has a print queue on that server? If you use Outlook Web Access, how are the users/machines who connect to OWA from home licensed? Yes, they need to be licensed too. What if you dispose of an old PC, did you know that you can't keep that license and use it on another PC?

4. Even if you report them "anonymously," it will be obvious from your previous conversations that you were the person who turned them in. If the company perceives you as costing them money you will likely be terminated. Especially if the company sees your actions as being hostile to the company instead of working within the company.

So where does that leave you? Sorry you took the assignment, no doubt. But if you've done an audit you've already collected the information that you need. Submit it to your superiors and indicate that you need to be able to show x number of licenses for these products. Just make sure that you have documented that you believe that there is a discrepancy. After that, it's out of your hands (unless you're the licensing guru too).

You will have done your duty to the company by a) completing your assigned task and b) warning them of potential licensing issues. If they run into problems down the line due to licensing then it's not because they weren't warned. It's the company that is going to be responsible, not you.
 
but whatever you do, scan any paperwork relating to licenses and then burn it to CD, produce a comprehensive written report for your company explaining that this is what you have done and then in law, theoretically, you have behaved in a responsible manner and fully documented your actions. In your report, be quite firm about any actions the company needs to take to remedy any licensing breaches and set timelines for remedial action.
 
but whatever you do, scan any paperwork relating to licenses and then burn it to CD, give one copy to your bosses and then, perhaps, another to their accountants. Produce a comprehensive written report for your company explaining that this is what you have done and then in law, theoretically, you have behaved in a responsible manner and fully documented your actions. In your report, be quite firm about any actions the company needs to take to remedy any licensing breaches and set timelines for remedial action.
 
I'll add my 2 cents to this too. Doesn't really matter if you have original installation media so long as you have paid for the licenses. You could have a copy of the install media up on your server with no physical install media. So long as you type in a legitimate number when asked to register, then you are OK.

You may have legal servers if they are a brand name. Check how the units were shipped new. For instance the Dell site can tell you what OS if any was preloaded. You may have OEM copies installed.

It was mentioned above that you can't keep licenses for an old PC that you retire, this is incorrect. This will only apply if you are using an OEM version. If you have the retail version then you can uninstall the OS and reload it legally on another PC.

I hope you find this post helpful. Please let me know if it was.

Regards,

Mark
 
Oh yeah and I agree with demoting them! I'm a network admin and that's just plain stupid. No sane person would put pirated software in a business environment!

-Ryan
 
Last week I was asked to "figure out" the technology in my company.
This is where the can of worms opened. What did they want you to do? kmcferrin, here's a star. Licensing is so complex they should give out certifications if you figure it out. What did they really want you to do is where you should start. If it's auditing the guru, then you've done you're job. If it's possibly causing the company a ton of money, you're off base. What is you're relationship with the holder of the cd's. Casually mention you can't match licenses with cd's to him and ask him what you are missing. So far, I haven't seen anybody mention contacting the source. There may be a legit answer, but if he can't give you one, go to the superiors. Good luck, you're gonna need it.

Glen A. Johnson
If you're from Northern Illinois/Southern Wisconsin check out Tek-Tips in Chicago, Illinois Forum.

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
 
Markdmac, you are correct. I was assuming that most businesses order their systems with an OEM copy of the OS pre-installed since it is very difficult to not get an OEM pre-install of Windows from a major OEM. If you go through one of the so-called "white-box" vendors though, it's usually easier.

 
Hi All,

You are all correct, but going back to my original issue. I have no way to prove to ANYONE, that the licenses are ours, because:

1) We have no paper trail in Accounting or otherwise.
2) We have swapped out various servers so many times that who knows which one originally came with the theoretical OEM license we had.
2) The 1st thing I did two weeks ago was use Belarc (thanks OLDMO)and that is how I found out the licenses are all different.
3) The 3 IT people I have spoke with were doing the best they thought they could do, and saw themselves as doing the company a favor by using their own private licenses or by generating bootleg licenses.

Believe me kmcferrin, I have no intention of reporting this to anyone except my bosses. There are no "guns blazing" here, I can actually see how this developed into the mess it is. I don't blame the "Network" guy for anything except being naive and not assertive enough.

So, again, I have four keys for Advanced Server 2000. Is there anyway to check anywhere, that would not get us in trouble, but would clue me in on the legitimacy of the number.

Thanks,

 
I'd say that the unfortunate short answer to your question is no. There is no way that I know of to verify the keys you've got. I'm not even sure Microsoft would be able to tell you whether or not those keys are registered to your company.

If your IT guys don't have any paper licensing documentation, or CD jewel cases with the product key sticker on them, and the servers that might have had the little certificate of authenticity stickers on them are long gone, I think you're definitely in a licensing pickle.

I inherited a licensing nightmare myself from the previous IT guy that got fired, and it took me a long time to get it all figured out. Plus, I had to drive through a painful purchase order to bring us into compliance, which is especially difficult when the executive management doesn't understand why they suddenly need to spend all this money on these intangible licenses.

If it were me in that situation, I would become good friends with my accounts payable person. That person can help you dig through the old AP files for original invoices where you paid for servers or software. I believe an original invoice can serve as license documentation in lieu of certs of auth in the event of a Microsoft audit.

If you can dig through the invoices and find where you purchased Windows 2000 Advanced Server 4 times, I'd think you should be all set. Except in the case of an OEM license, as noted in the other posts. If you're going to be upgrading the server hardware, you should purchase the retail box, so you can install the license on each new server you get. The OEM license only allows you to have a copy of the software on that particular machine.

Hope this is helpful.
 
I was just re-reading the posts in this thread, and realized I didn't really answer your question.

To the question of verifying the legitimacy of a particular product id that's currently on a server, I wouldn't worry about it.

As long as you can come up with either the cert of auth, the jewel case, or an original invoice to prove that you've purchased the appropriate license, I think that should demonstrate your compliance, and it won't really matter what's on the server itself.

If you're in a situation where you've actually only purchased 1 OEM Windows 2000 Advanced Server, and the server that you purchased that OEM license for doesn't exist anymore. I think the bad news is that you're headed toward purchasing 4 retail Windows 2000 Advanced Server licenses, with the appropriate number of CALs to go with them to bring you into compliance.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top