Tag Archives: SPUR

Why a SAM Practice is Important

I recently took some time off to spend with Mrs. SPLA Man and the kids when my 13 y/o son asked me, “Dad, why do service providers only have one person reporting SPLA usage to their reseller? Why would they report anything if they didn’t know it was right? After all, you wouldn’t even drive away from a fast-food drive-thru or pay for a new pair of shoes unless the order was right or the shoes fit! So why would an SPLA provider spend thousands (if not millions) of dollars each month when they don’t know if what they are ordering is right! And then Dad, they get audited and have to pay even more!”

I was never so proud of my son. Me and Mrs. SPLA Man certainly raised him right. That story about my son was a bit silly, but the moral of the story is accurate. Why do service providers spend so much money reporting usage if they do not know it’s right?

I think they know it’s not right, but they also think it’s not that far off either. How many of you who have gone through an audit said this prior; “We might be off a SAL or two, but in the end, we won’t owe much. After the audit, they find themselves owing millions of dollars. So much for being off a SAL or two! Here’s where I think service providers do themselves a disservice in not having a SAM practice/plan in place.

  1. They only have one person reporting usage. In most cases, a procurement person or office manager will email an engineer, and the engineer will send an excel report with what he/she believes should be reported. The office manager reports it to the reseller. The problem with this scenario is what happens if the office manager leaves? What happens to the relationship with the reseller? Does the engineer know they should license what is installed? A great example is Office Pro Plus/Std. Most engineers will install Office Pro Plus, forget about it, and report Office Standard. Don’t be that guy!
  2. You are reporting simply because it’s a requirement by Microsoft. Yes, reporting is a requirement, but reporting SPLA should be used as a tool to gain information inside your data center. What is installed? What do users HAVE access to? Are we reporting SQL Standard when we installed SQL Enterprise? We report SQL Web, but is it a public website we are hosting? Reporting SPLA usage should provide you with insight into how profitable you are per individual customer. If you get audited and find out you should be reporting SQL Enterprise (that’s what is installed), but you report SQL Standard; how easy is it to go back to your customer and ask for more money? You just lost the customer and lost out on all that additional revenue. Reporting is about business intelligence.
  3. Not have a tool in place or SAM practice. The two go hand in hand (SPLA tool and SAM practice). You can have a tool, but what good is it if you only use it to scan a small portion of your data center? Are you saying the other parts of your data center are licensed 100% accurately? You NEED a SAM practice – document licensing rights, document contracts with your customer, have a paper trail with your reseller, know pricing changes, and use the tool to collect the actual data. Don’t know a SPLA tool provider? Use Octopus Cloud They are the only tool provider designed specifically for multi-tenant environements with licensing intelligence built in specific to the SPUR. Yes, I do marketing for Octopus ūüôā

In summary, I know spending money to invest in an SPLA tool or SAM practice doesn’t seem appealing (it’s kind of like buying new windows for your house. Wow! I spent a thousand dollars on a new window, but no one would ever know it besides you). The same can be true about a SAM practice. A SAM practice will not win you new customers, but here’s one thing I will promise, it won’t lose you customers either.

Thanks for reading,


Leave a comment

Posted by on June 15, 2021 in Uncategorized


Tags: , , , , , , ,

Microsoft Online Services Terms – What you need to pay attention to before signing your Azure agreement

Article update (April, 2018 ) We created a new website called MSCloudlicensing to help SPLA and CSP partners understand the different program options and use rights available to them. The new website is it’s designed to be a collaborative platform that includes a forum to ask and answer licensing questions, document library, and licensing articles.¬† Check it out, it’s free.¬†

There’s a lot of benefits to moving to Azure, I’ll let your Microsoft account team review them with you. ¬†On this website, we are not that concerned about the benefits, all we care about is the licensing. ¬†In this article, we will review the Microsoft Online Services Terms.

What is the Microsoft Online Services Terms?  First starters, it used to be called Microsoft Online Services Use Rights or MOLSUR for short (or long).   It is now called OST pronounced OAST when speaking to Microsoft.  Basically the OST defines how you may consume online services through Microsoft.  You can download a copy here.  Although your legal team should review the document in its entirety, below are some of the highlights I think you will find relevant and are often overlooked.

License Reassignment 

“Most, but not all, SLs may be reassigned. Except as permitted in this paragraph or in the Online Service-specific Terms, Customer may not reassign an SL on a short-term basis (i.e., within 90 days of the last assignment). Customer may reassign an SL on a short-term basis to cover a user‚Äôs absence or the unavailability of a device that is out of service. Reassignment of an SL for any other purpose must be permanent. When Customer reassigns an SL from one device or user to another, Customer must block access and remove any related software from the former device or from the former user‚Äôs device.” (April, 2017 OST)

What does this mean?

Most Microsoft products cannot be reassigned on a short-term basis, that’s why Microsoft has the use right called license mobility. ¬†In short, pay attention to which users are assigned a license and if/when they no longer need the service.

Hosting Exception “Customer may create and maintain a Customer Solution and, despite anything to the contrary in Customer‚Äôs volume licensing agreement, combine Microsoft Azure Services with Customer Data owned or licensed by Customer or a third party, to create a Customer Solution using the Microsoft Azure Service and the Customer Data together. Customer may permit third parties to access and use the Microsoft Azure Services in connection with the use of that Customer Solution. Customer is responsible for that use and for ensuring that these terms and the terms and conditions of Customer‚Äôs volume licensing agreement are met by that use.” (April, 2017)

What does this mean?

It allows you (a service provider) the right to use Azure as a datacenter provider. ¬†The last sentence is very important in the above definition “Customer is responsible for that use and for ensuring that these terms and the terms and conditions of Customer’s volume licensing agreement are met by that use.” ¬†In the above definition, ¬†“customer” is you. ¬†If you use Azure as a datacenter provider, purchase Azure via your own volume licensing agreement, and use SPLA for user based products (e.g. RDS) you must follow the OST, Product Terms, and the SPUR!

Azure Services Limitations

Customer may not “Allow multiple users to directly or indirectly access any Microsoft Azure Service feature that is made available on a per user basis (e.g., Active Directory Premium). Specific reassignment terms applicable to a Microsoft Azure Service feature may be provided in supplemental documentation for that feature.” (April, 2017 OST)

What does this mean?

Sounds similar to a SAL license right? “Directly or Indirectly access any Microsoft Azure Service.” ¬†Although if you are using Azure as your datacenter provider, the likelihood of you consuming user based licensing through Azure is not very high.


I encourage you to read the security measures and policy’s set forth by Microsoft for their online services. ¬†You can read it here. ¬†I included a breakdown of the difference compliance and security certifications below:

Microsoft Online Information Security Policy (as of April, 2017)

Online Service ISO 27001 ISO 27002

Code of Practice

ISO 27018

Code of Practice

SSAE 16 SOC 1 Type II SSAE 16 SOC 2 Type II
Office 365 Services Yes Yes Yes Yes Yes
Microsoft Dynamics 365 Core Services Yes Yes Yes Yes* Yes*
Microsoft Azure Core Services Yes Yes Yes Varies** Varies**
Microsoft Cloud App Security Yes Yes Yes No No
Microsoft Intune Online Services Yes Yes Yes Yes Yes
Microsoft Power BI Services Yes Yes Yes No No


Last and certainly not least, I get asked A LOT about language that you should include as a service provider. ¬†I would encourage you to create your own online services terms for your hosted offerings. ¬†Too many providers do not have basic language around compliance, licensing, and overall use rights. ¬†At a minimum, you should include a copy of the End User License Terms for SPLA. ¬†If you do not have a copy, please contact your reseller. ¬†If you forget to include licensing terms and conditions, you could be on the hook during an audit. ¬†Don’t be on the hook.

Thanks for reading,


Leave a comment

Posted by on April 24, 2017 in Uncategorized


Tags: , , , , , , , , , , , , , , , , , , , , ,

Why Windows 10 in CSP stinks now but could be GREAT later

Microsoft made a pretty big announcement around Windows 10 and CSP. ¬†Here’s a breakdown for those that are interested:

  1. Software Assurance is not included
  2. Windows 10 is available E3 and in CSP only
  3. Customers need a qualified OS license.  In other words, this is an upgrade license only.
  4. Not available under SPLA
  5. Not available in the shared computer activation model.
  6. Per user licensing with the ability to license on up to 5 devices per license.
  7. No minimum and surprise…no maximum either.
  8. Subscription is 1 year
  9. Pricing varies
  10. New use rights highlighted in the Product Terms

So why does this stink now but could be great later? ¬†Pay attention to number 1, 4, and 5 in the list above. ¬†That’s what stinks. ¬† Think this will allow VDI? ¬†Think again.

So why not?  Why the mystery around VDI and SPLA?  If I was Microsoft, I would go ahead and allow it but for only a select few SPLA providers.  Those providers are:

  1. Report on time. ¬†Not one late payment/report during their agreement no matter what the excuse – “My reseller sucks” is not an excuse. ¬†It’s a good reason to work with me though ūüôā
  2. Deployed Hyper V (they must have some incentive to do this)
  3. Joined CSP program.

There you have it.  Microsoft wins big time Рall that missed revenue from non reporters will get reported. Now you, the compliant service provider, will be allowed VDI in SPLA.

The likelihood of this happening is slim to none. ¬†I do think Microsoft is missing out with the Windows 10/VDI restriction. ¬†Ever since I started in SPLA, I’ve been asked about VDI (or the lack thereof). ¬†That was 11 years ago.

Thanks for reading,





Leave a comment

Posted by on September 29, 2016 in VDI


Tags: , , , , , , , , , , , , , , , , , , , , ,

Worried about Windows 2016 Cores?

Yes, it’s the talk of the town. ¬†“Windows 2016! ¬†Oh my! ¬†It’s moving to cores!!!” ¬†That part is true. ¬†What is NOT true is even when Windows 2016 is released, it doesn’t mean you have to license by core – you can still license by processor for all 2012 and earlier editions. ¬†The catch? ¬†Once your agreement expires and you sign a new SPLA after October 1st (when Windows 2016 is released) you must license by core regardless which version you are running.

So what does this mean to you? ¬†If I was a service provider that reports over 2k in Windows and SQL licenses, ¬†I might readjust when my SPLA expires to extend processor based licensing. ¬† Wait…What? ¬†¬†You can readjust when my SPLA agreement expires? ¬†Sure. ¬†I’m SPLA Man. ¬†Anything is possible with SPLA Man.

Thanks for reading,

Windows 2016 Man


Posted by on September 9, 2016 in Windows 2016


Tags: , , , , , , , , , , , , ,

IaaS Gotchas…

In this post I will highlight new (and not so new) compliance gotchas as it pertains to providing infrastructure as a service.

Let’s start with a common example and go from there. ¬†You provide the infrastructure such as¬†Windows/SQL, your customer provides the applications. ¬†Sound familiar? ¬†You license Windows Datacenter, SQL Enterprise in a shared (aka public cloud) environment under SPLA. You have no idea or really care what applications your customer’s are installing right? ¬†You just provide the support of the infrastructure. ¬†That’s not your concern. ¬†It’s their application, why should you care? ¬†Ahhh…but maybe you should.

Have you ever wondered how they’re accessing the applications? ¬†Are all applications web-based? ¬†I will answer that question for you…no. ¬†So how are they accessing the applications? ¬†Do they use Citrix? ¬†Do they remote into the application somehow? ¬†There’s that word…remote.

If you enable the Remote Desktop Services role within Windows Server – you guessed it…you need to report RDS licenses. ¬†The number of IaaS providers who just report Windows and SQL is astronomical. The number of IaaS providers now reporting RDS is also rapidly growing. ¬†Did they wake up one day and decide they should start reporting RDS? ¬†Unfortunately no. ¬†They were audited. ¬†Shoot me over an email and I will forward the guide that explains RDS and when it applies. Remember when you license RDS, you need to license each user that HAS access to RDS – not who does access.

Let me provide an example of how easily you could be underreporting RDS. ¬† Let’s say your customer has an application from another vendor (outside Microsoft) that’s¬†hosted in your datacenter. ¬†That same vendor provides support to the application. ¬†You are not hosting the application for the vendor but for your customer, you just provide the vendor access to support the application via remote connection. ¬†SPLA allows 20 users to provide support and administration per datacenter. ¬†If you exceed that limit, you are going to have to report those additional users. ¬†Yes, even if you are not charging them.

Other IaaS Gotchas –

While we’re on the topic of customer owned applications, do you have it written in your agreement with the customer that you are not responsible for the applications they install? ¬†What would happen if they install applications that you are not aware of and they don’t have the appropriate licenses…who’s responsible you or the end customer? ¬†Kind of a trick question, it’s both. ¬†You will get audited, it’s installed in your datacenter, you are ultimately responsible. ¬†You need to ensure you have it written in your agreement that you’re not responsible so you can have a nice chat with your customer. ¬†All the big boys do it…you should too.

What about SQL? ¬†Are you virtualizing? ¬†Why aren’t you reporting SQL Enterprise? ¬†Are you utilizing all the use rights that come with SQL Enterprise – unlimited virtualization, DR, mobility within server farms, etc? ¬†What about smaller environments? ¬†Have you considered licensing by user instead of by core for SQL Standard edition?

SQL Web is tempting isn’t it? ¬†Less expensive option but no one really understands what it is. ¬† Here’s a quick synopsis – if you do not host public facing websites, SQL Web is not an option.

How are you managing your datacenter? Do you have System Center installed? ¬†You should report the Core Infrastructure Suite. ¬†Running Hyper V with few VM’s, license CPS. Both products include Windows. ¬†You need Windows to run System Center, so you kill two birds with one stone so to speak.

Ask your customers if they have Software Assurance. ¬†It’s no longer about latest version rights and annual payments. ¬†It’s about moving to the cloud. ¬†Let’s make sure it’s your cloud and not someone else’s.

Conclusion –

I’ve been around this game of SPLA for a long time. ¬†The best advice I can give is to listen to your customers and don’t be afraid to change. ¬†Cloud is evolving, you should evolve too. ¬†Don’t report out of convenience, look into ways you can optimize what you are reporting. ¬†It’s competitive out there, let’s make sure you are getting the most value out of your agreement.

Thanks for reading,





Posted by on January 31, 2015 in IaaS


Tags: , , , , , , , , , , , , , , , , , ,

How I saved a company over $100K a year in reporting

Sounds pretty good doesn’t it?¬† This is a story about knowing what you are reporting and the reasoning behind it. Windows 2012 was launched¬†a couple of years¬†ago (give or take).¬† At that time there were several service providers reporting Windows Enterprise.¬†¬†Their customers had applications that needed the functionality of¬†Windows Enterprise, and since it wasn’t virtualized, Windows Datacenter was not an option. The service provider continued to report/license Windows Enterprise after the launch of 2012.¬† There’s nothing wrong with this, in fact, the terms of the SPLA agreement state you can continue licensing 2008 use rights up until your agreement expires.¬† What most providers don’t know is you can do the opposite.¬† You can run 2008 versions but report 2012.¬† Why would they do that?

In this case, they had Windows Enterprise installed; but since Windows Enterprise was discontinued¬†with the release of 2012, they could downgrade to Windows Standard edition. Sounds funny doesn’t it?¬† DOWNGRADE to Windows Standard from Enterprise?¬† Yes, I said that correct.¬† Enterprise is¬†discontinued. Again, nothing was virtual, and that is very important. If it was virtual, they would continue to report Enterprise up until the agreement expired and report Windows Datacenter moving forward.¬†¬†¬†Not only did he save on their monthly usage report, I’m guessing he had added margin since he was already contracted with his customer.

Quick note Рnot all products discontinued have the same outcome.  In most cases (such as SQL 2012 switch to cores) their costs actually went up

Ahh…but where is this written in the SPUR?¬† I’ll save you time, it’s not.¬† That’s why you need to read “Why Timing is Everything” You are bound by the SPUR (i.e.products/versions/use rights) available at the time of signing your SPLA agreement.¬† Those reporting SQL by processor better pay attention.

I receive 100’s of SPLA questions from the SPLA community about licensing and the cost associated with it.¬†From the largest of the large providers down to a guy hosting Windows Web Server out of his parents basement (which is discontinued by the way), there’s always way you can reconsider your strategy. Moral of the story?¬† Pay attention to¬†how you report and don’t report out of convenience…It can cost you.

Thanks for reading,



Posted by on December 30, 2014 in In My Opinion, Windows Virtualization


Tags: , , , , , , , ,

SPLA Audit start to finish

Your business is doing great, your sellers and customers are happy, you are making money instead of spending money, when out of the blue….BAM…you receive an audit letter.¬† Sound familiar?

So what do you do?¬† Your first reaction is panic.¬† Your second reaction is to call a lawyer.¬† Your third reaction is to blame your reseller.¬† I think that about sums it up.¬† If you disagree, I’m not 100% sure you are being truthful with yourself.¬† If you do agree, I also think you are making a HUGE mistake.¬† Sounds a little odd doesn’t it?

First thing you need to understand is it’s not your fault.¬† It’s not as if you are purposely trying to be out of compliant.¬† Microsoft knows this as well.¬† SPLA is a difficult program and very hard to understand. As I pointed out in the “About” section of this blog, there is little information written about the SPLA program leaving service providers vulnerable.¬† The SPUR?¬† Forget about it. That’s why I created this blog in the first place.

I think that is why SPLA customers call a lawyer to help guide them.  This may help you sleep at night, but is it REALLY helping?  I will let you determine that after the dust settles.

What does happen during an audit?¬†I don’t care if this is the first step or fourth step but at some point you will have to collect data.¬† Data that PROVES the reason you reported the way you did.¬† One of the biggest mistakes¬†a¬†SPLA provider can¬†make is not reporting indirect access.¬† Again, not your fault.¬† Who has any idea of what “indirect” really means?¬† Think of indirect as Microsoft software that is used¬†to run your other applications that you market to your customers.¬† You have an application that you developed that reports back to SQL using Excel.¬† Users have no idea they are using SQL, all they know is the application they use.¬† But since SQL is part of your hosted solution…it must be reported.¬† Make sense?¬† That’s also why Windows will always need to be reported.¬† Try running Exchange without a Windows OS.¬† Not going to happen.

Data can also mean the¬†licenses that your customers own that they bring over to your environment.¬† How do you know who owns what?¬† Are there enough CAL’s?¬† One of the arguments service providers make is they can go after their customers if being audited.¬† There’s an easy conversation right?¬† Remember, you want to keep customers not lose them.

Some service providers have learned that their end customers install software on VM’s without informing them.¬† How do you know what is actually being installed?¬† So take a look at your datacenter; are your customers installing software you don’t know about?¬† Collecting this information after the fact is a difficult process.¬† This leaves auditors with no choice but to make a best guess.¬† Best guesses can cost you significantly.

So after all this data is analyzed by the audit team, it is then delivered to Microsoft.¬† That’s when you present your case.¬† They will take things into consideration, but understand that if you are missing information, it makes your argument that much more difficult.¬† Don’t blame your reseller, that doesn’t work.¬† Don’t rely on a lawyer, that doesn’t always work either.¬† Educate yourself.¬† That’s the best advice I can provide.¬† Just by taking the time to read this I think you are on the right path.

Happy to walk you through the process in greater detail.  I am one of the few that actually gets it. My email is at the top righthand side of this page.




Leave a comment

Posted by on September 18, 2014 in Compliance


Tags: , , , , , , , ,

Hosting CRM

For anyone that has ever worked with CRM understands it is not the easiest technology to deploy. It integrates with other applications and is becoming a must-have for sales organizations. Where there’s difficulty, comes opportunity for SPLA providers.

CRM for Microsoft SPLA has a few new flavors to align with CRM Online. Similar to Lync, SharePoint, and Exchange, each one comes with different functionality. The flavors under SPLA are the following: CRM Service Provider Edition (it’s the Professional Edition for hosted environments), CRM Essentials (formerly ESS), and CRM Basic (Formerly CRM limited). The actual SKU’s are listed below. For a complete summary of the differences, please check the SPUR, I also found this article on the CRM Online website (CRM Online)

QHH-00028 Dynamics CRM Service Provider Edition
QHH-00089 Dynamics Basic
QHH-00090 Dynamics CRM Essentials

From a licensing perspective, it is licensed by user (SAL) and does require SQL and Windows. Check out my other posts around those offerings and licensing guidance. What’s interesting about CRM is it does not require the service provider to be Dynamics authorized as is the case with Great Plains and other Dynamics offerings. As indicated at the beginning, CRM does require expertise (especially hosting it) but can be very profitable. Once you deploy CRM, you can add other solutions such as Exchange and SharePoint to be a one stop shop for hosted solutions. To install CRM, the license key code will be embedded in the software. Download the media from the VLSC website (see “License Keys and Media” post). It’s a pretty thick file, be patient.

If you have a CRM offering, would love to learn more about it. Hit me up on LinkedIn at the top right of this screen.

Thanks for reading,



Posted by on October 10, 2013 in CRM


Tags: , , , , , ,

Features of Lync

Here’s a little blurb on the features of Lync.¬† I think Call management/Lync is a HUGE opportunity for service providers.¬† Not a lot of companies host it today and organizations are not keen on deploying it in house.¬† Let me know if you are interested in learning more or hosting Lync today.¬†¬† Love to hear about your offering.¬†¬†

Lync can be used for license mobility and it there is an option for the SAL for SA option.  This is great if you have a multi-tenant (shared) infrastructure.  Below is directly from the SPUR.  New edition of the SPUR is at

The available SAL types are:

  • Lync Server 2013 Standard SAL (User / Device)
  • Lync Server 2013 Enterprise SAL (User / Device)
  • Lync Server 2013 Plus SAL (User / Device)
  • Lync Server 2013 Enterprise Plus SAL (User / Device)
  • Productivity Suite SAL (User only)

You do not need SALs for any user or device that accesses your instances of the server software without being directly or indirectly authenticated by Active Directory, or Lync Server.

Standard SAL


Each user or device for whom you obtain a Standard SAL or Productivity Suite SAL (user only) may use the following features of the server software.

  • All Instant Messaging functionality
  • All Presence functionality
  • All Group Chat functionality
  • All PC-to-PC computer audio and video functionality
Enterprise SAL


Each user or device for whom you obtain an Enterprise SAL or Productivity Suite SAL (user only) may use the following features of the server software.

  • The features of the Standard SAL described above
  • All Audio, Video, and Web Conferencing functionality
  • All Desktop Sharing functionality
Plus SAL


Each user or device for whom you obtain a Plus SAL may use the following features of the server software.

  • The features of the Standard SAL described above
  • All Voice Telephony functionality
  • All Call Management functionality
Enterprise Plus SAL


Each user or device for whom you obtain an Enterprise Plus SAL may use the following features of the server software.

  • The features of the Standard SAL described above
  • All Audio, Video, and Web Conferencing functionality
  • All Desktop Sharing functionality
  • All Voice Telephony functionality
  • All Call Management functionality
1 Comment

Posted by on October 2, 2013 in License Mobility, Lync


Tags: , , , ,

How SAL Licenses Really Work

SAL (subscriber access licenses) can be complex and without question the number one underreported licenses under SPLA.  Why all the confusion stems from misinterpretation of the SPUR and/or bad advice.

When you report by user, you have to take in account each user that HAS access to the software, not who does.   Microsoft is not based on concurrent licensing.  I wrote about this prior, but thought it was worth repeating.  If you have 5 users that use the software, but 15 users can access at any given time, you must report all 15.  Seems ridiculous, but is 100% true.  Consider licensing by processor if user licenses become too difficult to track.

Read this section of the SPUR (use rights).¬† “You must acquire and assign a SAL to each user that is authorized to access your instances of the server software directly or indirectly, regardless of actual access of the server software.” ¬†It’s the last part of that sentence that can get you in trouble “regardless of actual access of the server software” For a copy of the SPUR check out




Posted by on September 21, 2013 in Compliance


Tags: , , , , ,

%d bloggers like this: