OpenLM Server – KB4100
The OpenLM Server is the core element of the OpenLM system. It integrates the functionality and configuration of all other peripheral system components, such as the OpenLM EasyAdmin web interface, OpenLM Agent, OpenLM Router, OpenLM Proactive Application Manager and the OpenLM Broker.
It is responsible for collecting information (e.g. license usage and denial data) from various system components, and storing it in an embedded relational DB. External databases like Microsoft SQL Server and MySQL are also supported.
The image below presents the OpenLM Server’s position within the constellation of the OpenLM license management, monitoring and reporting solution
The OpenLM Server is implemented as a Windows service and can be installed on any network machine. It enables monitoring and managing of multiple license servers, over LAN or WAN networks. Common OpenLM Server configurations may vary from one or more license managers nationwide to multiple license servers located worldwide, over different time zones.
OpenLM Server Installation
The following document demonstrate a basic installation of the OpenLM Server, and the setup required to monitor a FlexLM (Flexnet) license manager:
- Please consult the system requirements document prior to installation. This document elaborates the required system specifications:
- Number of CPUs
- Available memory
- Supported Windows OS version
- The OpenLM Server requires installing the .NET Framework. The required versions are also elaborated in the system requirements document.
- The OpenLM Server may be installed on either a virtual or a physical machine, which complies with the above requirements.
- The OpenLM Server may be installed on either a dedicated or shared machine, provided that it is granted sufficient bandwidth to support proper functionality.
Considerations for large systems
- Large number of monitored license servers:
- A large configuration may require additional system resources. You may consider an initial installation on a dedicated virtual machine, that could be easily enhanced to include additional memory space and CPUs
- Remotely querying many license servers may produce network congestion. It is recommended to install the OpenLM Broker on remote license server machines to decrease network activity, and improve system robustness.
- Large databases:
- By default, the OpenLM Server employs the embedded relational Firebird database. This database is installed as part of the OpenLM Server, and is conveniently realized by a single file in the OpenLM Server installation folder. This database is adequate for small installations.
- Installations that produce a database file in excess of 1GB should be migrated to external database solution such as MySQL or MS-SQL.
- By default, the OpenLM Server installation includes a lightweight web server, LightTPD, to support the Servers’ administrative and configuration interface – EasyAdmin.
- OpenLM supports the usage of IIS as a web server.
- Secure OpenLM Server communication with the EasyAdmin web application can be realized by configuring IIS to work with SSL certificates.
- OpenLM Server secure communication (SSL) with its peripherals (e.g. Brokers, Agents, Routers) may also be implemented, and also requires an SSL certificate.
The OpenLM Server configuration tool
License Servers tab
The dialog on this tab realizes the OpenLM server’s list of interfaces to monitored license servers.
Follow these steps to add a new license manager to be monitored by OpenLM:
- Click the ‘Add’ button.
- Type in the license server parameters (type, hostname, port number and time zone).
- Type in a descriptive name for the license server.
- “Is Triad Configuration”: this box should be checked when using a three server redundancy scheme. More information on server redundancy schemes available here.
- “OpenLM server remotely queries license manager”
Checked (default): The OpenLM Server actively queries the license manager.
Unchecked: The OpenLM system relies on the OpenLM Broker to obtain usage information and forward it to the OpenLM Server
- Sample rate: The rate at which the OpenLM Server would expect new license output information.
OpenLM Server would expect new license output every sample.
- “Read license file ….”: This advanced capability is only applicable to for Flex-enabled license file managed applications. It requires the installation and configuration of an OpenLM Broker on the license server machine. Checking this box will cause OpenLM to report the license inventory according to the license file.
- Click ‘Apply’ and “Restart now”.
For more license-server-specific information, please refer to this link.
- Require login credentials: Enable roles and permissions security, as explained below in the “Security and access control configuration” paragraph. Login may also be set to expire in the adjacent combo box.
- “Resolve workstations names every day …” The OpenLM Server is able to relate to hostnames, as they are reported by license managers, and attempt to resolve their IP over the local network. This action will be done daily, at the designated time.
- Store users usage information anonymously: The storage of users’ usage information is in some cases restricted by law. Use this option to store the data anonymously. Setting the adjacent “Set as permanent” option will turn this setting to be irrevocable.
- Logging level: Set the logging level, the number of log files and log file size through the logging level controls and OpenLM Server logger configuration file. For more information consult this document: OpenLM components’ logging parameters – AN4018
- Support space in user names: This option will enable space-separated login user names (e.g. Abraham Lincoln) to be considered as viable. This option requires the employment of the LDAP synchronization extension (see below).
- Update Features/Packages and Update Products/Features tables: Update the OpenLM database Package contents table and the Product names table respectively, either from the OpenLM site or from a local file.
Port settings tab
This dialog presents the communication ports connecting the OpenLM Server with its peripheral components.
- It is recommended to keep the port numbers at their default values, and enable communication through these ports over firewall.
- It is possible to configure secure (SSL) communication over these ports through the respective check-boxes.
- For additional information on each port, please consult this document:
OpenLM can synchronize users’ and groups’ information with an organization’s Active Directory database. This presents benefits for all stakeholders in the organization:
- Managers can apply LDAP synchronization to analyze usage trends and implement usage chargeback (usage billing) on different Operational Units (OUs).
- Administrators can gain in automating FLEXlm Options file management, thus enforcing license usage permissions.
- From the end-user point of view, this information may be applied to easily locate other users holding a required license.
For more information on Active Directory synchronization – please refer to the dedicated “Active Directory synchronization” chapter below.
OpenLM can send administrative messages (e.g. available new OpenLM Server versions) to a predefined email account. Use the textboxes in this tab in order to utilize this capability.
LM Tools tab
OpenLM can query license managers for usage information either locally by the OpenLM Broker, or remotely – by the OpenLM Server. The LM Tools tab lists the required executable files for each type of monitored license servers, e.g.: lmutil for FlexLM
OpenLM database – Best practices
OpenLM installs and employs the embedded Firebird database by default, as part of the OpenLM Server installation. The Database configuration form is OpenLM’s interface for selecting the active database. The available options are:
- MS-SQL Server (Windows authentication)
- MS-SQL Server (Server authentication)
The OpenLM Database is continuously being accessed by the OpenLM Server. It is constantly being updated by new data, and occasionally read to produce license usage reports. As with any active electronic document, the database is susceptible to data loss or file corruption. It is up to the system administrator to periodically backup the database. This will ensure the existence of a viable fallback position, and will minimize data loss in case of file corruption.
The OpenLM database continuously increases in size as it accumulates license usage information. This information may become irrelevant as priorities change and emphases shift. OpenLM accommodates the need to discard irrelevant data through the ‘Cleanup’ tool. This is accessible through the EasyAdmin start → Administration → Cleanup manager icon. The administrator can choose to discard
- Inactive users
- Inactive groups
- All data prior to a certain date.
Usage of the Cleanup tool is irreversible; it will permanently wipe the selected data from the OpenLM database. We therefore stress the need to BACK UP THE DATABASE prior to employing the Cleanup tool.
OpenLM administrators need to migrate OpenLM to a new computer, and maintain the license usage information that has been accumulated during a long period of time. The database migration is quite straightforward:
- Stop the OpenLM Server service
- Backup the OpenLM database
- Install the OpenLM Server on the target machine
- Stop the OpenLM Server service on the target machine, and point the database configuration form to the old database.
- Configure all peripheral OpenLM modules (Brokers, Agents, Routers) to interface the OpenLM server on the target machine
- Restart the OpenLM Server service on the target machine
OpenLM Server upgrade
OpenLM will publish milestone OpenLM Server versions annually. It will also frequently release maintenance versions that incorporate enhancements and bug fixes. Upgrading to the latest OpenLM Server versions is also straightforward:
- Stop the OpenLM Server service
- Backup the OpenLM database
- Install the latest OpenLM Server version
- The OpenLM Server supports a role-based security feature that enables system administrators to implement customized access to OpenLM tools by setting access roles. This feature facilitates the implementation of OpenLM tools for diverse groups like system administrators, managers and end users.
- The role based security system relates to nearly all resources of the OpenLM system’s entities, e.g.: listed servers, report window fields and action buttons.
- A ‘Guest’ user role may also be defined. This user will not require a password in order to login , and will normally be granted limited permissions.
- Users are assigned membership to user groups
- User groups are attributed specific roles, to match their organizational function.
- Roles are assigned permission levels (Allow/Disable/Deny) per each system resource.
Security and access control configuration
- The OpenLM Server may be configured to require a login through the OpenLM Server configuration tool → Advanced tab → “Require login credentials”. This will pop-up a dialog box to define an administrator user, with full access permissions.
- Add users to the OpenLM Database (see “OpenLM Entities” below)
- Applying a user password is done through EasyAdmin Start→ Users & Groups →Users → Select user → Change password.
- Populate groups with member users (see “OpenLM Entities” below)
- Roles need to be created using OpenLM Administrator privileges.They can be added or edited through the EasyAdmin Start button → Administration → Roles tab.