Method

Notes

How Rogue Discovery is Handled

Assign to Device

This is the default setting.  It is generally used for workstation or by-CPU types of licenses.  It allows the most automation for both authorization and harvesting. Status-based harvesting and auto-harvest only apply to this authorization method.  The same goes for status-based and configuration item-based authorization.

An MSL title that is auto-discovered on an asset is checked to see if it is already authorized to be on the asset.  If not, it is "rogue" authorized, and a charge is staged.

Rogue charges are assessed to the business unit, department, and/or cost center defined for the asset.

Assign to Named User

This setting is generally used for by-named user types of licenses.  When used, however, harvesting and possibly even authorization become highly manual operations.  Rogue discovery requires upkeep of the Ignored Logins table as well as populating and keeping up to date the list of all assignees complete with their global login IDs (so that an assignee record can be matched to the auto-discovered login ID).  Care should be taken to ensure maximum automation can be used prior to electing to assign authorizations using this method.

Auto-discovery generally runs on a physical asset, reporting back what it found.  Depending on the SLMRequireCustodianForRogueUse setting (#202), an MSL title that is defined to be assigned by named user, found by auto-discovery, will be checked for existing authorization by first using asset custodian login ID (if defined), and then the login ID (also returned by auto-discovery) of the person logged into the asset at the time the MSL title was discovered.  The login ID must not match one of the defined Ignored login IDs.  If the login ID is not on the Ignored list, it is used to attempt to look up an existing assignee record.  If an assignee record can be located, the assignee record is used to determine if an authorization already exists.  If not, the assignee will be "rogue" authorized.  If an assignee record cannot be located, a message will be logged to the Consolidate log stating that a rogue user was detected but could not be authorized due to insufficient information.

Note that if the SLMRequireCustodianForRogueUse setting is set to 0, the rogue authorization behavior is as described above.  If the setting is set to -1, then rogue authorization will only occur if an asset custodian is currently set.  If not custodian is set, rogue authorization will not be performed.

Rogue charges are assessed to the business unit, department, and/or cost center defined for the assignee.

User-based authorizations will not be created if the contact record in the MIE is currently set to Inactive

Assign to Contact List

This setting is similar to Assign to Named User and is used to manage authorizations for large populations of users for by-named user types of licenses.  Like Assign to Named User, both harvesting and mostly authorization become manual operations, requiring use of the MIE's various menu options to manually authorize and/or harvest authorizations.  Unlike Assign to Named User, once a single authorization is established for the group, individual authorizations/harvests can be performed by simply adding/removing members from the group.  This is a more efficient way to manage named-user authorizations.

When using this setting, the best way is to set up a group specifically for managing authorizations to this MSL title, and authorize only that group using Bulk Authorization.  If you authorize only one group, it will enable detection and automated authorization of rogue users.  Also make sure to select the proper business information when setting up the group (the group bears all charges and receives all credits).

When an MSL title is discovered by auto-discovery to be on an asset, and auto-discovery also returns the login ID of the user that was logged in when the MSL title was discovered, and the login ID is not contained in the Ignored list, then the login ID will be used to determine if an authorization already exists.  The MIE will first check the authorized software table to see if only one group has been authorized for the MSL title.  If so, then the MIE will use the login ID to attempt to look up the assignee record.  If an assignee record can be located using the login ID, then the MIE will check to see if the assignee is currently a member of the authorized group.  If the assignee is not currently a member, the assignee will be added as a rogue user and a charge will be staged.  All charges (and credits) for group-authorized software go to the group itself.  Assignees will only be automatically added to groups if and only if the assignee's record can be located and only one group has been authorized for the MSL title.

Rogue charges are assessed to the business unit, department, and/or cost center defined for the contact list (assignee group).

Group-based authorizations will not automatically add contacts that are found with the MSL title assigned to that group on their machine if they are marked as inactive.  Also, the count of LURs required to cover the group will not include any group members that have been set as inactive.