This is a follow up to my last post: Sysadmin: Where to Start? on a more specific point.
As I stated I was recently hired at a company to lead software development and as a smaller portion of that role handle the IT side of my company. Currently software is rather randomly situated around machines as the majority of it was just all purchased as installed software on our Dell machines.
Beyond that the only type of cataloging of it includes an excel file with machine service tags / windows keys and maybe office keys. Install disks / licensing information may have a users first name written on it but that's the most on the physical disks.
What type of better solutions for managing this are there available? Obviously the most basic start would be to truly ID the machines, disks and users to atleast have a much stronger tracking catalog which I will most likely write up as a small intranet web app.
One of things I'd really like to have available to me soon would be a ready made system image of the work stations that I can roll it out quickly instead of having to manually reinstall everything if a machine becomes corrupted however I have no idea how I would deal with licensing since if the keys were embedded into the image every machine would share the same key and fail activation I assume?
Currently the main software I have available to me is Windows Server 2003 Standard setup with Active Directory / Domain account usage.
For license management 'automation' you can use OCS Inventory alongside GLPI.
OCS Inventory runs agents in each machine and retrieves software information (among other information) and provides it to GLPI, where you can insert the related licenses.
So with these two tools you get:
You can see how it works (more or less) in the demo page (Inventory -> Software).
Of course, this is an added value to install these two tools, which offer much more than license management.
One thing I realized is that there are two different components of license management:
Whatever you do to manage software has to meet these two different needs.
For proof of ownership, we err on the side of caution and try to save as much paperwork as possible for everything we buy:
Completely independent of all the disks and files for "proof of ownership" we maintain a software library that's only accessible to admins that has install files for everything we might want to install. There are install files for all the big packages, sometimes multiple versions, and for the smaller ones. Sometimes when we buy a one-off package, we'll just open the box, register the software and install it from the original disks, but if we ever need to re-install it, we'll copy whatever we need to the software library.
A few other thoughts:
We're a ~20 company that uses mostly open-source software. However, we do have ~50 commercially licensed software packages though. All workstations are centrally managed and imaged, so the burden of tracking installed software is quite small.
We use Zenoss for our monitoring solution, and it is able to report installed software by looking at standard SNMP mibs. We can see what packages are installed on all mac, windows, and linux hosts. This could solve part of your problem. In addition, Zenoss will solve all sorts of other problems that you don't know you have yet.
We have a section of our wiki that has a page for every piece of third-party software we use. This is where we list the licensing arrangement (whether it uses individual licenses, site license, license server, etc.), and how those licenses are allocated within the company. We don't actually keep the license keys on this page... just the last few digits so that we can identify it. We also use this page for software-specific documentation on how we've deployed the software, etc.
We also have a big locked filing cabinet where all the physical software licenses are actually kept. Sometimes this is the printout of the email that contains the license keys. Sometimes this is a cutout section of the software box that contains proof-of-purchase. Sometimes it's the invoice. We also keep physical install media and manuals here too.
Depending on how many machines you have, you could investigate Microsoft Volume Licensing such as Open Value. That way you can get one key that has multiple activations.
License keys generally come in three flavors:
VLK - Volume License Key. Windows XP and Office have this type of key. It can be used as many times as you want without being tracked by Microsoft. So you don't have to worry about activation Issues.
MAK - Multiple Activation Key. Vista and Windows 2008 can have this kind of key. When you activate, it records the activation at MS, so you can't go over your number of licenses.
KMS - Key Management Server. Vista and Windows 2008 can have this key. With this key, you need to have a Key Management Server setup onsite. The clients activate against this KMS server and not Microsoft, so you don't have to worry about activation issues but still have to keep your ducks in a row of course.
The Microsoft licensing programs can be kind of a pain to work through, and their are a lot of them, so I would recommend calling MS from that Open Value site or calling a reseller like CDW and have them walk you through your options.
Going forward, stop licensing Microsoft software via OEMs. But be careful, Microsoft engineered the "true up" process specifically to make it easy for software installations to magically appear on your network without anyone noticing.