Dec 20, 1996 KeyAudit Docs   KeyAudit License Compliance and Software Audit Tool KeyAudit™ produces an audit of software assets, and gives the network manager and end user a quick, convenient tool to bring a site into compliance with software license provisions. KeyAudit saves its audit reports as tab delimited text which can be easily analyzed with any spreadsheet or database program. Quick Start - Single User Audit Double click on KeyAudit and then click on the Audit button. All application programs found on local disks are presented in a list. When you use the Save command from the file menu, a dialog box lets you specify how much information detail to keep. You can also specify what application launches when the audit file is opened. All save formats except Compressed are simply tab delimited text that can be read by any spreadsheet or database program. Quick Start - Append to a Sitewide Audit Double click on an existing KeyAudit document stored on a shared network volume (or double-click on an alias to such an audit file) in order to append new Audit information for your local disks. Click on the Audit button and when the audit is complete, use the Save or Append command to add the new data to the existing audit file. (Network managers see “Sitewide Audit Setup using a File Server” below.) Quick Start - Using KeyAudit with KeyServer At sites using a KeyServer from Sassafras Software to manage software license compliance, KeyAudit lets you transform unkeyed applications to bring them under KeyServer control. First, make sure your client Macintosh is connected to the KeyServer via a correctly configured KeyAccess. To transform a single application, drag and drop the application icon onto KeyAudit’s icon. A message will warn you - There is no Undo for this operation! An application transformed in this manner will only run when granted a key from the KeyServer. To find and transform multiple applications, first run KeyAudit to get a list of all applications on your disks. Applications that can be transformed and brought under KeyServer management are selected by default after the audit is complete. Checkboxes in an expanded window header let you restrict the list of program names displayed to a subset of those that were found. With the view restricted to Key Supported, hold down the command key and click on individual applications to select exactly the set to bring under KeyServer control. You are now ready to push the Key Selected Programs button. Sitewide Audit Setup using a File Server As a network manager, you can use a file server to collect a consolidated sitewide audit. Put KeyAudit in a shared folder on a file server that is accessible to all of your users. Start the site-wide audit by running KeyAudit on your own Mac. When you select the Save command from the File menu, a dialog will be presented where you can configure how much detail to save for each application. To reduce file size, you may wish to uncheck some of the data fields. You should accept the default document type (KeyAudit), which is a text file (tab delimited records) owned by the KeyAudit application. Save your audit file in the shared folder with an appropriate name (e.g., “Site Audit - Feb. 97”). When a user double-clicks the Site Audit document, the KeyAudit application launches. When the user selects Save (or Append) from the File menu, any new audit records are appended to the existing audit file. In order to ensure that your users double click on the audit document (for an append) rather than on the KeyAudit program itself, create an alias to the audit document and then hide KeyAudit and the actual audit document in a sub-folder. You can then e-mail the alias file to your users with brief instructions for appending their audit. All the details of mounting the file server and finding the audit file will be automated by double-clicking the alias file. KeyAudit Features Summary At any site • Produces a database of application files located on multiple disks • Automatically appends data from multiple audits to a central file • Summarizes by report the number of distinct users for each application • Uses Tab delimited text format to enable analysis with database or spreadsheet • Allows double-click of application names to quickly inspect other files in folder • Invites easy user participation in site-wide license compliance efforts At a KeyServer managed site (additional features) • Distinguishes KeyServer-controlled from personal copies in both audits and reports • Conveniently transforms uncontrolled copies into KeyServer versions • Helps managers and users to quickly bring a site into license compliance What is KeyServer KeyServer®, from Sassafras Software, manages software license compliance throughout a network of Macintosh and Windows PCs. An administrator can install license control into any application and then centrally enforce the most common licenses including concurrent-use, multi-launch, zone restricted, and individual user licenses. KeyServer simultaneously services license requests using TCP/IP, IPX, and AppleTalk protocols to provide cross-platform management without any further assumptions about hardware and software configuration. KeyServer has no detectable impact on a user’s environment. A keyed application behaves identically to its unkeyed counterpart and can run from a remote file server or a local hard disk. KeyServer is compatible with AppleShare, Novell, Pathworks, LAN Manager, NTAS, etc., but no file server is required. Network managers can remotely monitor current software usage, view transaction logs, and send bulletins to KeyServer users. KeyServer gives users the convenience and performance of stand-alone applications while providing network administrators with central license management, usage reports, and access security. Metered versus Dedicated Software With the software industry’s increasing adoption of network licensing, one application file no longer necessarily corresponds to one software license. Any software audit based exclusively on a file inventory will be insufficient to determine license compliance. An audit must recognize and document programs that have a concurrent use license controlled by a license metering system. KeyAudit's ability to distinguish a program file whose license is metered from a program file installed as a personal copy gives it a critical advantage when auditing for license compliance. When a site is using the KeyServer license management package “unkeyed” programs can be transformed into “keyed” copies with the push of a button. KeyAudit also provides convenient tools for inspecting and removing any unlicensed programs and their auxiliary files. KeyAudit At Sites With and Without KeyServer At a KeyServer-controlled site, a network manager or end user typically runs KeyAudit to inspect a disk for license compliance. Some program files are then transformed to keyed versions and others are deleted. The completed audit report may be appended to a shared audit database for later summarization or analysis with any spreadsheet or database program. At sites without a KeyServer to manage software licenses, KeyAudit can still perform its basic auditing function. Disks can be scanned for programs, and questionable files can be conveniently examined and deleted, but the option to bring program files under KeyServer license control is not available. In order to learn where software is installed throughout a site, a network manager might request that users append an audit of their disks to a central database. A file server can be used to store the site-wide audit document so users can simply double click on the document to have their own information appended. At a KeyServer-managed site, an occasional scan of users’ disks can provide an opportunity to rein in or delete any uncontrolled program copies, while at the same time documenting license compliance efforts. The collection and analysis of audit data alone may suffice to determine license compliance for some programs that are dedicated for single user access. However, the flexible file sharing features of the current Macintosh and Windows system software makes license compliance efforts based only on audit data an ongoing challenge in all but the most static environments. Controlling software access with a metering tool is proving to be a much more efficient and cost effective management option. KeyAudit in Detail KeyAudit was designed to be easy to use even during infrequent or first-time audits, yet powerful enough to be useful for complex audits on very large computer networks. When you first launch KeyAudit, press the return or enter key to immediately start an audit of your locally-mounted disks. KeyAudit will continue its audit (or save) activity even in background, so you can work on other tasks while your disks are scanned. Upon completion of the audit scan, KeyAudit displays all of the applications found. If your Mac is connected to a KeyServer on your network, any uncontrolled copies of programs for which your KeyServer has a key will be selected in the audit window. You can then simply click “Key Selected Programs” to instantly bring these programs under KeyServer’s control. Program Categories KeyAudit divides your programs into four categories, although all four categories might not be represented on your disks. These four categories are described below: Key Supported You will only have programs in this category if you use the KeyServer. Such a program is not under KeyServer’s control, but the particular KeyServer you use does have a key for controlling the license to this program. It is likely that other people on your network have copies of this program that are managed by your KeyServer. A program in this category can be transformed into a keyed copy (managed by KeyServer) by selecting it and then clicking “Key Selected Programs”. When the Key Supported checkbox is dimmed, it is an indication that either there is no KeyServer at your site or the network connection to your KeyServer has failed and should be checked for problems. Keyed Program Keyed Programs require permission from a KeyServer in order to run. If you have a program in this category, you probably also have a KeyServer running on your network. Not Keyed If you do not have a KeyServer on your network, nearly all of your programs will fall into this category. At a site with KeyServer, programs in this category are not managed by your KeyServer. These might be programs that are personally owned and licensed for individual use, or they might be site licensed for un-monitored distribution. Both the Key Supported and Not Keyed categories indicate a program copy that is not under KeyServer control. Key Supported means your KeyServer has keyed another copy of this program, so KeyAudit can transform this copy. Not Keyed means that your KeyServer is not currently managing the license for the program in question. Programs in this latter category cannot be transformed into keyed programs until the KeyServer administrator uses KeyConfigure to install control into a copy of this program. Special Program By default, special programs include KeyAudit and other programs that have a special license or special behavior when used at a KeyServer site. Contact Sassafras Software to learn how KeyAudit can be customized to place other programs into the Special Program category. Each program is placed in exactly one of the above categories. When you are not connected to a KeyServer, the Key Supported checkbox is dimmed and programs that should appear in the Key Supported category will appear in the Not Keyed category. If you do have a KeyServer on your network, make sure that you are connected to it before running KeyAudit. Check that you have KeyAccess in your System Folder, and that the KeyServer is selected in the Chooser. In order to actually transform programs into keyed versions, the KeyServer you are using must have a KeyAudit key. See “KeyServer Control of KeyAudit”, below. Quick Audit Option When KeyAudit is run on a Mac that does not have KeyAccess (KeyServer’s client software) installed, it assumes that there is no KeyServer at the site. At a site without a KeyServer the audit window display will default to a small header without checkboxes for different program categories. There is no possibility of KeyAudit transforming applications to KeyServer controlled versions so even when you click in the “expand triangle” to enlarge the window header, the Key Supported checkbox will be dimmed. It is also unlikely that any Keyed Programs will be discovered by KeyAudit’s careful inspection of program files, since without KeyServer, they can’t launch. With only Not Keyed and Special Program as likely categories, there is little reason to open each application file for a careful inspection, so KeyAudit performs a Quick Audit by default. On a Mac without KeyAccess, hold down the option key while clicking on the Quick Audit button to instruct KeyAudit to fully inspect all program files to see if any are keyed. On a Mac that does have KeyAccess installed, KeyAudit’s Audit button will perform a full inspection of application files, even when there is no network connection to an active KeyServer. You can override this default by holding down the option key while clicking on the Audit button. KeyAudit will then perform a Quick Audit. The Audit Window KeyAudit’s main window contains the list of all applications found on your disk, and also gives quick access to KeyAudit’s features. You can toggle the upper part of the audit window between a reduced or enlarged view by clicking on the small “expand triangle” in the upper left corner of the window. The expanded header pictured below is divided into three areas. The Show/Save/Print area controls which programs are shown in the window, saved in an audit file, and printed when you choose Print from the file menu. The Auditing area controls which volumes are included in subsequent audits, and includes the Audit button to initiate an audit. The Actions area has two buttons which you can use to help bring your disk into compliance with software licenses. If you do not have a KeyServer on your network, or if you do not have KeyAccess installed on your computer, The Key Supported and Key Selected Programs buttons are dimmed. The status line at the bottom of the window displays an explanation such as “KeyAccess not installed” or “No KeyServer selected”. By default, KeyAudit sorts the programs in the audit list according to category. You can change the order in which programs are displayed by clicking on the “Application”, “Volume”, or “Category” headings. If you click on the “Application” heading while holding down the option key, the column will be sorted by application signature. The effective sort order is always underlined. Below the audit list, KeyAudit displays the number of programs found in the audit, as well as the number of programs that are currently shown in the list. To view all programs, check all of the available boxes in the Show/Save/Print area. If you only wish to see programs from one category, check the corresponding box only, and turn the other check boxes off. For System 7 users, there is a quick way to turn Balloon Help on and off. In the lower right corner of the audit window is the Balloon Help icon, with the words “Help Is On” or “Help Is Off” as appropriate. Click this icon to toggle Balloon Help on and off. KeyAudit supports Balloon Help for all of its menus and for the audit, information, and save options windows. The small document icon to the right of the help button is enabled only when the active audit file contains saved audit information. Click the icon to see a list of audit sessions (user name/audit time) in the current audit document. Performing an Audit Before starting an audit, make sure that you have turned on the appropriate Local Volumes and Network Volumes buttons. You may also want to insert or eject specific volumes before you begin the audit. For example, you should eject any CD-ROMs in order to avoid a lengthy audit of a disk whose contents will never change. If a CD-ROM volume is mounted on your desktop when you start an audit, KeyAudit will ask you if you want to skip this volume. If the Local Volumes button is on (black diamond (⌥) inside of the diamond frame), then the audit will include the disks connected to your computer. If the Network Volumes button is similarly turned on, the audit will include network volumes such as those mounted via AppleShare in the Chooser. You must always have at least one of these buttons turned on; both can also be turned on at the same time. Once you have selected which volumes to include in the audit, click the Audit button. This initiates a new audit scan that replaces the previous audit. Note that the settings of buttons in the “Show/Save/Print” area have no effect on the audit; they only affect which programs are displayed in the audit window and may be changed after the audit is complete. Getting Program Information KeyAudit knows more about a program than it displays in the main audit window. There are a few different ways to get at this information. First, to quickly determine where a program is on a disk, hold down the option key as you click on the program’s entry in the audit list. This activates a pop-up menu of the folders in which the program is located, along with the official name of the program (if KeyAudit knows the official name). The version of the program is also displayed in the pop-up menu (if it can be determined by KeyAudit). If you are running System 7, choose one of the folders or the program name to display the item in the Finder. Choose the program version in the menu to display the program’s Get Info window in the Finder. Another way to get more information on a program is to double-click on it in the audit list. The window pictured below appears, showing the program’s official name and publisher (if known), category, location on your disk, date of creation and last changes, and version. This information window also contains two buttons to help you bring a disk into compliance with your software licenses. The View In Finder button (which is only available if you are running System 7) is a quick way to locate a program on your disk. When you click on this button, Finder comes to the foreground and displays the program. This way you can easily locate the program’s support files. The second button, Key This Program, is analogous to the main audit window’s Key Selected Programs button, but keys the program displayed in the information window, and not the entire selection of programs. This button is only available for programs in the Key Supported category. If some of the information about a program is not available in the information window, this means KeyAudit’s internal database does not include information about the program. Saving an Audit Once you have performed an audit on your disk, you might want to save a record of it in order to analyze the audit with a spreadsheet or database program. You can either save the audit in a new file, or append the audit to an existing audit file (in order to combine multiple audits). To save your audit, choose Save As from the File menu, then type a name for the audit and click “Save” in the Open File dialog box. The Save Audit Options dialog appears, in which you can tailor the contents of the audit to your needs. In the upper box, choose which categories you want to save in the audit file. Below that are options for what information is saved for each program. Audit files (except when saved in compressed format) are text-only documents, with one program on each line and with fields separated by a tab character. The fields corresponding to each checkbox in the Save Audit Options dialog are detailed below. For a smaller audit file, you may wish to de-select the “Path Name” and “Custom” items but KeyAudit’s summary report will only be complete if all the remaining items are selected for inclusion in the audit file. Audit Date The current date and time (in two fields, separated by a tab). This date/time will be the same for all programs saved in your audit. It is useful when you save many audits in the same audit file. Program Name The official program name (if known by KeyAudit). For example, if you have a program file named “Excel” on your disk, the official name is actually “Microsoft Excel”. This field is useful for determining when a particular program is on multiple disks, even when the program is named differently on each disk. Volume Name The disk name and creation time (in two fields, separated by a tab) on which the program is located. This is useful for determining which distinct volumes have been included in an audit, and where program files are located. Program Category The audit category to which the program belongs. This is useful in saved audits so that you can determine if license compliance for this copy of the program is managed by KeyServer, or if it is an unmanaged copy. Path Name The exact folder location of the program. The entire list of enclosing folders appears in this field, starting with the name of the disk and ending with the name of the program as it appears on the disk. Publisher Name The name of the company that publishes the program (useful when it comes time to contact a company about support or purchasing information). Program Version The creator stamp and version of the program on your disk (in two fields, separated by a tab). The creator stamp is useful for associating all copies of an application, regardless of version or how the copies are named on various disks. KeyAudit only shows version numbers for those program files that contain properly formatted version information. User Name The name of the user of the computer on which KeyAudit is running. This is the same name entered in the Chooser (or in the Sharing Setup control panel under System 7). When an audit file contains audit sessions for multiple users, the name field is useful for determining which users have a particular program. Custom This field contains whatever information you type in the adjacent text box. The text you type will appear in every entry of your audit. If you are running System 7, the default value for this field is the Macintosh Name, as entered in the Sharing Setup control panel. Once you have specified the information to be saved in the audit file, use the “Open With” pop-up menu to select which application will launch when the saved audit file is opened. If you save an audit in the default format as a KeyAudit document, it cannot be overwritten by KeyAudit (the Save command will automatically append new audit information to this file). An audit saved in the Compressed format has all the same properties as the KeyAudit format, and in addition are compressed and not readable as text. You must use the Uncompress command from KeyAudit’s File menu to extract a text version of a compressed audit. Except for the compressed format, audit files contain only tab delimited text regardless of how they are saved. This means any word processor, spreadsheet, or database program can open them from the file menu. You can also append new audits onto existing audit files. Choose one of the Append items from the File menu. The Save Audit Options dialog box appears with the column boxes properly set up. If you save your audit as a KeyAudit document, double-clicking on it in the Finder will open KeyAudit, and subsequent Append commands will save the audit to the end of the audit file. For details, see “Collecting a Site-Wide Audit with KeyAudit”, below. Printing & Reports The Print command prints the information displayed in KeyAudit’s main window (the current audit session). With the main window header in expanded view, use the checkboxes to select which categories you wish to print, click on a column header to choose a sort order, and then choose Print from the File menu. The Print Report command produces an analysis of the current audit session or a full analysis of all the information contained in a saved audit file. The report can be sent to the printer or saved as a tab delimited text file. A check box lets you prefix the report with a list of volumes included in the audit. Choose Print Report from the File menu and use the dialog shown below to configure the options. In a KeyAudit report, the number of distinct users (Macs) having access to a dedicated (unmanaged) version of a program is highlighted in bold after the program name. Typically, this is the number of program copies that must be individually licensed. A second number appearing under a slash (“/”) shows the number of KeyServer-controlled copies of the program. You should have additional licenses for these keyed (metered) copies corresponding to the usage limit imposed by the KeyServer. Collecting a Sitewide Audit To prepare for a site-wide audit, first see “Sitewide Audit Setup using a File Server”, above. An audit saved as a KeyAudit document has a special property: KeyAudit will not allow new audits to overwrite the existing audit file. Both the Save and Append commands will append new audit information to the audit file. Click on the small document icon at the bottom right of the audit window to see a list of audit sessions already in the file. You can also use the Compressed format for a site-wide audit since it has the same append properties. An audit saved in compressed format will include all fields and records (it cannot be configured), but the information must be exported using KeyAudit‘s Extract command before it is available as readable text. Usually the KeyAudit format will be preferable since it is saved more quickly and is immediately readable as text. Extending KeyAudit KeyAudit’s program list window and its saved audit files usually contain two important pieces of information: the official program name and the program publisher. However, KeyAudit can only include this information for applications that are known by its internal database. When a program is not in the database, the audit window shows the name as it appears on the disk. The saved audit report will prefix the name of an unknown program with a colon (:) to distinguish it from the “official” name that is used in the audit report for known programs. Please help us extend (and correct!) KeyAudit’s internal database. If your completed audit contains unrecognized programs (with names prefixed by a colon) or incorrectly identified programs, and you are sure that the name on the disk is in fact the official name, please e-mail to keyaudit@sassafras.com. Include the new or corrected lines from your audit file so we can augment KeyAudit’s internal database in the next revision. Anti-Virus & File Compression Software The process of transforming an application to a keyed version may trigger complaints from some anti-virus programs. KeyAudit tests for virus checker compatibility before attempting to transform an application, and posts a message warning of any possible conflicts. In some cases, it may be necessary to turn off virus checking while KeyAudit is transforming programs into keyed versions. Some file compression software changes application files into data files. Depending on how the Mac operating system is patched by the compression software, such data files may or may not be recognized as application software, and thus compressed programs may not appear in an audit report. Other file compression schemes wrap a decompressor application around a compressed file and may cause keyed software to appear as unkeyed, thus inviting the possibility of keying an application twice. You should test the behavior of KeyAudit carefully when using any compression program. Call Sassafras Software for more detailed information on compression programs and how they may interact with KeyAudit and other software. KeyServer Control of KeyAudit While KeyAudit’s base level auditing functionality is available to everyone, one of the added benefits of using KeyAudit with KeyServer is KeyAudit’s ability to transform standard programs into KeyServer-managed programs. For example, if your KeyServer is metering access to PhotoShop, and KeyAudit locates an uncontrolled copy, you just select PhotoShop and click “Key Selected Programs” to bring the selected copy under KeyServer control. To enable KeyAudit’s automatic keying feature, your KeyServer must have a special key that matches this version of KeyAudit. Note that this key is not a hardware device, nor is it a serial number. It is a standard format KeyServer key, which lets you use all of KeyServer’s usual control mechanisms to manage access to the extended KeyAudit features. If your KeyServer does not support this version of KeyAudit, contact Sassafras to get the matching key. KeyAudit User Support - Contact the SPA The SPA (Software Publishers Association) distributes KeyAudit as part of its software anti-piracy educational efforts. Please contact the SPA for more information on license compliance and for technical support or assistance in using KeyAudit to perform a software audit at your site. Software Publishers Association 1730 M Street, NW Suite 700 Washington, DC 20036-4510 USA Phone: (202) 452-1600 Fax: (202) 223-8756 Additional Information - Contact Sassafras Software For more information about the KeyServer License Management product or for support in using KeyAudit’s extended functionality at a KeyServer-managed site, please contact Sassafras Software. We welcome phone calls, fax, mail, and e-mail. Sassafras Software, Inc. PO Box 150 Hanover, NH 03755-0150 USA Phone & Fax: (603) 643-3351 E-mail: keyserver@sassafras.com Web site: http://www.sassafras.com Check Sassafras’s Web site frequently for updates to KeyAudit, KeyServer, and associated utilities. We encourage contributions of spreadsheet macros and database templates for analyzing KeyAudit data. Copyright Notice and KeyAudit License KeyAudit © 1993-97 Sassafras Software Inc. All Rights Reserved. End users are licensed to download and use without charge KeyAudit 4.2 from Sassafras’s Web site and FTP server. KeyAudit is also available from the Software Publishers Association (SPA). KeyAudit is licensed “as is” with no warranties, express or implied. KeyAudit 4.2 can be distributed freely among end users but commercial use or distribution, promotional use or distribution, bundling, and any form of mass distribution is expressly prohibited unless agreed to in advance through negotiation with Sassafras Software Inc.