When collecting Client Access License (CAL) data, errors might occur. Some of these error conditions are detectable and have been assigned error messages. However, there are some reasons that CAL data cannot be gathered from some servers. Furthermore, some specific conditions can result in predictable count miscalculations.
The following list describes the known issues that can prevent CAL data collection from individual servers. These messages are found in the Application Log on the individual servers running the Configuration Manager client. We recommend that you use an aggregation tool, such as Microsoft System Center Operations Manager, to gather these logs for easier viewing.
Security log cannot be accessed. No information about users or device connections will be provided.
Access to the Windows security event log has been denied.
Security log wrap is found. Some unique users or device connections may not be reported.
The Windows security event log has wrapped.
Value of configuration variable XXX is invalid. For more information, refer to SCCM documentation.
The MOF is incorrectly configured.
AUDIT_SUCCESS local security policy is not enabled. Client Access License (CAL) information will not be collected.
The AUDIT_SUCCESS Audit Policy is not set. For more information, see Security TechCenter (http://go.microsoft.com/fwlink/?LinkId=74458) and search for "audit success".
Device Client Access License (CAL) information is not collected on Windows 2000 Servers. No action is needed.
Device CAL collection on Windows 2000 Server is not supported.
Client Access License (CAL) information is collected only on computers running Windows Server Operating Systems. CAL information will not be collected on this machine.
CAL information is not collected on computers where the operating systems are set up as clients.
Internal error. Client Access License (CAL) collector returns HRESULT=xxx. Please contact Microsoft Support.
This generic message is logged when the collection code returns an error other than those errors in this list.
Reasons CAL Data Cannot Be Collected
In addition to situations that present error messages, it is possible that CAL data are not collected on some servers, and no error messages are written to the Application logs on those servers. Some known reasons are:
- The server site code differs from the current
- The server does not have the Configuration
Manager client installed.
- The Asset Intelligence data collection cycle
has not yet inventoried the server.
Miscalculations in Device CAL Inventory
Because device CAL data collection depends on IP addresses to identify devices, the following few situations result in miscalculation of device CAL counts:
- A computer that has more than one Network
Interface Card (NIC) is counted as using one device CAL for each IP
address. This can potentially result in an increased CAL count.
- A computer that has changed IP addresses can
be counted as using one device CAL for each IP address. This can
potentially result in an increased CAL count.
- When a computer has been assigned an IP
address that was previously assigned to another computer, the two
computers can be counted as using a single CAL. This can
potentially result in a decreased CAL count.
- Multiple computers that access servers using
a single IP address because of network address translation (NAT)
are counted as a single CAL. This can potentially result in a
decreased CAL count.
- In general, any situation that increases or
decreases the number of IP addresses associated with one or more
computers influences the count of CALs represented in the CAL usage