User Tools

Site Tools


Sidebar

change:applications:licensing:sentinellm

Sentinel products are currently owned by SafeNet: http://c3.safenet-inc.com

Sentinel LM

This is the Sentinel license server. It runs as a service as the System user.

Related software

The license server software appears to be configured primarily through environment variables

Expected Value
LSDEFAULTDIR Location of lservrc license configuration file E:\SentinelLM\config
LSERVOPTS command-line options used by lservnt.exe (service executable)
This doesn't appear to work on newer versions of the software. Command-line parameters to the service may now be stored in the registry at HKLM\Software\Rainbow Technologies\SentinelLM\CurrentVersion\\CommandlineOpts
-com 50 -z 2m -l E:\SentinelLM\logs\usage.log -f E:\SentinelLM\logs\error.log
LSHOST (semicolon-delimited list of) hostname(s) of license server (used by clients to specify the license server)
LSFORCEHOST (semicolon-delimited list of) hostname(s) of license server (used by clients to specify the license server)
overrides LSHOST (anything in LSHOST will be ignored if LSFORCEHOST is set.)
CODEOPTS
LICENSERC
LSERVLOG
LSERVRC
LSERVRCCNF
LSERVSTA
LSPORT
LSRESERV
LSRESERVEFILE
ULSERVRC


Default Configurations
License File E:\SentinelLM\config\lservrc (normal licenses)
E:\SentinelLM\config\ulservrc (upgrade licenses)
Usage Log E:\SentinelLM\logs\usage.log
Error Log E:\SentinelLM\logs\error.log


Server Details
Listens On UDP 5093
license5 Executable E:\SentinelLM\cmgl\Secure\Win32\lservnt.exe
Version 8.0.4.0
license3 Executable C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0.18 Server\English\lservnt.exe
Version 7.2.0.18
licshared01 Executable C:\Program Files\SURFWARE\Network Server\Server\WinNT\lservnt.exe
Version 7.1.1
slm-01 Executable C:\Sentinel\RMS\win_nt\lservnt.exe
Version 8.2.2
Documentation \\slm-01.licsrv.mst.edu\C$\Sentinel\RMS\index.html

Products Licensed

Host ID

The host ID may be obtained from any number of sources. A particular application's requirements are stored in the echoid.dat file.

# Echo ID input
# Can be hex or binary
#
# To set a particular locking criterion - Defined in lserv.h
#define VLS_LOCK_ID_PROM        0x001
#define VLS_LOCK_IP_ADDR        0x002
#define VLS_LOCK_DISK_ID        0x004
#define VLS_LOCK_HOSTNAME       0x008
#define VLS_LOCK_ETHERNET       0x010
#define VLS_LOCK_NW_IPX         0x020
#define VLS_LOCK_NW_SERIAL      0x040
#define VLS_LOCK_PORTABLE_SERV  0x080
#define VLS_LOCK_CUSTOM         0x100
#define VLS_LOCK_CPU            0x200
#
# Some Examples
# All criteria 0x3FF or 1111111111
# IP Address only 000000010 or 0x2
0x010
0x004

LSHOST vs LSFORCEHOST

Sentinel-enabled applications use (at least) two different environment variables to find the license server.

LSHOST

LSHOST is the one you should use unless necessity requires otherwise. Its value is a semicolon-delimited list of hostnames (Sentinel uses the same known port by default, UDP 5093) to query for valid licensed features. You can include as many hostnames as are necessary.

LSFORCEHOST

LSFORCEHOST is an override for LSHOST, and if it is set, anything in LSHOST will be ignored. Only what's in LSFORCEHOST will be used.

Do not use LSFORCEHOST as a system-wide environment variable unless you actually need to do so (which should be an exceedingly uncommon circumstance). Use LSHOST. If an application croaks when accessing the other license servers in the LSHOST list (because of differing versions or other uncontrollable incompatibilities), either rearrange the order of the LSHOST entries (it queries them in order—I think) or write a wrapper for the offended application that sets LSFORCEHOST or LSHOST to the one license server it needs to query that then starts the application.

LSERVCNF

Sample Configuration File
An example configuration file is shown below:
# This file remaps the keyword "LONG" to "lng" for all readable
# licenses for feature DOTS (any version).
# It also provides alert actions for all features licensed
# by the license server.
# Note that the alert actions that apply to all non-DOTS
# features do NOT apply to DOTS since DOTS has its own section.
[DOTS *] # For DOTS, we generate only the denied alert
LONG=lng                           # Remap statement
denied = Script OFF  Email ON
EMAIL = jsmith@Engr1
 
[* *] # For non-DOTS apps, we generate most of the alerts
softlimit = SCRIPT OFF EMAIL ON   # Alert action statement
hardlimit = SCRIPT On  EMAIL On
denied = Script on  Email ON       # This better not happen
apptimeout = script on  Email off
expired = SCRIPT on  email on
EMAIL = mark@jupiter
SCRIPT = /usr/local/etc/lsalertscr
One section of the file can specify only a single alert script and a single email address. For all alerts enabled in one section, the same alert script will be invoked.

Notes

Beware of [un]installing any license server software for programs that use Sentinel. The location of the license/config files may change. It may also uninstall/replace the Sentinel LM Windows service. If that happens, you can recreate the service using the lservnt.exe service executable:

           =============================================

                        Sentinel LM 8.0.0.0
             Copyright (C) 2004 SafeNet, Inc.

           =============================================

Starting in command line mode
-H|-h          (help)
-X remove      (remove service)
-X install     (install service)
-X start       (start service)
-X stop        (stop service)
-X status      (get server status)
-X commline    (start service on command line)

NOTE: If you use '-X commline', this must be first on the command line

Tracing

The documentation of newer versions of Sentinel RMS (8.2.2, at least) claim support for tracing. Use -tr <bitmask> on the command line (of the service, I suppose). You can trace license keys (0x1), functions (0x2), and errors (0x4).

Encrypted Log Files

The documentation for Sentinel RMS claims support for encrypting/protecting the usage log. It also says that application vendors can override your settings. lsusage.exe is the tool needed to access the protected logs.

Parsing the License File

lsdecode.exe

This utility will properly parse and display information about the licenses in lservrc. Frequently, the license files don't contain any or enough comments to tell you things like license expiration date, count, etc. Lsdecode will give you (I think) all the information in the license file. All the Sentinel utilities can be found in the install directory. I've made a copy of some of them in E:\SentinelLM\bin.

Here's an example:

NCBBXJPYFMB42GPW5BZLVQ8HN3N8HSXYGKODBE7FLKYLCIDBUDIJUPGLPD5M35XO2ISXRXR4XUG337Z# "MSMEDSFULL" version "10.4", no expiration date, additive

lsdecode says this about it:

License code: "NCBBXJPYFMB42GPW5BZLVQ8HN3N8HSXYGKODBE7FLKYLCIDBUDIJUPGLPD5M35XO2ISXRXR4XUG337Z# "MSMEDSFULL" version "10.4", no expiration date, additive"

 License type                 : Normal Network 
 Feature name                 : "MSMEDSFULL" 
 Feature version              : "10.4"

 Max concurrent users         : 50
 Soft limit on users          : Unlimited.
 License start date           : Morning of Jan 18, 2007
 Expiration date              : License has no expiration.
 Server locking code          : Primary   = "2A480"
 Lock code depends on         : Sentinel Computer ID
 Additive/exclusive           : Additive license (number of tokens will be added).
 Sharing criterion            : Client host name based sharing.
 Held licenses                : Held licenses disabled.
 Token lifetime (heartbeat)   : 600 secs (10 min(s))
 Action on clock tamper       : No action.
 Log encryption level         : 1

 Commuter license allowed     : YES

Server Setup Notes

Logging

You can enable logging for SentinelLM by configuring the LSERVOPTS environment variable. You can change the directory where it looks for the config files by setting the LSDEFAULTDIR variable.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"LSDEFAULTDIR"="E:\\SentinelLM\\config"
"LSERVOPTS"="-com 50 -l E:\\SentinelLM\\logs\\usage.log -f E:\\SentinelLM\\logs\\error.log"

Sentinel Protection Server

Sentinel RMS Development Kit License Manager


Old Documentation

SentinelLM license manager

Uses a software-enforced or hardlock-enforced license file.
Install the license server on license3 for software-enforced license file for SAP2000:
  • From the SAP 2000 version 9 CD, launch License Manager\Server\Setup\setup.exe
  • Install SentinelLM 7.2.0.18 license server
    • Default install location: C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0.18 Server
    • Launch the following to add or remove the SentinelLM service (which is installed by default)
    • C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0.18 Server\English\loadls.exe
  • Generate license server codes for requesting a license
    • Install the standalone version of SAP 2000 version 9 on another system
    • Copy echoid.exe from the standalone product install directory to license server.
      • C:\Program Files\Computers and Structures\SAP2000 9\echoid.exe
      • C:\Program Files\Computers and Structures\SAP2000 9\wechoid.exe
      • C:\Program Files\Computers and Structures\SAP2000 9\lsapiw32.dll
    • Launch wechoid.exe and select the requested devices to lock license file to.
    • Licence code for license3 locked to disk volume ID: 4-2C20D
  • Reconfigure the service to restart the service if it fails one, two, or more times.
Install the license server on license4 for USB and parallel port hardlock license management:
  • Download and install the latest USB and parallel port drivers. Do not install the management web server. Current drivers appear to be available from the http://www.safenet-inc.com/ in the Sentinel Protection Installer download. The current version is 7.1.0.
  • Install a FlexLM license manager for ArcGIS. Install SentinelLM for AspenTech (InstallingAspenTechLicense).
  • If diagnostics are required for the USB or parallel port hardlock device, download and install the SuperPro Medic.
  • Merge license files to a file named “lservrc” and put it in the following directory:
  • C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0.1 Server\English
  • Restart the SentinelLM service to make sure that it loads the new “lservrc” license file.
Install the license server on license5 for USB hardlock license management:
  • Download and install the latest USB drivers. Do not install the management web server. Current drivers appear to be available from the http://www.safenet-inc.com/ in the Sentinel Protection Installer download. The current version is 7.3.0.
  • If diagnostics are required for the USB or parallel port hardlock device, download and install the !SuperPro Medic.
  • Merge license files to a file named “lservrc”.
  • Then copy it to the following directory:
  • C:\Program Files\Common Files\SafeNet Sentinel\Sentinel LM Server\WinNT
  • Restart the Sentinel LM service to make sure that it loads the new “lservrc” license file.
  • Reconfigure the service to restart the service if it fails one, two, or more times.
Sentinel LM 8.0 Server
  • Try to find downloads for the SentinelLM product.
  • Download and install the latest USB and parallel port drivers. Do not install the management web server. The web server is listed as “Sentinel Protection Server”. Current drivers appear to be available from the http://www.safenet-inc.com/ in the Sentinel Protection Installer download. The current version is 7.1.1.
Install the license server on licshared01 for USB and parallel port hardlock license management:
  • Licshared01 Sentinel LM path: C:\Program Files\SURFWARE\Network Server\Server\WinNT\lservrc
change/applications/licensing/sentinellm.txt · Last modified: 2012/01/13 16:13 by thartman