I was contacted by them recently. Has anyone ever allowed them to install their software and audit your system?

What kind of audit? As far as I know we are audited because of licences (shared/named users, numbers of users).

Regards
csecgn

Were you audited by SLA?
Did they ask you to install software?

I have been contacted by them recently they said they were doing all the customers running baan on unix and would contact me when they started doing the windows users. I will require evidence from them as to what the software does before it is installed. I believe this caused a bit of an issue with the german users when they first started this but that was sometime ago. there should be some old posts about this on the board already

Darren is right. This caused a big clash with the german customers.

According to the contract the german customers were/are having with Baan/SSA, it seems, that they are obliged to let SSA check on license usage, but this does not oblige them to install a SW for SSA.

Some of the arguments used against SSA were:

- What is the SW actually doing?
- What is it monitoring?
- What information is send to SSA?
- Who is carrying the cost for installing the SW?
- Who is carrying the cost for the required HW (a PC)?
- Who is carrying the cost, if some damage occurs?

Most of them blankly refused to install any monitoring SW and told SSA/SLA to send a person, if they want to do any audit. Obviously this would create a huge cost for SSA and only few "manual" audits were actually done. Still SSA managed to scare enough customers with this approach, so that these bought some additional licenses. So in that sense the whole thing was a short term financial success for SSA.

It looks like, that SSA has actually a clause in the BPICS contracts, which forces the customer to do such audits. So everybody was expecting SSA to start changing contracts in this direction and to include according tools in upcoming portingsets. According to my knowledge this has not happened yet.

One word of caution here: I am not a lawyer and anything written here is not to be regarded as legal advise. Obviously I do advise to have the correct amount of licenses fitting to the actual usage of your system.

Regards

Markus

If I remember correctly, they installed a software and monitored the use of the licences for some time (6 weeks??).
There has been some discussions inside the company about this.

But its a time ago and hasn't been my job (I normaly don't do system administration).
The result has been that we've removed some older, no more used user from baan (a kind of zombies) and that it becomes a little more complicate to get an user (not a bad idea. The admins have been a better cotrol how many people have an account and never used/didn't need it). And better arguments if we need more licences.

Regards
csecgn

Update:
I've just talked to our sys admins. The procedure has been as follows:
We got a software from baan. This software has been installed on an independend, clean PC. You have to make an entry for every baan server in
the network and then the software logs every login in baan. We've got an detailed protocoll after the time for the logins (IP and username).

Regards
csecgn

We received a letter about a possible audit in the future.
From the Dutch BWU (BAAN user group) I understood that one of the goals is to get rid of illegal source code on BAAN servers. The strange thing is that this problem was most of the times caused by BAAN itself, because of the fact that with servicepacks/patches/debugging of problems sources were sometimes delivered. I think that there is source code on a lot of BAAN servers in the world that the administrators are not aware of. So i think that they will also scan your system for source code and if you don't know how to remove this you can hire (pay) SSA people to do this for you!

I don't think that's true for 2 reasons.

1. If you have support, and you need to know how to get source off of your system, they will help.

2. Some source IS delivered by every patch / service pack. I doubt that is what they are looking for. more likely it is tools source or the include functions that you would only have illegally (since they are never delivered)

Also auditing is a good way for them to clean up their mistakes (such as the Free developers license that was mentioned on this board a few months ago..).

Dave

I've been told by my management to tell SLA to go jump off a cliff.
There is no way we are installing any software on our system.

Baan did not act very professional with this outside audit company. If they are trying to get us to switch ERP systems it was a good start.

Telling software auditors to "shove it" is extremly professional.

SSA is a small fry, wait until your DB vendor calls.

Dave

We were audited by our DB company last year. They were very professional.
They flew two people in for a full day. SSA can audit us when they show up here and statisfy my Network security admin's concerns.

Hello,

we had a manual audit, cause the software does not work for windows platforms.

I have advised the man from the company which servers are important (have a baan installation and using a licence). He wanted the following data, which I had exported for him:

1. Print User Data (ttaad2400m000) for all User
2. Query :
select
ttaad320.date,
ttaad320.user
from
ttaad320
where
ttaad320.date>= ttaad320.date.f and
ttaad320.date <= ttaad320.date.t

date was the last month.
3. For Unix-Server log.licd6.1 + olg.licd6.1
4. For Windows Servers the application log from the eventlog (10 Mbytes normally)

With this data the man created a user list, ignore standard-user (job user, bsp, tools, applic etc.)
We had to wait a long time for the results.

Bye, Volker

Be very very careful

The old Baan system can't control named users, it only controlled concurrent users. Therefore if any of you purchased named users in your original contract, you can use as many users as long as you don't surpass that number of concurrent users.

SSA wants to audit your Baan instalation to see how many named users you have and then charge you for the extra ones that you are using and that you did not paid for them.
As soon as they see that you used more than they allowed the bill you and send you all the legal crap to persuade you to pay.

THAT IS THE WAY SSA makes their sales quota.

Also check for the new "Licence expiration KEY software" that they are sending. I know that several customers in Latin America got the software and became a nightmare for them

Hello,


we have had no problem. This was an official audit from SSA and everything was OK. with the method I decribed he wanted to find out the real number of named users.

Bye, Volker

I just don't understand what SLA or SSA is looking for. We have a concurrent license for a set number of users. My company pays big $ for support and my management will drop support if SSA pushes this issue.