Table of Contents

An Overview of CALs and more particularly RDS CALs? What, why and how.

In the realm of IT infrastructure, ensuring proper licensing is crucial. Indeed, more than ever, businesses need to maintain compliance and avoid legal issues. Client Access Licenses (CALs) are an integral part of Microsoft's licensing framework. For organisations using Remote Desktop Services (RDS), understanding RDS CALs has become essential.

This article aims to shed light on RDS CALs, explaining what they are, why they are needed, the differences between User and Device CALs, and their role in conjunction with Server CALs. In short, we will explore key aspects of RDS CALs and their significance in relation to remote access, to answer the question What are RDS CALs.

That done you will have a chance to discover what RDS-Tools can do for the RDS environment and specifically your company's IT infrastructure.

What is a CAL, or Client Access License?

A Client Access License, CAL for short, grants the right for devices or users to access a server and use its services. The license attached to the operating system allows the OS on the server to be run. These are Windows Server licenses. What I am going to call usage CALs combine with OS licensing to enable the access to and use of the server as well as its running. Microsoft offers two types of CALs - Device CAL and User CAL and these apply to either local and remote use situations. Read on, for their description.

Why RDS CALs?

Remote Desktop Services (RDS) provide the ability to access a server's desktop remotely. RDS CALs are specifically required for remote access scenarios. Each user or device that intends to access the server remotely needs to be properly licensed with RDS CALs to ensure compliance with Microsoft's licensing laws. These are additional to ordinary CALs and also attached to either User or Device.

How About Server CALs?

As you will have gathered, in addition to RDS CALs, businesses also need to remember Windows Server CALs. The latter CALs are essential so that each user or device accesses a licensed Windows Server. This applies regardless of the purposes of their access, except one: administration.

What? No CALs?

It is worth noting that one small exception to the CAL rules. Up to a maximum of two users or devices may access the server and software without extra CALs but the OS license, but on the following condition. They can access it for server administration purposes alone. This is the only case requiring neither RDS CAL nor standard CAL. No other “users” are allowed under the Windows Server CAL.

More About Server CALs: RDSH, RD Licensing Server and RDS Collections

Should your company infrastructure comprise a Remote Desktop Session Host (RDSH) server, bear in mind the following server behaviour. When a user initiates a connection with a RDSH server, the server will seek to contact a RD Licensing server to find out whether their incoming request is associated with a valid User CAL.

The RD Licensing Server has the job of checking its Collection and responding accordingly to the CALs it contains. Depending on if the user have an allocated CAL or not, the RD licensing server will respond positively or negatively to the RDSH server. The latter will accept the connection on the condition the response is positive. If the user has no CAL or there is no RD Licensing Server to respond to the query, it will refuse the user access. So, here again, it is important to have the appropriate licensing for your infrastructure.

Per User or Per Device CALs?

Each Per Device CAL is assigned to a specific device, so that multiple users can access the server from that unique device. In contrast, each Per User CAL is assigned to an individual user, enabling every one of those users to access the server from any device they like. Deciding between Per User or Per Device CALs will depend on the organisation's remote access requirements.

Because Per Device CALs tie the license to a specific device, it is better suited to a situation where multiple users need to access the server via only sole device. On the other hand, given the fact Per User CALs associate each license with a particular user, it will grant them access from whichever of the devices they may need to use. It is these use cases which will prompt you in your choice of the type of CALs your company may choose to purchase.

What Are the Main Differences between User and Device RDS CALs?

We have seen the main description of CALs and where RDS CALs fit in. Whether you will need both depends on whether your company only works within LAN or not. They work together when your users and clients need remote access and therefore require additional RDS licensing to complement the standard licenses.

Bearing in mind the following differences apply to local and RDS CALs, the main differences between Per User and Per Device CALs include:

1.     Licensing Method:

Per Device CALs are physically allocated to devices, while Per User CALs are assigned within Active Directory.

2.     Tracking:

RDS CALs can be tracked with Per Device, whereas it's not feasible within a workgroup for Per User.

3.     Revoking CALs:

Per Device allows for revoking up to 20% of RDS CALs, which is not possible with Per User.

4.     Temporary CALs:

Per Device offers temporary CALs or RDS CALs for a limited duration, but Per User does not issue temporary CALs.

5.     Over-allocation:

Per Device does not permit over-allocating RDS CALs, whereas Per User may result in over allocation.

Things to Bear in Mind With Remote Desktop Services

RDS brings several advantages, such as cost-effective thin-client architecture and centralised control. However, it also poses some challenges. Security and monitoring are two main issues, besides the added cost of RDS CALs. Anyhow, when planning and purchasing hardware, software, CALs or anything else, be they first or second hand, it is remain important to ensure they are genuine. This plays a part in ensuring compliance and security.

1.     RDS Security

If the RDS protocol (RDP) is exposed to the internet for remote access the server is left vulnerable to cyber-attacks. Be they brute-force, malware or other, it is essential to prevent them. With cyber-crime continually on the rise, it is paramount businesses and individuals grow better prepared against threats to data security. Indeed, it is sad to say that no server or computer is exempt from potentially becoming a target.

Yet, gladly, most admins and IT professional are aware of this and work hard to maintain the integrity of IT infrastructures. Beyond the all-important strong passwords and highly recommended two-factor authentication, measures can involve savvy infrastructure setup, RD gateway servers, maybe a DMZ as well as one or more firewalls, session time-outs, remote desktop role creation and management...

This is where RDS-Tools Advanced Security comes in with it all-round comprehensive protection. Our security software affords you, your colleagues and your clients the best cyber protection available, all that without breaking the bank.

2.     Monitoring of RDS Infrastructure

Implementing RDS also requires well planned and carefully defined deployment and configuration for users, groups, apps, and more. Added to that, is the necessary continuous monitoring, surveillance of servers and their performance and usage, and the consequent need for alerts and updates being sent to the right people. This could all further add to the administrative burden. Hence why we developed RDS-Tools Server Monitoring . Our software aims to take the burden of this every instant watchfulness off from your shoulders and do it for you in all simplicity.

Conclusion To What are RDS CALs

RDS CALs are a crucial element of remote access to Microsoft products via Remote Desktop Services. These licenses ensure compliance with Microsoft's licensing laws and facilitate regulated remote desktop access. By choosing the appropriate type of CALs and RDS CALs - Per User or Per Device - businesses can optimise their licensing costs and efficiently manage their remote desktop services.  With the advantages and challenges presented by RDS and RDS CALs, IT teams of any kind need to keep atop a wide range of tasks.

Our hope is that with the above summary, IT professionals can better weigh up their requirements and effectively organise their company’s remote workspace experience. Precise management of RDS CALs, calculating license requirements accurately and implementing RDS licensing effectively will ensure a compliant and productive remote access environment. Come what may, our tools for RDS make up the Swiss army knife of IT and you are welcome to try them out and contact us about them any day. To finish, remember, staying informed about the licensing requirements, security and other software evolutions is key for a smoothly functioning IT infrastructure.

Related Posts

RD Tools Software

"How to Remote Control a Computer: Choosing the Best Tools"

For quick support sessions, long-term remote work or administration tasks, remote access and control is a versatile tool. Remote controlling a computer allows you to access and manage another computer from a different location. Whether you are daily providing technical support, accessing files or managing servers or will need to in the future, read up on how to remote control a computer, checking through the principal methods and their main features to find out which may be better suited to your infrastructure, usage and security requirements.

Read article →
back to top of the page icon