9

I am about to implement a very basic licensing feature for my application. A serial number may be granted per-machine (or per-operating-system) or per-user (as for CAL in Windows Server: if my application is used by several users on one machine or if it is used by one user on several machines).

  1. For per-operating-system licensing, I use SerialNumber of Win32_OperatingSystem.

  2. For per-user licensing, I use:

    WindowsIdentity currentIdentity = WindowsIdentity.GetCurrent();
if (currentIdentity != null)
{
    SecurityIdentifier userSid = currentIdentity.User.AccountDomainSid;
    Console.WriteLine(userSid);
}

A hash of an obtained OS serial number or SID is then stored in the database, associated with application serial; each time the program starts, it queries the server, sending hash of OS SN/SID and application serial.

Is it a right thing to do it or is it completely wrong? Will it work on every Windows machine? (For example, using motherboard serial is wrong)

Community
  • 1
  • 1
Arseni Mourzenko
  • 50,338
  • 35
  • 112
  • 199
  • Sounds OK to me, I've been using hashes of hardware IDs via WMI for one of the projects at work. Remember not to assume the format of any of the hardware ID - I've seen bugs caused by code written to assume that the returned strings do not return spaces and stuff. – anonymous Apr 28 '10 at 03:44
  • Well, seeing the number of views and the fact that there are no other replies, I conclude that my approach is not totally wrong. @Mr Roys, maybe you can promote your comment to an answer, so I would be able to accept it? – Arseni Mourzenko Apr 28 '10 at 20:36
  • You may also want to take a look at the scenario when a virtual environment is used. Would it still yield unique OS s/n? I know this is not an answer.. but couldn't add a comment here.. – Srikanth Venugopalan Apr 29 '10 at 02:59

1 Answers1

3

I don't see anything wrong with your approach, since I've seen a similar approach being used at work - however we use a combination of OS S/N and hardware IDs for machine licensing. Our apps don't have a per-user licensing, so I can't really advise on that.

Do note that you should not assume that values returned by WMI are in any particular format (Win32_OperatingSystem should be OK, IDs of hardware aren't always OK)

I've encountered bugs where the code accepting hardware IDs assumed a specific format and did not factor in the presence of non-alphanumeric characters such as commas and spaces.

anonymous
  • 3,474
  • 25
  • 29