How to License Microsoft in Citrix

Licensing Microsoft applications in environments like Citrix is one of the biggest ‘gotchas’ that Microsoft customers and Software Asset Managers face. We often see that organizations misinterpret the licensing rules resulting in overspend or non-compliance, two positions you do not want to be in.

Licensing Microsoft applications in environments like Citrix is one of the biggest ‘gotchas’ that Microsoft customers and Software Asset Managers face.

We often see that organizations misinterpret the licensing rules resulting in overspend or non-compliance, two positions you do not want to be in.


The biggest challenge is that organizations believe you only have to license the Microsoft products in Citrix that are actively being used. This is not the case. Depending on your license metrics and the terms and conditions of your Microsoft agreement, you must license every user or device (depending on the Microsoft product) that has access to the server or Citrix environment.

It’s a case of ‘x number of users or devices could use Microsoft software; therefore, you need a license for all of them.’ Vendors like Oracle and IBM have a similar mantra for database products. We’ve seen this first hand.

One organization assigned 200 Microsoft 2013 Pro Plus (device based) licenses to users to access Office within their Citrix environment. Unfortunately, they failed to put any password protection on the server or Active Directory group policies so all 8,000 end-users could access the Citrix environment and Microsoft Office.

During a Microsoft review, they were found to be 7,800 Office licenses short – which they then had to purchase.


Another issue is that you must have the precise version and edition of Microsoft software on a Citrix server as stated in your contract. This is an area with a lot of ambiguity and room for interpretation, but our customers are reporting the following.

The version or edition on the server needs to match the version or edition that is assigned to the devices that are going to access it. You could still technically upgrade, just as long as you have upgraded the license assigned to the device that accesses it and then upgraded the installation on the server.

You could still downgrade the license but you would need to ensure that, in cases where the installation is on the device as well as the server, that they match. For thin clients ‘assigning’ is more of an internal decision rather than a physical thing.

A customer reports that you cannot have a device with Office Pro Plus installed on it, and then access Office Pro Plus 2013 in a remote environment. They were advised that they needed separate licenses. Looking at the product terms it is far from clear exactly what the rules are.

It is implicitly mentioned that you can use downgrade rights, but customers have experienced the need to have the same edition and version as stated above.

In order to help ease confusion and address non-compliance, organizations should standardize on the Microsoft products deployed across their estate. This can be facilitated with Snow License Manager (as outlined below) and is considered Software Asset Management best practice as it helps with compliance, risk, support and also software management.

How to standardize Microsoft Products

List all your Microsoft applications within Snow License Manager and identify the version you wish to standardize on (it maybe the latest version you have licenses for). You then need to identify the users and associated machines.

Using Snow Automation Platform arrange for the removal of all older versions of Microsoft products and the installation of the newer, standardized version of the software.


Image removed.
The next focus should be on restricting users access to servers or Citrix environments with Microsoft products present.


You can restrict users accessing the Citrix server by splitting domains, implementing Active Directory group policies or putting password access onto the server. These restrictions reduce the number of users who can access the server, resulting in fewer licenses being required.

You need to prove to Microsoft that you have restricted access to the Citrix environment so that you can justify the requirement for fewer licenses. Active Directory group policies are strong pieces of evidence to present to Microsoft because they highlight the users that have access to the Citrix server.

The AD structure could look something like:


The structure can be replicated for every Microsoft application installed within the Citrix environment. The result is the correct and a limited number of users with access to the server. Another essential step towards optimizing existing licenses and reducing risk.

However, there is another stumbling block. You may have Office and Visio installed within a certain Citrix environment. You have provided 150 users with the password to access the server. All 150 of these users use Office, however, only 20 make use of Visio.

In this case, you will still need to license Visio for 150 users as they have access to the software and potentially could use the software whenever they wanted. This is another way Microsoft profits during an audit as although the organization believes that it licensed the Citrix environment correctly, by assigning 150 Office Pro Plus licenses and 20 Visio Pro licenses, Microsoft will identify a shortfall of 130 Visio licenses.

In an audit scenario, this will result in the organization having to pay full price plus an audit fine. By restricting the number of users that have access to your Citrix Server will reduce your license requirements and costs significantly, meaning you can invest in other vendors or new technologies.


Snow License Manager provides visibility on what Microsoft software is installed on servers and within Terminal Services. Understanding what is installed is the first step in understanding your compliance position, identifying risks and optimizing existing assets.

Image removed.

In order to proactively manage your Microsoft licenses for Citrix environments, you need to make sure that you have accurate entitlement data and that you understand your Microsoft contract. By adding inaccurate entitlement data, you will be presented with the wrong compliance position resulting in false data for actions to be based off.

Through understanding your entitlement data and adding the correct number of licenses, you can then establish whether you need more Microsoft licenses to meet the demand for Microsoft products within Citrix servers, or that you actually have too many licenses and need to understand why.

Having an accurate compliance position will help you identify your risks so you can use Software Asset Management processes to start rectifying any shortfalls or excess software.

Image removed.

Another way in which you can manage the Microsoft/ Citrix relationship within Snow License Manager is by creating a custom Organizational Unit (OU) structure. You can add the specific users and machines to the OU so you have a clear and transparent understanding of who is consuming a license.

This method is particularly useful for managing compliance within large enterprise organizations. It also helps the Software Asset Management team monitor usage so they can see who has access to a license but isn’t using it. The data enables you to make an informed decision as to whether or not to remove a user’s access to the Citrix Server to free up an existing license.


In summary, when licensing Microsoft products within Citrix you need to:


Managing Microsoft products with Citrix is complicated, but with the right blend of people, process, and technology you can take back control of your estate and optimize your environments and assets rather than worrying about risks and non-compliance.  

Want to save 30 percent on your Microsoft estate? We have an e-Book that provides hints and tips on how you can reduce your Microsoft spend by up to 30 percent.

Download the e-Book here!