Offline activation use-case - suggestions?Solved

Looking for a suggestion on how to handle this software use-case:

We have software which is primarily used in offline (non-Internet) environments (due to security reasons, corporate policy etc.). For this reason, we always activate the software using the offline method before shipping.

However, there are times when the customer does connect to the internet and thus TA will be able to contact the LimeLM servers.

My question is: Does this contact with the LimeLM servers "convert" the license into an "online" activation thereafter?

We are trying to avoid the case where the customer is forced to connect to the internet to verify the license even though we have performed an offline activation pre-shipping.

By the way, we are currently using IsGenuineEx() with the TA_SKIP_OFFLINE flag (on every SW start).

Any suggestions would be appreciated.

Thanks.

>> "My question is: Does this contact with the LimeLM servers "convert" the license into an "online" activation thereafter?"

Yes, only if IsGenuineEx() is scheduled to talk to the servers.

If the customers have a consistent Internet policy that is actually secure (i.e. never allowing a computer that's not supposed to talk to the outside Internet to talk to the outside internet) then this won't be a problem. It's the fact that their policy is broken that's causing problems.

So, solution #1: the customer should fix their broken Internet policy. It's not secure.

Solution #2: You develop a "special version" of you app that uses IsActivated() rather than IsGenuineEx() for customers that absolutely cannot have internet-verification of your app (even despite a broken security policy). IsActivated() always checks the license locally, and never re-verifies with the activation servers.

Honestly, solution #1 is the real answer. Solution #2 is really only a solution if the customer is especially stubborn.

Sam wrote:> >> "My question is: Does this contact with the LimeLM servers> "convert" the license into an "online" activation> thereafter?"> > Yes, only if IsGenuineEx() is scheduled to talk to the servers.> > If the customers have a consistent Internet policy that is actually secure (i.e.> never allowing a computer that's not supposed to talk to the outside Internet to talk> to the outside internet) then this won't be a problem. It's the fact that their> policy is broken that's causing problems.> > > So, solution #1: the customer should fix their broken Internet policy. It's not> secure.> > Solution #2: You develop a "special version" of you app that uses> IsActivated() rather than IsGenuineEx() for customers that absolutely cannot have> internet-verification of your app (even despite a broken security policy).> IsActivated() always checks the license locally, and never re-verifies with the> activation servers.> > > Honestly, solution #1 is the real answer. Solution #2 is really only a solution if> the customer is especially stubborn.

Thanks Sam. Understood.

Unfortunately the software doesn't run on a normal PC, but instead a handheld device which typically doesn't require internet connectivity.

I guess there is no API call to check if the license was initially activated offline is there? If this was the case, I could decide whether to call isGenuineEx() or isActivated(). This would be very helpful.

We'll definitely think about adding a flag so that you can tell TurboActivate to never attempt re-verifying with the servers if the initial activation was offline.

> We'll definitely think about adding a flag so that you can tell TurboActivate to never attempt re-verifying with the servers if the initial activation was offline.

Have you now added such a flag?

I think we're currently observing a behavior where:1. User activates offline.2. The machine happens to be connected to Internet for a short while at some point. Activation magically "converts" into an "online" activation.3. Thereafter LimeLM tries follows nDaysBetweenChecks/nGraceDaysOnInetErr policy. If the machine is offline for long enough time, activation becomes "not genuine" and the user needs to re-activate.

Is this expected behavior? Is your recommendation still to keep track, outside TurboActivate, of whether the app was offline activated, and if so, use IsActivated() rather than IsGenuineEx()?

>> "Have you now added such a flag?"

No.

>> "Is this expected behavior?"

Yes. If they want offline behavior they should keep their machine offline.

Customers that actually need offline activations (i.e. locked down systems like banking terminals) do not vacillate between being online and offline. They're always offline.

For the vast majority of customers, online activation is easier faster and smaller support burden for you.

Wyatt wrote:> >> "Have you now added such a flag?"> > No.> > > >> "Is this expected behavior?"> > Yes. If they want offline behavior they should keep their machine offline.> > Customers that actually need offline activations (i.e. locked down systems like> banking terminals) do not vacillate between being online and offline. They're always> offline.

Maybe you think they _should_ be, and I kind of agree, but in _reality_ they are always not that way and we cannot affect that.

> For the vast majority of customers, online activation is easier faster and smaller> support burden for you.

Again, I agree, but we cannot control what our customers do.

It would be nice to have the flag there in TurboActivate. Now we have to manually work around this.