Search for a License in AD Bridge

Obtain a License Key

An AD Bridge agent obtains a license key by first looking for a license container in the organizational unit (OU) the computer is joined to. If it obtains a license from that container, it will assign it to the agent machine.

If an AD Bridge agent does not find a license container, it will start to search higher in the hierarchy of the AD Bridge tree, repeating the process, until it reaches the root of the domain.

Once the agent discovers a license container, and whether or not a license key can be found, the agent will not look for additional license containers.

Verify a License Key

The AD Bridge agent verifies a license in the following instances:

• When you run the setkey-cli utility
• When you start the AD Bridge authentication service
• When you log in

To verify a license, the setkey-cli utility uses the computer's Active Directory account to search for licenses in the computer's OU hierarchy up to the top of the domain. When the computer’s domain controller is down, the utility loads the license from the disk without verifying its assignment in Active Directory.

The AD Bridge Group Policy service also checks for a license when it refreshes the computer's Group Policy Objects (GPOs). If the license is invalid, the service ignores the GPOs. Once the license becomes permanent and valid, the service applies the GPOs when it restarts.

If the message "Invalid computer!" is displayed in the Assigned To column, revoke the license and return it to the pool of available licenses. Right-click the license you want to revoke and click Revoke License.