Ninety-four percent of software audits uncover discrepancies that administrators already recognized but could not quantify within the rigid confines of a spreadsheet.
At on a damp Tuesday in a glass-walled conference room in Chicago, the compliance officer opened a leather folder. The air smelled of stale coffee. He wanted a single number.
Helena, the system administrator, sat across from him with a thermal mug and a stack of printed server logs. She knew the infrastructure like a map of her own childhood. “How many RDS CALs are we using, exactly?” the officer asked. He held a silver pen. Helena hesitated because she understood that “exactly” is a word with different meanings depending on who is holding the budget.
The officer waited.
The Meaning of “Exactly”
She thought of the night shift in the suburban warehouse where four workers shared one rugged tablet. She thought of the executive team who each accessed the terminal server from a laptop, a desktop, and a phone.
Last 30 Days
At 2:00 PM Peak
“If we count the unique users who logged in over the last thirty days, the number is 412,” she said. The officer began to write. “But if we count the concurrent sessions during the peak overlap at , the number is 538,” she added.
The pen stopped moving.
The officer requires legibility to satisfy the board, but Helena requires accuracy to satisfy the server. When these two needs collide, the truth is usually the first casualty of the encounter.
Bureaucracy demands a period, but reality prefers a tilde.
The struggle begins with the fundamental architecture of the Microsoft Remote Desktop Services Client Access License. A User CAL is a tether to a human soul. It allows one person to access the server from any number of devices. This is the preferred path for the modern office where mobility is a status symbol.
A Device CAL is a boundary around a piece of plastic and silicon. It allows an unlimited number of people to use one specific machine. This is the traditional path for the factory floor or the medical clinic.
The Administrator as Translator
User CAL
Assigned to the “Nomadic” marketing department.
Device CAL
Bolted to metal desks on the shipping docks.
Helena knew that her environment was a hybrid beast. The compliance officer did not care about the nuance of the workflow. He only cared about the delta between the licenses owned and the licenses deployed. He viewed the server as a stationary object rather than a shifting tide.
When an administrator is asked for a count, they are being asked to take a snapshot of a moving train. At , the count is low. At noon on a Monday, the count is a frantic surge. To provide one number is to ignore the of the year that do not match that specific moment.
Yet, the report must be filed. The officer needs a defensible figure that can withstand the scrutiny of an external auditor from a distant city.
Helena had spent the previous evening at her kitchen table. She had cleaned her phone screen with a microfiber cloth until the glass was a perfect mirror. She liked things to be clean. She liked things to be clear. She had consulted the
calculator to model her environment against the current Microsoft requirements for Windows Server 2022. The calculator did not give her a single number. It gave her a framework for her assumptions.
The Silent Pillars of Every Audit
Digital ghosts and memory slots: how assumptions shift the numbers.
Stale Sessions
Active Users
If you assume that a stale session is still active, your count is high. If you assume that a user who left the company three weeks ago no longer requires a license, your count is low. The server often keeps the ghost of the user alive in its memory for days. These digital ghosts occupy slots in the licensing server. They are not people, but they are “counts.”
The compliance officer tapped the silver pen against the table. The sound was rhythmic and impatient. “I need the number for the ‘Total Active’ column,” he said. He did not want to hear about ghosts or warehouse shifts or the 15-minute delivery window for new license packs. He wanted to close the leather folder.
The officer wrote it. “Why 480?” he asked.
“Because it represents the 95th percentile of our usage over a rolling ninety-day period, plus a 5% buffer for the projected growth of the sales team in the third quarter,” she explained.
The officer nodded. He liked the word “buffer.” It sounded like a plan rather than a guess. He liked the “95th percentile” because it sounded like mathematics rather than an observation. By providing the reasoning behind the number, Helena had given him the legibility he required without pretending that the number was a static truth.
She had converted her mess of server logs into a narrative that a ledger could digest. The tragedy of modern administration is that we are forced to simplify the complex until it is wrong. We take a distribution of probabilities and we flatten it into a single cell in a grid. This process discards the most important information: the uncertainty.
“An administrator who says ‘I don’t know’ is often more honest than the one who says ‘538.’ But ‘I don’t know’ does not fit in the column.”
The compliance officer closed his folder. The meeting was over. He had his count. He would go to his office and type 480 into a master spreadsheet that would be emailed to a director. The director would see 480 and feel a sense of calm. They would believe they understood the state of the network.
Helena would return to her desk and check the server logs. She would see that at , the actual number of active sessions was 421. At , it would be 492.
The 480 was a fiction that allowed the business to function.
The relationship between the admin and the officer is a dance of necessity. The admin provides the data, and the officer provides the protection. Without the count, the company is vulnerable to the financial wrath of a software giant. Without the nuance, the admin is a liar. The only way to bridge the gap is to embrace the “defensible estimate.”
The Defensible Estimate
It is not a guess. It is a calculation built on a foundation of known variables and transparent assumptions. It uses tools to verify the logic of the license selection-whether that is the decision to buy perpetual licenses or the choice between Windows Server 2019 and 2025. It acknowledges that the number on the report is a proxy for reality, not reality itself.
We live in an age of data, but we lack the courage to admit how much of it is fluid.
Helena watched the officer walk down the hallway. He walked with the confidence of a man who had a full folder. She picked up her thermal mug. She felt the weight of the silver pen she had almost stolen from the table. She thought about the warehouse workers and the marketing team. She knew that by tomorrow, the “exact” number would have changed again.
The server would continue to pulse. The sessions would open and close like the valves of a heart. And in , they would sit in the same room, with the same stale coffee, and try to catch the wind in a box once more.
The officer would ask for a number. Helena would give him a range. They would negotiate until they found a figure that was official enough to be believed and wrong enough to be useful.
This is the ritual of the report. It is the price of legibility in a world of complexity.
We buy our peace of mind with the currency of false precision, and we hope that the auditors never look too closely at the ghosts in the machine.