NOTE: The simplification does not consider all the possible versions of Maximo, add-ons, industry solutions, etc.
Maximo licensing model
IBM Maximo products are typically licensed by users. Currently, the IBM Maximo Asset Management suite offers several levels of licensing options:
- Authorized Users: Power users that can access all applications.
- Limited Use Users: Standard users that can access only three modules. They also inherit the Express Use grants.
- Express Use User: Basic users that can run and view reports, view and approve records, and make updates to work orders that are assigned to them. Read-only access to all application is allowed. This option is available starting from Maximo 7.5.
- Unlimited use users: Self Service Requestors, Desktop Requisitions and Health, Safety Environment Self Service Users entitlements are included with core license for unlimited users.
To support this categorization Maximo offers a 'User Type' field available in the Users application.
The set of allowed values is defined in the USERTYPE domain.
User Types Best Practice
I suggest to change the description of the first 4 domain values in agreement with the available user types. Alternatively you can create your own entries: AUTH, LIMITED, EXPRESS, UNLIMITED.
License compliance check
Now let's go to the technical side of the problem. The best way of auditing your Maximo environment's licenses is through SQL queries.
First of all you have to define a new database view.
DROP VIEW checkusers; CREATE VIEW checkusers AS SELECT maxuser.type, maxuser.userid, maxmenu.moduleapp, applicationauth.app FROM applicationauth INNER JOIN maxmenu ON applicationauth.app=maxmenu.keyvalue INNER JOIN groupuser ON applicationauth.groupname=groupuser.groupname INNER JOIN maxuser ON groupuser.userid=maxuser.userid WHERE maxuser.status='ACTIVE' AND maxmenu.menutype='MODULE' AND maxmenu.moduleapp NOT IN ('REPORTING','HIDDEN') AND applicationauth.app NOT LIKE '%CONFIG' AND applicationauth.app<>'KPI' AND applicationauth.optionname='SAVE' GROUP BY maxuser.type, maxuser.userid, maxmenu.moduleapp, applicationauth.app;
Note that we are focusing only at SAVE grant because read only is allowed on all applications.
Now take a look at how your users are distributed on the different groups.
SELECT type, COUNT(*) FROM checkusers GROUP by type ORDER BY type;
If the select returns an empty resultset you probably have a translated value in the STATUS field so you have to adjust the view definition.
To go deeper in your analysis you have to check if the users allocated to the different user types have the right level of access. The following queries returns how many modules are granted to each user and what these modules are.
SELECT type, userid, COUNT(*) FROM checkusers GROUP by type, userid ORDER BY type, userid; SELECT type, userid, moduleapp FROM checkusers GROUP BY type, userid, moduleapp ORDER BY type, userid, moduleapp;These are the main tools for performing the license audit. Compare your results with licensing terms and conditions.
New licensing options for IBM Maximo
Monitoring license Compliance
Monitoring License Compliance in Maximo 7
New Maximo portfolio pricing adds flexibility to licensing model
Licensing Information and Usage Restrictions
IBM Maximo Licensing Demystified