A practical guide for SAM managers and Oracle licensing specialists. Learn how to use LMS script output to assess EBS application usage — mapping responsibilities to modules, counting active users, identifying compliance red flags, and documenting findings for Oracle's Application User metric.
This guide focuses exclusively on the EBS application layer — users, responsibilities/roles, and modules. It excludes database or WebLogic/middleware analysis. For middleware analysis, see Analysing Oracle Middleware with the LMS Collection Tool.
Oracle E-Business Suite licensing is typically based on the number of Application Users — named users authorised to access each EBS module. Oracle provides a License Management Services (LMS) Collection Tool (script) to gather data from the EBS application layer for audit and analysis.
When run (typically by an Apps DBA using APPS schema credentials), the script queries the core Oracle EBS application tables and writes results to output files. It focuses on who has access to what within EBS.
FND_USER. Shows every user who can log in to EBS — with creation date, end (deactivation) date, last login date, and status (active/inactive). This is the foundation for counting licences because each active user potentially consumes a licence.FND_RESPONSIBILITY (with names in FND_RESPONSIBILITY_TL). In EBS, a responsibility is a role that grants users access to a specific set of menus, forms, and data related to one or more functional modules. The script extracts all responsibilities (IDs, internal keys, descriptions) and their association with an application/module via APPLICATION_ID.FND_USER_RESP_GROUPS (or equivalent role-based views) linking FND_USER and FND_RESPONSIBILITY. Each assignment includes a start date and (optionally) an end date. This allows analysis of who has access to what and when that access was active.FND_PRODUCT_INSTALLATIONS. Each module has a status flag: "I" (Installed) — module components are present and active; "S" (Shared) — included as part of another suite or shared installation, not separately licensed; "N" (Not Installed) — not present. If a module is Installed or Shared and users have responsibilities for it, it should be counted toward usage.After running the LMS collection script, you'll receive a set of output files (typically CSV or TXT). Each corresponds to a specific data set. The exact filenames vary, but commonly they are named after the tables or data they contain.
Lists all EBS application user accounts. Fields include: USER_NAME (login), USER_ID, employee/person link, creation date, last login date, end date (if end-dated), and active status.
Definitions of all responsibilities in the EBS system. Fields include: RESPONSIBILITY_NAME, RESPONSIBILITY_KEY, RESPONSIBILITY_ID, APPLICATION_ID (ties responsibility to a specific module), description, and end date.
APPLICATION_ID or the associated application name — this indicates the module the responsibility belongs to.May come as a separate file or part of a combined report. Lists each user paired with their responsibility, including assignment effective start and end dates. Pulled from FND_USER_RESP_GROUPS.
Lists all EBS applications (modules) with a status flag: "I" (Installed), "S" (Shared), "N" (Not Installed). Includes APPLICATION_ID and full application name.
Always retain all raw data files — they back up your analysis. The LMS tool may output additional files (Application Server, WebLogic, database options), but for EBS application layer analysis, concentrate on the four files above.
Understanding which module a given responsibility belongs to is critical. Each responsibility in FND_RESPONSIBILITY has an APPLICATION_ID that links to FND_APPLICATION. Two approaches:
APPLICATION_ID to FND_APPLICATION_TL to get the full application name. For example, a responsibility with APPLICATION_ID for "SQLAP" (Payables) maps to "Oracle Payables." The LMS script may already show an APPLICATION_NAME field. If not, manually map using a reference list. This is the more reliable method and essential for custom responsibilities.| Responsibility Name | Module (EBS Application) |
|---|---|
| General Ledger Super User | Oracle General Ledger (Financials) |
| Payables Manager | Oracle Payables (Financials – AP) |
| Receivables Manager | Oracle Receivables (Financials – AR) |
| HRMS Manager | Oracle Human Resources (HRMS) |
| Order Management Super User | Oracle Order Management |
| Inventory Super User | Oracle Inventory |
| Purchasing Buyer | Oracle Purchasing (Procurement) |
| Projects Costing Super User | Oracle Projects (Costing/Billing) |
| Fixed Assets Manager | Oracle Assets (FA) |
| System Administrator | System Administration (Foundation — AOL) |
Note: Some responsibilities (System Administrator, Application Developer) pertain to the EBS foundation layer. Users with these still count as EBS users, but they are not tied to a business module licence — they need at least one module licence in the suite. See Complete Oracle EBS Application Module List for comprehensive mapping.
Once you have the user-responsibility assignment data and know which module each responsibility belongs to, you can calculate usage per module. Oracle's Application User licences are counted per module — every unique user with access to a given module should count toward that module's licence count.
Exclude end-dated responsibilities and end-dated users. Consider only users who are currently active and have at least one active responsibility (today's date is between start and end date in FND_USER_RESP_GROUPS, and the user account is not expired).
Translate each user-responsibility pair into a user-module pair using the responsibility-to-module mapping. Example: UserA has "Payables Manager" and "Purchasing Buyer" → UserA → Oracle Payables + Oracle Purchasing.
For each module, aggregate the list of users. Count unique user IDs per module to avoid double-counting (a user with two responsibilities in the same module = one licence). SQL: COUNT(DISTINCT user_id) GROUP BY application_module.
If users have responsibilities under a "Shared" module, still count them — but understand licensing implications. "Shared" modules are often required components of licensed suites and may not need a separate licence. Check your licence bundle definition.
| EBS Module (Application Name) | Status | Active Users |
|---|---|---|
| Advanced Product Catalog | Installed | 4,342 |
| Oracle Assets | Installed | 10 |
| Bills of Material | Installed | 287 |
| Oracle General Ledger | Installed | 156 |
| Oracle Payables | Installed | 89 |
| Oracle Purchasing | Installed | 203 |
| Oracle Receivables | Installed | 45 |
| Oracle Human Resources | Shared | 1,240 |
Each row shows the distinct active user count with at least one responsibility for that module. This is what you compare against your purchased entitlements.
Be mindful of what constitutes an "active user" in licensing. Oracle's policy is that anyone authorised to use the software counts as a named user, whether or not they are actively logging in.
Even if a user hasn't logged in recently, as long as their account is active and they have access, they should be counted. A best practice is to regularly end-date or disable accounts for people who have left or no longer need access.
Access = Licence. Oracle does not accept the argument that a user "didn't use" the module. If they can use it (active account + active responsibility), they count. The only reliable way to exclude a user from the count is to end-date or disable their account, or remove the responsibility.
You can cross-verify user activity (sign-on audit, last login info in FND_USER) to distinguish active usage versus just active authorisation. While licensing is based on access, this information helps prioritise which accounts to disable if not truly needed. But for the counting exercise, stick to the rule: if they are enabled with responsibilities, count them.
While analysing the LMS script output, certain findings should raise concern. These red flags indicate compliance issues or inefficiencies in access management.
APPLICATION_ID it was created under), potentially underestimating multi-module access.Analysing the raw data is only half the battle — the other half is documenting results clearly so you can take action and demonstrate compliance (or gaps) to stakeholders or auditors.
| EBS Module | Active Users | Licensed Users | Status |
|---|---|---|---|
| Oracle Payables (AP) | 30 | 25 | 5 Over Deployed ⚠️ |
| Oracle Receivables (AR) | 12 | 15 | 3 Spare ✓ |
| Oracle Purchasing | 18 | 20 | OK (within limits) ✓ |
| Oracle Projects | 0 | 0 | OK ✓ |
| Oracle Human Resources | 50 | 50 | Maxed out ⚡ |
| Oracle Inventory | 5 | Not Licensed | Unlicensed Usage 🚨 |
APPLICATION_ID or menu content). This is important if questioned by Oracle's audit team. Also note any indirect or hidden usage — e.g. users counted under a module only because of a technical responsibility (like a workflow responsibility).Catch issues early — run before Oracle ever asks. Address red flags: remove needless responsibilities, end-date stale users, true-up licences.
New provisioning requests should check against licensed modules. If no capacity, trigger a licence purchase or limited access.
Management reviews who has access to what — at least annually. This helps security and keeps licensing in check.
Keep LMS output files, queries, and spreadsheets. Oracle's auditors may run the same script and compare results — show you used the official script unaltered.
Check for special metrics — some modules may be licensed by processor, enterprise metric, or employee count rather than Application User.
If under-licensed for a module, plan remediation (purchase or reduce usage) before an official audit. Proactive purchases avoid back-support fees.
Need help interpreting Oracle LMS script output or preparing for an EBS audit?
Oracle Audit Defence →Systematically analysing LMS script output helps ensure compliance with Oracle's licensing policies and often reveals opportunities to optimise — identifying unused accounts or modules not actually needed can allow you to reduce licence counts or reallocate them where needed. Treat this as a periodic discipline, not a one-time exercise.
Download our independent guides on Oracle licensing, audit defence, EBS compliance, and contract negotiation
Share your LMS script output and contract details. We'll provide an independent compliance assessment, red flag identification, and remediation plan — typically within 48 hours.