Executive Summary:
Oracle’s LMS Collection Tool (often referred to as Oracle LMS scripts) is a set of programs that Oracle uses during license audits to automatically collect data on your software usage.
This advisory article explains what the Oracle LMS Collection Tool does, why it matters to CIOs, CFOs, and procurement leaders, and how to navigate it effectively.
We outline the key risks these Oracle LMS scripts can expose, provide real-world examples of audit outcomes, and offer best practices to mitigate compliance issues and avoid expensive surprises.
Understanding Oracle’s LMS Collection Tool
Oracle LMS Collection Tool – also known simply as Oracle LMS scripts – is Oracle’s official audit toolkit for gathering detailed information about your Oracle software deployments.
During an audit or license review, Oracle will send these scripts and request that they be run on your servers. The goal is to inventory all Oracle products and their usage in your environment in a consistent and automated manner.
What it is: Essentially, the LMS Collection Tool is a bundle of script programs (shell scripts, SQL queries, etc.) that run on each system where Oracle software is installed.
They capture data on what Oracle software is present and how it’s being used.
Oracle LMS scripts cover a wide scope – from databases (including any installed Options or Management Packs) to middleware (WebLogic, Tuxedo, etc.), and even applications like E-Business Suite or Oracle BI.
If Java is in scope, Oracle may also include scripts to locate Java installations, as Java SE now has its licensing requirements.
Why Oracle uses it: Oracle’s License Management Services (now part of Oracle GLAS – Global Licensing and Advisory Services) developed these scripts to ensure no usage goes unnoticed during an audit.
Rather than relying on manual reporting, the Oracle LMS Collection Tool automatically pulls configuration and usage metrics directly from your systems.
Oracle trusts the data from its scripts – it’s their “single source of truth” during compliance assessments. For Oracle, using the LMS scripts standardizes audits across all customers, making the process faster and more reliable from their perspective.
Audit clause requirement:
In recent years, Oracle even updated its standard audit clauses to explicitly require customers to run Oracle’s data measurement tools and provide the results.
In practice, this means that if you’re audited, you will be asked (or required) to run the Oracle LMS Collection Tool. Refusing to run it isn’t a realistic option under most contracts’ cooperation clauses – Oracle sees it as essential for verifying compliance.
Read Interpreting Oracle LMS Database Script Output: A Guide for SAM Managers.
How Oracle LMS Scripts Work in an Audit
When your enterprise is selected for an Oracle audit, understanding how the Oracle LMS scripts process unfolds can help you stay prepared:
- Audit Notification: Oracle will give official notice of a license audit (often 45 days in advance per contract). The notice will outline which Oracle products or business units are in scope. Shortly after, Oracle’s audit team (License Management Services/GLAS) will schedule a kickoff meeting to discuss the audit process.
- Script Deployment: Oracle provides the Oracle LMS Collection Tool package, which is typically a compressed file containing multiple scripts. These include specialized modules for each product family (e.g., one for Oracle Database, one for WebLogic, and so on). Your IT team (DBAs, system administrators) is responsible for running these scripts on all relevant servers. Oracle LMS scripts typically need administrator-level access – for example, root or sysadmin privileges on the server and DBA credentials for databases – to collect all necessary data.
- Data Collection: The LMS scripts execute a broad set of queries and system checks. For instance, the database script runs hundreds of SQL queries against Oracle’s data dictionary and feature usage tables, checking which edition of Oracle Database is installed, which database Options (such as Partitioning or Advanced Compression) are installed, and whether they’ve ever been used. The scripts also gather hardware details (CPU cores, processor type, VM configuration) because Oracle’s licensing is core-based. For middleware, the scripts might inspect WebLogic Server domain configurations to see if clustering or advanced features are enabled. In short, Oracle LMS scripts thoroughly examine every aspect of your deployment to identify features or installations that require licenses.
- Result Analysis: Once the scripts run, they produce output files (logs and reports) that are sent back to Oracle’s auditors for analysis. The Oracle audit team will parse this data to identify any gaps – e.g., usage of a database option without a license, or more users on a product than you have purchased. They often have internal tools to quickly crunch the LMS script output. If you have a third-party Software Asset Management tool that’s Oracle-verified, Oracle might still request the raw script outputs to validate consistency.
- Follow-Up and Findings: Oracle will then present preliminary findings. This could include a list of compliance issues discovered via the Oracle LMS Collection Tool data, such as unlicensed products or undercounted processors. It’s not uncommon for Oracle to discover usage the customer wasn’t even aware of (for example, a feature that was enabled by a DBA long ago). At this stage, you’ll have a chance to review and respond – but Oracle will lean on the LMS script data as hard evidence of any violation.
Throughout the audit, Oracle’s LMS scripts are portrayed as the “quickest and most accurate” path to complete the audit.
For customers, it can feel intrusive, but knowing what to expect helps you maintain control. Next, we’ll examine the risks that these Oracle LMS scripts can expose.
Risks and Compliance Pitfalls Exposed by LMS Scripts
The Oracle LMS Collection Tool is powerful – and with great power comes notable risks for you, the customer.
CIOs and CFOs should be aware of the following compliance pitfalls that Oracle LMS scripts often uncover:
- Unlicensed Feature Usage: The primary risk is that LMS scripts will find Oracle software usage beyond what you’ve paid for. This might be obvious (e.g., an Oracle database instance running without any license at all), but often it’s subtle usage that triggers a compliance gap. For example, the scripts may reveal that the Oracle Database Partitioning option was enabled on a server, or that someone used the Diagnostic Pack by running an AWR report – even if it happened inadvertently. Oracle LMS scripts don’t just check current settings; they tap into Oracle’s internal logs and tables that record feature usage over time. Even historical or brief usage of a feature can be flagged. Many enterprises have been startled to learn that a feature toggled on “just for testing” two years ago left a usage footprint that now translates into a six- or seven-figure license liability.
- No Hiding or Omissions: Oracle LMS scripts are extremely thorough. They run across all specified systems and gather data uniformly. Suppose a company attempted to omit a server from the audit scope or withhold information. In that case, the scripts (and Oracle’s knowledge of your support contracts and system topology) will likely reveal inconsistencies. Oracle’s auditors will question any gaps in script results. Essentially, there is no easy way to hide installations – trying to do so would violate audit cooperation terms and greatly escalate the situation. Oracle uses LMS scripts to ensure that “no stone is unturned,” so every instance is scanned.
- Historical Usage = Current Liability: One sneaky pitfall is that the LMS Collection Tool can uncover historical usage that you thought was in the past. Oracle databases, for instance, keep cumulative counters of feature usage. If a DBA enabled the Oracle Tuning Pack for a day in 2021, the evidence of that remains in the database’s feature usage views. The LMS script will surface it. Oracle will consider that a compliance issue (“you used it without licensing it”) and may demand backdated fees. In other words, past usage is not forgiven just because you stopped using the feature. This retroactive aspect catches many companies off guard.
- Virtualization and Hardware Gaps: The scripts also check how your systems are configured. If you’re using virtualization technologies, it’s critical to understand Oracle’s policies. For example, on VMware, the LMS script may not capture the entire cluster information – Oracle will separately request VMware environment data (such as running a PowerCLI script) to determine if they should license the entire cluster. If you haven’t properly partitioned or if you can’t provide the evidence of isolation, Oracle could insist you need to license more servers. Many Oracle LMS script findings around VMware or cloud deployments lead to arguments over license scope (and potentially massive cost if Oracle’s interpretation wins out).
- Data and Confidentiality Concerns: By design, Oracle LMS scripts gather system data (hostnames, usernames, installation paths) and usage metrics, but not business data. They aren’t reading your application tables or customer info. However, some sensitive information may still appear (for instance, server names might contain a project code name, or usernames could be personal). Oracle provides a masking tool that uses hashing to anonymize elements such as IP addresses and usernames in the script output. It’s wise to use this if privacy is a concern.Additionally, your audit clause should include confidentiality protection – Oracle is obligated to maintain the confidentiality of any collected data. The key risk is making sure you review what will be sent to Oracle. Never tamper with the scripts to omit data (that would breach the audit terms), but you can discuss with Oracle if certain data feels out of scope or overly sensitive.
- Operational Impact: Oracle LMS Collection Tool scripts are generally safe and read-only; however, they execute numerous queries and checks. There is a minor risk of performance impact on production systems while the scripts execute (hundreds of queries could momentarily tax a database). Best practice is to schedule script runs during off-peak hours or maintenance windows to minimize disruptions.
- Oracle typically accommodates reasonable scheduling requests – they don’t want to crash your systems either, as long as the audit remains on track. Not running the scripts is not an option, but running them at a sensible time with proper oversight will mitigate this risk.
In summary, Oracle LMS scripts will expose any compliance gaps in your Oracle licensing. That’s exactly why Oracle uses them so insistently.
For you, the challenge is recognizing these risks in advance and managing them effectively.
The next section presents some typical findings and their potential cost impact to illustrate what is at stake. Staying up to date on script versions ensures you’re measuring against current license rules.
Read Analyzing Oracle Middleware with the LMS Collection Tool.
How Oracle Uses LMS Scripts in Audits
When Oracle decides to audit a customer, it typically has its LMS/GLAS team send over the LMS scripts and instructions for running them.
Oracle uses these scripts as the primary data collection mechanism during audits.
Here’s how the process usually works and who is involved:
- Audit Initiation: Oracle (often via a formal audit letter) exercises its contractual right to conduct an audit. The audit might be conducted by Oracle’s internal team (LMS/GLAS) or a certified third-party auditor working on Oracle’s behalf. In either case, the audit team will request information about your environment and, almost always, request that you run the official LMS scripts on all relevant systems (such as databases and middleware servers).
- LMS/GLAS Role: Oracle’s License Management Services (LMS), now integrated into Global Licensing and Advisory Services (GLAS), is the organization responsible for overseeing compliance audits. They provide the scripts and support to run them. GLAS positions itself as an “advisory” service, but make no mistake – their goal is to find and report compliance issues. If Oracle LMS is auditing you, you’re likely unsure of the process, worried about the outcome, and at risk of large financial exposure. The LMS team will analyze the script outputs to identify any usage beyond what your licenses allow.
- Data Analysis and LMS Findings: Once you return the script outputs to Oracle, the LMS/GLAS analysts parse the data. They compile a report of findings, which often highlights any unlicensed usage. For example, the report might say: “Database XYZ is using Partitioning option without a license,” or “WebLogic instance ABC is an Enterprise Edition feature (Java Mission Control) being used without proper licensing.” They will tally the shortfalls – e.g., the number of processors under-licensed or options used – and often calculate a financial exposure (the list price of licenses/ back support fees owed).
- Involvement of Oracle Sales: It’s essential to recognize that Oracle’s audit findings are typically referred to Oracle’s sales/licensing division for resolution. Ultimately, the audit’s purpose is revenue generation. Typically, Oracle will propose that you purchase additional licenses or subscriptions to resolve the compliance gap. The GLAS team (though branded as advisory) works hand-in-hand with Oracle’s sales reps. If the audit reveals a large shortfall, Oracle might sometimes push you toward signing an Unlimited License Agreement (ULA) or migrating to Oracle Cloud as a solution, aligning with their strategic goals (like pushing cloud adoption).
- Business Units and Partners: Historically, LMS (License Management Services) was the audit arm. Around 2019, Oracle rebranded much of LMS into GLAS (Global License and Advisory Services) to emphasize a friendlier, advisory approach. Despite the name change, the function is similar – ensuring customers are compliant (and capturing revenue from gaps). Oracle’s audit clauses also sometimes allow them to use third-party firms (so-called Oracle Approved License Management partners) to conduct audits. These partners also use Oracle’s LMS scripts under Oracle’s authorization. So, you might interact with an audit firm (like one of the big consultancies) that runs the scripts, but they are following Oracle’s playbook and reporting back to Oracle/GLAS.
In short, Oracle deploys LMS scripts to get a detailed picture of your usage and then uses that information to enforce compliance. The scripts’ output serves as evidence supporting Oracle’s compliance claims.
Gartner and industry analysts have observed that Oracle often interprets any gray areas in its favor—for instance, treating Oracle’s internal policies as contractual obligations.
That means Oracle will use the script results aggressively; if the data gives it “leverage” to claim you need more licenses, it likely will. SAM managers should anticipate this and prepare accordingly.
Read the Oracle E-Business Suite Usage Analysis Guide (Using Oracle LMS Collection Tool).
Compliance Findings and Cost Impact: What Oracle LMS Scripts Can Uncover
To understand the financial risk, it’s useful to examine common audit findings from Oracle LMS Collection Tool data and the potential costs to an enterprise.
The table below highlights a few examples of compliance issues Oracle LMS scripts might reveal, and the potential pricing impact of each:
| Common Audit Finding (via Oracle LMS scripts) | Potential License Cost Impact |
|---|---|
| Unlicensed Oracle Database instance – e.g. an Oracle database running without any purchased license. <br/>(Often happens when a test or departmental install bypassed procurement.) | Requires purchasing the appropriate license for that edition (e.g. Oracle Database Enterprise Edition ~$47,500 per processor). Oracle may also demand back-support fees (22% of license price per year since deployment). Even a 2-processor unlicensed DB could mean a one-time cost well over $100,000 including back support. |
| Use of a Database Option without license – e.g. Oracle Partitioning or Advanced Security option enabled on an instance without that option licensed. | Option licenses must be bought for each processor of the database. For example, Oracle Partitioning is approx. $11,500 per processor. If a 8-core server (4 processors) used Partitioning, that’s ~$46,000 in licenses required, plus support retroactively. Similar costs apply for other options (Advanced Compression, Transparent Data Encryption, etc.). These “surprise” costs easily reach six figures. |
| Usage of Management Packs (Diagnostics/Tuning) without licenses – e.g. Oracle Diagnostics Pack features used on a database but no pack license purchased. | Oracle Diagnostics Pack and Tuning Pack each cost around $7,500 per processor. If the LMS script shows these were used on a 16-core database server (which counts as 8 processors, assuming 2 cores per proc licensing), you’d need 8 licenses of each pack. That’s 8×$7.5k = $60k per pack, potentially doubling if both used – plus back-support. A routine use of AWR or tuning could trigger a ~$120k compliance gap. |
| Java SE installations without subscription – e.g. numerous Oracle JDK installs in use after Java licensing changes. | Oracle now requires a subscription or license for Java SE in many cases. If LMS scripts (or Oracle’s Java scanners) find, say, 1,000 desktops/servers running Oracle Java, Oracle might quote a Java SE Subscription based on number of employees or processors. This could run into hundreds of thousands annually in unplanned cost. |
| Virtualization misconfiguration – e.g. Oracle Database on VMware without soft partitioning (Oracle demands full cluster licensing). | Oracle’s policies may require all VMware cluster hosts to be licensed if partitioning isn’t configured per Oracle’s standards. An LMS script combined with VMware data might reveal an entire 20-host cluster was technically accessible to an Oracle DB. That scenario could force you to license dozens of processors you never intended to cover – potentially millions in list price. Enterprises often negotiate a settlement or architecture change when faced with this, but it’s a huge leverage point for Oracle in audits. |
Note: The above figures are illustrative based on Oracle list prices. In practice, enterprises often negotiate discounts or alternative resolutions (like an Unlimited License Agreement) to mitigate these costs once an issue is identified.
However, any finding from Oracle’s audit scripts can put you in a weak negotiating position – it’s better to prevent or discover these compliance gaps yourself before Oracle does.
As the table shows, the financial stakes are high. An Oracle LMS scripts audit finding can translate to a six- or seven-figure exposure very quickly.
Next, let’s look at a real-world example of how one company handled the situation when Oracle’s LMS Collection Tool found a compliance gap.
Real-World Example: Avoiding a Costly Oracle Audit Surprise
Background: A global manufacturing company (let’s call them “GlobalCo”) underwent an Oracle license audit last year.
Oracle’s audit team required running the Oracle LMS Collection Tool across all GlobalCo’s data centers. The CIO and license manager at GlobalCo were anxious – they had not reviewed Oracle usage in detail for a while.
LMS Script Findings: After running the Oracle LMS scripts, Oracle’s auditors discovered that GlobalCo had enabled Oracle Advanced Compression on several production databases without having purchased the option.
This had gone unnoticed internally. Advanced Compression option carries a list price of ~$11,500 per processor, and it was used on 10 processors’ worth of databases.
Oracle calculated a compliance exposure of approximately $115,000 in licenses, plus around $50,000 in backdated support fees, totaling approximately $165,000 owed.
To make matters worse, the scripts also flagged that one of GlobalCo’s Oracle WebLogic instances was using Oracle SOA Suite (a middleware component) beyond the limited-use rights that came with another product, which Oracle claimed would require additional licensing.
Negotiation and Outcome:
Facing a potential bill of over $200,000, GlobalCo opened negotiations with Oracle. Rather than paying punitive back fees at the full list price, GlobalCo’s CIO leveraged this as an opportunity to discuss a broader relationship update.
They negotiated a new Oracle Unlimited License Agreement (ULA) that covered Advanced Compression and several other options across the enterprise for the next 3 years. The ULA came at a significant cost (~$1.2 million).
Still, it allowed GlobalCo to resolve the immediate compliance findings and also accommodate growth (they would have needed to purchase some of those licenses anyway in the next couple of years).
Importantly, by converting the surprise audit bill into a ULA, the CIO could spread the expense over multiple budgets and gain deployment flexibility.
Lessons Learned: After the dust settled, GlobalCo’s leadership took away key lessons:
- Suppose they had performed an internal compliance check earlier (perhaps by running Oracle LMS scripts internally or using a third-party license tool). In that case, they might have caught the Advanced Compression usage and removed or licensed it before Oracle’s audit. That proactive step could have saved negotiation stress and given them more leverage.
- The audit also revealed gaps in communication between technical teams and procurement – DBAs had enabled features without realizing the licensing implications. The CFO instituted a policy that requires any use of new Oracle features to undergo a license impact review.
- GlobalCo’s outcome was ultimately positive (a ULA can be a useful solution), but it came at Oracle’s discretion. The CIO noted that it’s better to negotiate from a position of strength rather than under audit pressure. If they had known their compliance issues ahead of time, they might have negotiated that ULA on their terms at a better price.
This example highlights how an Oracle LMS Collection Tool finding can snowball into large costs, but also how savvy CIOs can turn it into a strategic decision (like entering a ULA) if needed.
Of course, the optimal route is to avoid the unpleasant surprise in the first place by managing Oracle LMS scripts proactively. So, you’ll already know what they’ll find and how to handle it, just as a seasoned analyst would recommend.
Best Practices for Managing Oracle LMS Scripts
Enterprise leaders should not wait for Oracle to dictate the audit terms; instead, they should take the initiative to establish clear audit terms.
There are several best practices to take control of the Oracle LMS scripts process and reduce your risk exposure:
- Run the scripts internally, before Oracle does. You can request Oracle’s LMS Collection Tool for your use or obtain a similar output via an Oracle-verified third-party tool. By running the Oracle LMS scripts (or equivalent) internally as a self-audit, you see exactly what Oracle would see. This allows you to discover and resolve compliance issues discreetly. Many organizations conduct internal Oracle license reviews annually for this reason. It’s far better to find out you accidentally used a feature and address it (or budget for it) than to have Oracle find it first in an official audit.
- Analyze the results with expert eyes. The raw output of Oracle’s LMS scripts can be cryptic – often hundreds of pages of data points. Ensure someone on your team (or a hired Oracle licensing expert) can interpret it. For example, if the script output shows “Partitioning: Used – Last Used 2023-08-15”, you need to determine if this triggers a license requirement and what the quantity is. An expert can translate script data into license requirements and dollar figures, enabling you to take informed action. Some Oracle license advisory firms offer services to parse LMS script outputs for you, providing a report of compliance risks before you hand data to Oracle.
- Address easy fixes before the audit report is released. If your internal review identifies straightforward compliance gaps – such as an option enabled on a development system that can be turned off – address them immediately. Reducing usage before the formal audit analysis might limit the scope of what Oracle can claim. (However, be cautious: do not try to delete or falsify audit data; instead, legitimately uninstall or disable the unlicensed features in the future. Historical usage might still be reported, but you can then at least show it’s been rectified.)
- Negotiate scope and data handling upfront. When an audit starts, engage your Oracle account manager or the audit team to clarify scope and process. For example, ensure you agree which systems are in scope so you only run Oracle LMS scripts where truly necessary. Also, confirm confidentiality terms in writing – although the contract covers it, reiterating that the data will be treated as sensitive can prompt Oracle to exercise greater care. If you have specific security requirements (e.g., the scripts can’t be run in certain high-security environments without clearance), communicate that and work out a plan. Oracle may allow some flexibility in how data is gathered, as long as they receive the necessary information.
- Use the LMS script masking options. As mentioned, Oracle’s tool includes a masking script that hashes sensitive details, such as usernames and IP addresses, in the output. It’s good practice to run this unless there’s a reason not to. Double-check the masked output to ensure it still makes sense to Oracle (e.g., usernames are hashed consistently so Oracle can determine if two databases have the same user count without knowing the actual names). Masking provides an extra layer of comfort by not exposing unnecessary information.
- Document and communicate throughout. Keep a log of when and how the Oracle LMS scripts were executed, along with the identity of the person who ran them. If any technical issues occurred (e.g., a script didn’t run on a server and had to be re-run), document it and inform Oracle promptly. Transparency in the process can help build trust and prevent Oracle from later accusing you of not running a script on a specific system. Additionally, internally communicate the audit progress to senior stakeholders – no CFO likes to be blindsided at the end. Regular updates with preliminary findings (once you know them) allow leadership to plan financially or strategize responses.
By following these best practices, enterprises can demystify the Oracle LMS Collection Tool and even use it to their advantage.
Instead of being a passive subject of an Oracle audit, you become an informed participant, armed with data about your own Oracle usage. In the next section, we distill these ideas into concrete recommendations and an action checklist.
Recommendations
Practical steps for CIOs, CFOs, and procurement leaders dealing with Oracle LMS scripts:
- Conduct regular internal license audits using Oracle’s LMS Collection Tool or a verified alternative – don’t wait for Oracle’s official audit.
- Train IT staff on license implications – ensure DBAs and admins know that enabling an Oracle feature may carry a cost. Governance here can prevent accidental usage.
- Engage third-party Oracle license experts if you lack in-house expertise. An outside advisor can interpret LMS script outputs and advise on remediation or negotiation strategies.
- Negotiate audit terms when possible – for example, try to schedule audits at a fiscally convenient time and clarify scope to avoid surprises. You may not be able to avoid the audit, but you can manage the process.
- Review your contracts’ audit clause before any audit. Understand your rights and obligations: what does “reasonable assistance” entail, any limits on data Oracle can collect, etc. Use this to guide your cooperation strategy.
- Don’t ignore Java – if your enterprise uses Oracle Java, include it in your compliance assessments. Oracle LMS scripts or similar tools should be run to inventory Java usage, as Oracle is now auditing Java SE aggressively.
- Plan for worst-case findings in advance. Have a rough contingency budget or strategy in case an audit uncovers a big shortfall (e.g., consider whether a ULA or cloud migration could be a fallback solution to address compliance gaps).
- Maintain clear documentation of your Oracle deployments and entitlements (licenses owned). This helps quickly reconcile what the LMS scripts find versus what you should be using, and speeds up discussions with Oracle.
- Stay calm and strategic during audits – treat Oracle’s audit team professionally, provide requested data (with proper controls), and use time wisely to analyze your position. Rushing to buy licenses under pressure is how many companies overspend; instead, evaluate all options (including negotiating license bundles or alternative technical solutions) before signing any check.
Checklist: 5 Actions to Take
- Initiate an Internal Audit Now: Don’t wait for Oracle. Assemble your IT asset management team to run an internal check of Oracle LMS scripts on all key systems. Identify any red flags (unlicensed features, extra installations, etc.) immediately.
- Fix and Mitigate Gaps: For each compliance gap identified, determine a suitable fix. This may involve uninstalling unused options, restricting access to features, or acquiring licenses as needed. Address what you can before involving Oracle.
- Update Stakeholders: Brief your CIO, CFO, and relevant directors about your current Oracle license compliance status. If risks are found, develop a game plan (e.g., “we may need to budget X for true-up or consider a ULA if audited”). Proactive communication avoids panic later.
- Prepare Your Audit Response Kit: Establish a clear process for handling Oracle audit notices. This includes a designated audit response team, communication protocols (who talks to Oracle), and a playbook of steps (e.g., legal review of audit notice, environment scope mapping, scheduling script execution with IT, etc.). Being prepared will make the audit go more smoothly and keep you in control.
- Leverage Expert Advice: Line up external support just in case. Identify a trusted Oracle licensing advisor or your software reseller’s compliance team who can be on call to help interpret LMS script results and advise on negotiations. When the audit clock is ticking, having expert help ready can save you crucial time and money.
FAQ
Q: Do we have to run Oracle’s LMS Collection Tool during an audit?
A: In almost all cases, yes. Your Oracle license agreement’s audit clause requires you to provide reasonable assistance and information. Oracle considers running their LMS scripts as standard practice for audits. Refusing outright could be deemed non-cooperation and lead to legal escalation or Oracle assuming worst-case usage. It’s usually better to comply with the script request – but do so on your terms by managing the process and data carefully.
Q: What kind of data do Oracle LMS scripts collect? Is it safe to run them?
A: Oracle LMS scripts collect configuration and usage data about Oracle products – things like installed software versions, features used, number of users, and server hardware stats. They are read-only scripts and should not change anything on your systems. They don’t pull business transaction data or personal customer data. However, they will gather environment details (hostnames, account names, etc.). Oracle offers a data masking option to hash sensitive fields, and your contract requires Oracle to maintain the confidentiality of audit data. Companies often review the script (which is provided in source form) to verify its functionality. In short, it’s generally safe, but always run it in a controlled manner and during low-usage periods to minimize performance impacts.
Q: Can we use our tools or scripts instead of Oracle’s LMS Collection Tool?
A: You can certainly use your license management tools internally, and Oracle even “verifies” some third-party SAM tools for accuracy. But during an official audit, Oracle will almost always insist on its LMS scripts for the final compliance verification. They trust their output. You might run your tool and present the findings, but expect Oracle to double-check with their scripts regardless. One approach some take is to run the Oracle LMS scripts internally (outside of an audit) to proactively identify issues – that way, you’re still using Oracle’s method, but on your schedule. In an audit, be prepared to run Oracle’s scripts as requested, while perhaps also running your tools in parallel for your analysis.
Q: What if Oracle LMS scripts find usage that we stopped or didn’t know about? Will Oracle penalize us for old or accidental usage?
A: This is a common dilemma. Oracle’s stance is that any usage of a licensable feature, even if accidental or in the past, is technically non-compliant because you didn’t have a license at that time. They may demand you rectify it by purchasing a license (and potentially backup support). That said, how you negotiate the resolution can vary. If it was truly a one-time mistake and the feature is now off, you might have some leeway to argue for a smaller settlement or exception – but don’t count on it. Oracle auditors typically present the full extent of the compliance gap. Then it’s up to you to negotiate a compromise or purchase (for example, bundling it into a larger deal or ULA as a solution). The key is to catch these things beforehand so you’re not caught off guard. Internally, treat any feature enablement as if Oracle will eventually discover it, and manage it proactively.
Q: How can we better prepare for Oracle audits and license compliance in the long run?
A: The best preparation is a strong software asset management practice for your Oracle estate. Maintain an up-to-date inventory of all Oracle deployments, including what is authorized versus what is actually being used. Regularly educate technical teams about the costs associated with features – for instance, ensure everyone is aware of which database options are off-limits without prior approval. Simulate an annual audit: run the Oracle LMS scripts or have a third-party audit conducted to identify internal issues. Also, stay informed about Oracle’s licensing policy changes (for example, new rules for Java or cloud environments) by reading Oracle’s official communications or analyst reports. If Oracle is a significant vendor for you, consider having a licensing specialist on staff or retainer. And finally, maintain a good working relationship with Oracle representatives – it won’t prevent an audit. Still, it might make negotiations less adversarial if you’ve established goodwill and open lines of communication.
Read more about our Oracle Audit Defense Service.
