I am about to implement a very basic licensing feature for my application. A serial number may be granted per-machine (or per-operating-system) or per-user (as for CAL in Windows Server: if my application is used by several users on one machine or if it is used by one user on several machines).
For per-operating-system licensing, I use SerialNumber of Win32_OperatingSystem.
For per-user licensing, I use:
WindowsIdentity currentIdentity = WindowsIdentity.GetCurrent(); if (currentIdentity != null) { SecurityIdentifier userSid = currentIdentity.User.AccountDomainSid; Console.WriteLine(userSid); }
A hash of an obtained OS serial number or SID is then stored in the database, associated with application serial; each time the program starts, it queries the server, sending hash of OS SN/SID and application serial.
Is it a right thing to do it or is it completely wrong? Will it work on every Windows machine? (For example, using motherboard serial is wrong)