Free tools to build and maintain your license inventory year-round, plus expert audit defense guidance from former Microsoft sales and licensing executives who know exactly how these engagements unfold.
Microsoft's "License Verification" teams are staffed with seasoned auditors trained in specific assertions, document requests, and negotiating tactics. The moment you receive a letter, the clock starts. Audit defense engagements are run through Directions on Microsoft — with 20-year veterans who have sat on both sides of these reviews and know exactly what Microsoft will and won't push for.
Know exactly what software is installed and running across every device, server, and virtual machine in your environment — before Microsoft does. Use the free tools below to get there without buying expensive SAM software.
Microsoft licenses are measured against installed instances, not employee count. A terminated employee whose workstation still runs Office is a compliance exposure. Regular reconciliation catches drift before it becomes a liability.
The most common audit findings involve Windows Server and SQL Server in virtual environments. License Mobility and Software Assurance rights are misunderstood constantly — know exactly what your SA benefits cover before an auditor asks.
Microsoft can request documentation going back years. Volume Licensing Agreements, Open License certificates, and CSP order confirmations should be retained in a central, accessible location. "We can't find the paperwork" is not a defense.
If you receive a License Verification letter, Microsoft will offer their own SAM tool or a "trusted" partner to run the assessment. You are not obligated to use their preferred vendor. Get independent guidance before you share any inventory data.
Your EA, MCA, or CSP agreement defines what Microsoft is and isn't entitled to request — including timelines and the scope of any review. Read the audit clause before you respond to any outreach. The first response sets the tone for everything that follows.
Running software beyond its end-of-support date — Windows Server 2012, SQL Server 2012, older Office versions — creates both a compliance and a security exposure. License auditors frequently use EOL software as a gateway to broader inventory reviews.
Snapshot sprawl and forgotten VMs are among the most common audit surprises. A VM that was spun up for a project two years ago and never decommissioned is still a licensable instance. RVTools (below) is the fastest way to surface these.
Run these before an audit finds you. A clean, documented inventory is your strongest defense — and your best negotiating position.
Agentless hardware and software inventory tool that scans your Windows environment via WMI and Active Directory — no software installed on target machines. Produces Excel-based reports covering installed software, SQL Server instances, Office versions, and virtualization data. The go-to starting point for any Microsoft license baseline.
Download from MicrosoftThe standard tool for VMware vSphere inventory. Connects to vCenter with read-only credentials and exports a comprehensive Excel workbook covering every virtual machine, host, datastore, cluster, snapshot, and license assignment in your environment. Essential for mapping Windows Server and SQL Server licenses in virtualized infrastructure — the most audit-prone area for most organizations.
Download from DellAgentless IT asset discovery platform that scans Windows, Linux, macOS, and network devices across your entire environment. Builds a detailed software and hardware inventory including installed applications, user data, warranty status, and license compliance metrics. The free tier covers up to 100 assets — more than enough for a compliance spot-check or smaller SMB environment.
Visit LansweeperEnterprise IT asset management platform with deep software license reconciliation, SAM capabilities, and endpoint discovery. LANDesk rebranded to Ivanti following a merger — if your organization is already running it, the SAM and license management modules are among the most robust available for building a defensible inventory position ahead of a Microsoft audit.
Visit IvantiOften overlooked as an audit tool, but your M365 Admin Center shows every assigned license, active user, and product subscription in your tenant in real time. Cross-referencing this against your HR termination list and Active Directory is the fastest way to identify over-provisioned or orphaned seats — which are both a cost and a compliance exposure.
Important caveat: Microsoft does not automatically enforce all licensing rules within the Admin Center — and it won't warn you when you're out of compliance. Customers with M365 E5, for example, are often shocked to discover that their Frontline Worker licenses require a separate Frontline Worker Defender Security & Purview Governance SKU that can effectively double the cost of every "F" SKU line item. Similarly, provisioning a single E5 user — or enabling certain premium services — in an otherwise E3 tenant can expose those services tenant-wide, creating unexpected licensing deficiencies that increase costs 30% or more across the entire user base. The Admin Center shows you what's assigned. It does not tell you what's required.
Open M365 Admin CenterAn official Microsoft-issued document summarizing your organization's license entitlements as recorded in Microsoft's systems. An MLS is one of the strongest pieces of evidence you can present during an audit — it reflects what Microsoft itself believes you own, and any discrepancy between the MLS and an auditor's findings must be reconciled against Microsoft's own records. Request one proactively before any audit engagement begins.
A word of caution: MLS documents are assembled by contractors pulling from multiple disparate Microsoft back-end systems — and in our experience, most issued statements contain errors or inconsistencies. An MLS that is accepted as fact during an audit can work against you if it overstates your entitlements or misrepresents your agreement structure. Contact us before treating any MLS as authoritative — we can help you identify errors before an auditor does.
Email [email protected]Don't respond until you understand the process. Audit defense engagements run through Directions on Microsoft — staffed by former Microsoft auditors and licensing executives with 20+ years of experience on both sides of these reviews. We know the playbook because we helped write it.