Allowedclockoffset in lexfloat.config

We will almost certainly have to offer the offline, on-premise LexFloatServer option to some of our customers. It concerns me to see that the server config file allows the customer’s license admin to set their own allowed clock offset between client and server. Surely this means they can extend licenses indefinitely by setting the clock back on the server machine and allowing a huge offset with the client machines. Is there anything to stop this?

I saw a topic from Dec 2016 where it was mentioned some of the lexfloat.config content would be replaced with command line switches. Did this happen, and if so can you tell me which items in lexfloat.config are ignored by the server?

Hi Gary,

If clock is set back on the server machine, LexFloatServer will detect that and stop leasing licenses. This property is used to adjust the time difference between LexFloatServer and LexFloatClient (where time is incorrectly set on the client machine). For LexFloatServer’s own activation, the clock offset property is set in the license in the Cryptlex Dashboard.

Secondly, you don’t need to use this property in the config file. If you remove this property, it defaults to 60 seconds. Additionally, LexFloatServer can be named to anything, so it’s not easy to figure out this property.

Hi Adnan,

I guess removing the unwanted entries from the lexfloat.config that we ship is adequate, just to eliminate the obvious temptation. We could rename the binary, but its original name is in file properties (at least on Windows). You could then Google it and get to this page, but if you’re going to work that hard you’d probably be looking to edit the license calls out of our binaries anyway.

Gary

Useful to know though that the offset is only allowed on the clients. That really helps.

Gary