Home · Blog · Audit Triggers and LMS

What LMS Can and Cannot Demand

License Management Services has genuine rights in a Java review, but they are not unlimited. Knowing the line between what LMS can demand and what it cannot is how a buyer keeps the review proportionate.

Get a Quote Book a Strategy Call

When License Management Services opens a Java review, the requests can arrive with an air of total authority, as if you must produce whatever Oracle asks for in whatever form Oracle prefers. You should take the review seriously, but you should also know that LMS works inside the audit clause in your Oracle agreement, not above it. The line between what LMS can demand and what it cannot is where a disciplined buyer keeps control. For the licensing background, keep the Oracle Java licensing guide for 2026 open as a reference.

What LMS can reasonably demand

Within the scope of your contract, LMS can ask you to verify your use of Oracle Java. That generally includes providing records relevant to your deployment, confirming the employee population that the Universal Subscription counts, and answering reasonable questions about where and how Oracle Java runs. The metric counts every full time and part time employee, every contractor, and every temporary worker regardless of who uses Java, so LMS will want a defensible headcount. A 2026 review typically looks back three years across your deployment history. These are legitimate requests when they are specific and relevant.

The principle. LMS can verify your use of the licensed programs. It cannot turn a verification into open ended access to your whole environment.

What LMS cannot demand

LMS cannot reach beyond the scope of the contract. It generally cannot compel direct administrative access to your systems, install its own discovery tooling without your agreement, demand data unrelated to Oracle Java, or require you to count populations the contract does not cover. It cannot set a lookback longer than the agreement allows, and it cannot turn a soft conversation into a binding admission. When a request exceeds the licensed programs, you are entitled to ask why it is relevant and to keep the review inside the four corners of the contract. Understanding how LMS builds its position is covered in how Oracle LMS selects audit targets.

The boundary in practice

Indicative view of LMS requests, for illustration only
RequestInside scopeBuyer response
Records of Oracle Java useUsually yesProvide, after validating them yourself
Defensible employee countUsually yesConfirm the right population, not an inflated one
Direct system accessUsually noOffer reviewed records instead
Third party or non Java dataNoDecline as outside scope
Lookback beyond the contractNoHold to the agreed period

Why validation comes before disclosure

Even when a request is legitimate, you should validate the data before you hand it over. The single biggest driver of an inflated claim is an inflated employee number, often because the count swept in populations that should not sit in scope or double counted across entities. Confirm your real footprint and your real counted population first, then disclose. Producing raw, unchecked data lets LMS build the largest defensible claim rather than the accurate one.

Keeping the review proportionate

Route every LMS request through one owner, log what is asked and what is produced, and answer in writing so the scope stays clear. When a request strays outside the licensed programs, say so politely and ask for the contractual basis. This is not obstruction. It is holding Oracle to its own agreement, and it is the difference between a bounded verification and an open ended fishing expedition. To see how the soft approach tries to bypass these protections, read the soft audit versus the formal audit.

How a buyer side advisor helps

Reading these signals correctly and acting before Oracle sets the terms is where an independent buyer side advisor earns its place. We sit between you and Oracle, and we never take vendor money, so the advice points one way only. We know how Oracle builds a Java claim, where the contract traps sit, and how to turn a clean estate into a smaller defended residual. We work two ways, both built so the risk sits with us. A Fixed Fee starts from $18,000, agreed up front. Or choose Gainshare, a share of verified savings or avoided exposure, with zero retainer and no risk to you. We have defended more than $120M in Java exposure and over 300 Java audits, with more than 20 years of combined experience and an average reduction of 68 percent versus Oracle's opening number.

Where to go next

LMS has real rights, and real limits. Know both, validate your data before you disclose it, and keep every request inside the contract. If a review is open or you expect one, tell us the real numbers and we will help you hold the line. Get a Quote and we will scope the defense to your situation.

Get a Quote.

Tell us the real numbers. Fixed Fee from $18,000, or Gainshare, a share of verified savings or avoided exposure, with zero retainer and no risk to you.

Get a Quote

Tell us the real numbers.

Fixed Fee or Gainshare, both built so the risk sits with us, not with you. We sit between you and Oracle and we never take vendor money.

Get a Quote

The Java Audit Brief

Weekly intelligence on Oracle Java licensing moves and the buyer side defenses that work.

Services · Pricing · Case Studies · White Papers · The Java Audit Brief · Licensing Guide
Get a Quote · Book a Strategy Call · New York · London Not affiliated with Oracle Corporation. Independent buyer side advisory only.