The Single Source of Truth is the most dangerous lie in modern systems administration. We are taught to worship it. We are told that if we can just unify our data-if we can pull every scattered spreadsheet and every local admin’s “sticky note” into one glorious, centralized master database-we will finally achieve operational harmony.
This is a fallacy. In reality, the more a record is removed from the machine it describes, the more likely it is to become a piece of fiction. Centralization does not create accuracy; it creates distance. And distance is where data goes to die.
The Inventory Mirage
Consider the case of a lead systems engineer named Marcus. Marcus worked for a regional logistics firm with 840 employees. The company decided to modernize their infrastructure management.
The scale of Marcus’s infrastructure before the “Master Licensing Inventory” project.
They spent building a “Master Licensing Inventory.” This was designed to be the definitive record for every Microsoft Windows Server instance and every Remote Desktop Services (RDS) Client Access License (CAL) the company owned. The goal was simple. If the database said a server had 50 User CALs assigned to it, then that was the reality. Local records were banned. Personal logs were deleted.
When the Map Fails the Territory
The trouble began during a routine migration to Windows Server 2022. Marcus was tasked with decommissioning an older 2016 cluster. According to the master inventory, that cluster was holding a surplus of 200 RDS CALs that could be reassigned.
Marcus trusted the inventory. He provisioned the new environment based on those numbers. He shut down the old servers. Within twenty minutes, the help desk lines were lit up like a Christmas tree. Users across three time zones were being kicked out of their sessions. They were receiving “No licenses available” errors.
“The help desk lines were lit up like a Christmas tree… Users across three time zones were being kicked out.”
– Narrative Record
Marcus went back to the master inventory. It insisted the licenses were there. He then did what he should have done first: he logged directly into the actual license server. The license server told a different story. It was empty.
The 200 CALs the master database claimed were available had actually been consumed by a different department’s shadow-IT project prior. The admin who ran that project never updated the central database because the process required a 12-page digital form and three levels of approval. Instead, he just pointed his servers at the license pool and went back to work.
The Master Variable Illusion
I spent a decade as a video game difficulty balancer. In that world, we deal with “master variables.” You change one number at the top of a spreadsheet-say, the damage output of a standard sword-and it cascades down into thousands of lines of code.
I used to believe that this top-down control was the only way to maintain order. I was wrong. I was profoundly, embarrassingly wrong. I thought that if the master variable said the game was balanced, then the game was balanced. I ignored the fact that local interactions between specific items and specific enemy types often created “broken” experiences that the master variable couldn’t see. I trusted the spreadsheet over the playtest.
I learned this lesson most painfully when I recently deleted three years of personal photos. I trusted a centralized cloud sync service. The “master record” in the cloud told me that every file was accounted for. It showed me the thumbnails. It gave me the green checkmarks.
I believed the central source. I formatted my local hard drives. It turned out the master record was merely a list of filenames pointing to empty space. The sync had failed months ago, but the database hadn’t noticed. It kept reporting success because reporting failure would have required a level of local verification the system wasn’t designed to perform.
The Cost of Authority
In the world of IT infrastructure, we see this exact phenomenon with licensing. We want a clean, audited list of everything we own. But the act of centralizing that list often removes the incentive for the people on the ground to keep it updated.
If a sysadmin has to jump through hoops to tell the master database that they just moved 10 CALs to a new RDS Gateway, they will eventually stop doing it. They will keep their own private notes. Or, worse, they will keep no notes at all, trusting their memory while the master database slowly rots into a state of authoritative fiction.
The administrative overhead of maintaining a “perfect” record often exceeds the value of the record itself. When the effort to report an action is greater than the effort to perform the action, the reporting will always fail.
This is why distributed record-keeping often stays more accurate. When an admin manages their own server, they have a vested interest in knowing exactly what is running on it. Their daily peace of mind depends on it. When that knowledge is forcibly extracted and moved to a central database, that admin loses their sense of ownership. The data becomes “the company’s problem” rather than “their reality.”
We need to return to a model where the inventory is grounded in the actual purchase and the actual deployment, rather than a middle-man database that tries to simulate both. For instance, when you buy from a reliable source like the
you receive clear, per-purchase records.
These aren’t just entries in a database; they are tangible licenses that reflect the real state of your server environment. Using these direct records as the basis for your inventory-rather than a secondary database that requires manual upkeep-reduces the “drift” that led to Marcus’s disaster.
The Nuance of Permission
The technical reality of RDS CALs makes this drift particularly dangerous. Licensing is not a static asset. It is a living permission. You have User CALs that follow people and Device CALs that follow hardware.
User CALs
Bound to the individual identity. Follows the human across devices.
Device CALs
Bound to the hardware. Multiple users on one terminal.
You have versioning issues where a 2022 CAL can cover a 2019 server, but a 2019 CAL cannot cover a 2022 server. A central database usually struggles to capture these nuances over time. It might record “500 licenses,” but it fails to note that 150 of them are the wrong version for the new cluster you just stood up.
The Unauthorized Artifact
When Marcus looked at his deprecated local notes-the ones he was supposed to have deleted-he found the truth. He had scribbled down the actual license keys and the dates they were activated. His “unauthorized” notebook was more accurate than the $50,000 enterprise asset management system the company had installed.
The notebook was accurate because it was close to the work. It was an artifact of his own labor. There is a psychological component to this as well. We tend to believe that once something is digital and “centralized,” it is permanent. We treat databases like stone tablets.
Databases are more like gardens; they require constant weeding.
If you aren’t out there every day, the garden will quickly return to the wild.
I once believed that visibility was the same as control. It isn’t. Visibility into a hallucination is just a shared delusion. If your master inventory says you are compliant, but your servers are throwing 1111 errors, the inventory is a lie.
You cannot manage a server from a spreadsheet. You manage a server by looking at the server. The solution is not to abandon records entirely, but to change our relationship with them.
We should treat central databases as “suggestive” rather than “authoritative.” The authority should always rest with the machine itself. An inventory should be a collection of verifiable facts-like purchase orders and actual license server exports-rather than a manually updated ledger that depends on human memory.
Three Rules for Accurate Infrastructure
Never trust a number you didn’t personally verify
If the database says you have 100 surplus CALs, assume you have zero until you log into the license server and count them .
Make reporting easier than the changes
If an admin can’t update the inventory in , they won’t do it accurately. Speed is the only thing that combats drift.
Maintain a direct link to the point of origin
Keep your purchase records from vendors like
accessible to technical staff. It is the only tiebreaker that matters in an audit.
We have a tendency to overcomplicate things in the name of “enterprise-grade” management. We build massive systems to solve problems that could be handled by simple, direct observation. We value the “source of truth” more than the truth itself.
In my time balancing games, I eventually learned to stop looking at the master variables and start playing the game. I had to feel the difficulty for myself. I had to see how the numbers actually behaved when they were in the hands of a player.
The same is true for server infrastructure. You can have the most beautiful, centralized SQL database in the world, but if it doesn’t match the blinky lights in the server room, it’s just a very expensive poem.
Marcus eventually fixed his environment. He didn’t do it by updating the master database. He did it by going back to the beginning. He found the original invoices, identified the licenses that hadn’t been activated yet, and manually entered them into the new 2022 cluster. He stopped trusting the “Source of Truth” and started trusting the evidence of his own eyes.
We should all be a little more like Marcus. We should be skeptical of any system that claims to know our servers better than we do. We should hold onto our “sticky notes” and our local logs. They are the only things standing between us and a total disconnect from reality.
The database is a tool, but the server is the truth. Never mistake the tool for the reality it is supposed to measure.