CAL Enforcement
Most CALs are paper only and are distributed for the sole reason of representing compliance to the software license agreement. Technically, any individual or business can use the software with an unlimited number of users and buy no CALs at all - but they will be in breach of the license agreement (and the law in most jurisdictions), and large penalties will apply if they are caught.
Some CALs, however, are electronically enforced: the server will refuse to service clients if there are not enough CALs to cover them all. In order for the CALs to be used, either the CAL files must be imported into the software or the CAL licence keys must be entered in. The software will not service clients unless there are valid CALs installed, and it will authenticate and serve the number of clients licensed under the CALs. Once that number is met, the server can either accept a small number of additional connections and then warn administrators before refusing to serve further connections, however usually it will simply refuse to authenticate additional clients until one or more of them disconnects. In this way, the server electronically enforces the Client Access licensing.
At present, there are only two Microsoft products that use this form of electronic license enforcement; Windows Small Business Server 2003 and Terminal Services. Presumably, the electronic enforcement in SBS is because most small businesses that run the Small Business Server do not have dedicated IT staff to ensure compliance, whereas larger organizations usually have dedicated IT staff that monitor CAL usage and organize the acquisition of additional CALs when necessary. Windows Small Business Server 2008 does not track CAL usage.
Read more about this topic: Client Access License