The Event Viewer message gives you the total number of certificates in the database, divided by the "license multiplier" contained within your license file. The result is displayed as "the user count" and is an accurate total based on all of the certificates active within the system.

The User Count Report within the Certificate Operations Workbench displays the number of unique Distinguished names (DNs) per CA. The intended usage of this tool is to count each CA individually, and not ALL of the CAs. It was not intended to be a "total system check" because the tool assumes that each DN is a unique user. So duplicate DNs are only counted as a single user. This works for a typical user-created jurisdiction, but the System CA it is different. Because this CA issues certificates for the local internal SSL connections, all which have the same DN, the "user count" will not be a precise indicator of total system usage.

This is why you will see different results between the system log (or event viewer) and the GUI reporting tool.

When judging your license usage the Event Viewer (or Syslog) message is the precise value used internally to check license usage.

For a count of per-Jurisdiction or per-CA users, the GUI Reporting Tool is an excellent indicator.

For more information in installation and administration see:

RSA Certificate Manager 6.7 Readme

https://knowledge.rsasecurity.com/docs/rsa_keon/rcm67/cm/RSACertificateManager67Readme.pdf

RSA Certificate Manager 6.7 Installation Guide

https://knowledge.rsasecurity.com/docs/rsa_keon/rcm67/cm/RSACMInstallationGuide.pdf

RSA Certificate Manager 6.7 Administrator?s Guide

https://knowledge.rsasecurity.com/docs/rsa_keon/rcm67/cm/RSACMAdministratorsGuide.pdf