The Citrix and Microsoft licensing interplay is the part of a Citrix estate that catches the most buyers by surprise, because the Citrix subscription you pay for does not cover the Microsoft licensing your environment also needs. Citrix licenses the delivery layer. Microsoft separately licenses the Windows operating system, the Remote Desktop Services access that session based delivery depends on, and the virtual desktop rights that VDI depends on. As of 2026 a compliant Citrix deployment requires both stacks, and the gaps almost always open on the Microsoft side, where an RDS CAL shortfall or a missing Windows virtual desktop right sits unnoticed until a Microsoft review finds it. This guide explains where the two stacks meet and how to keep both clean.
Two vendors, two stacks, one environment
A Citrix environment is built on Microsoft technology. The apps and desktops Citrix delivers run on Windows, whether that is Windows Server hosting session based desktops and published apps, or a Windows client operating system delivered as VDI. Citrix provides the brokering, delivery, and management technology that sits on top of that Windows foundation, but it does not provide the Windows licensing itself. That separation is the whole story: you are running one environment that depends on two licensing stacks from two vendors, and each vendor licenses only its own layer. The Citrix subscription is necessary but not sufficient. Without the matching Microsoft licensing, the environment is not compliant, no matter how clean the Citrix paperwork looks.
This is not a quirk of current packaging; it has always been true, and it survived the move to subscription only licensing after Citrix eliminated perpetual licensing in October 2022. What has changed is the scrutiny. With Citrix license reviews increasing as customers try to reduce spend or exit, and with Microsoft running its own review programmes, both stacks are now more likely to be examined. A buyer who has optimised the Citrix side but ignored the Microsoft dependency has closed one exposure and left another wide open. Understanding the full delivery model is the starting point, and our Citrix Virtual Apps and Desktops licensing guide covers how the Citrix layer is structured before the Microsoft layer is added underneath.
Citrix licenses the delivery. Microsoft licenses the Windows underneath it. You need both, and they are bought from different vendors.
Why session based delivery needs RDS CALs
The clearest example of the interplay is Remote Desktop Services. When Citrix delivers session based desktops or published applications, those sessions run on Windows Server acting as a remote session host. Microsoft requires a Remote Desktop Services Client Access License, an RDS CAL, for each user or device that connects to that session host. The RDS CAL is the right to use the underlying Windows Server remote session capability that Citrix is delivering on top of. Citrix does not include it, has never included it, and cannot grant it, because it is Microsoft's license to sell. So every user or device using Citrix published apps or session desktops on Windows Server generally needs both a Citrix license and a Microsoft RDS CAL.
RDS CALs come in per user and per device varieties, mirroring the kind of choice you make on the Citrix side, and the right mix depends on how your users and devices map to sessions. This is where the two stacks should be reasoned about together rather than in isolation, because the counting decisions interact. Our guide to Citrix licensing for VDI versus published apps explains how the delivery model drives the Citrix count, and the same model determines whether you are in RDS CAL territory at all. Session based published apps put you squarely there; pure client VDI takes you into different Microsoft rights instead.
The VDI side: Windows virtual desktop rights
When Citrix delivers VDI, meaning a Windows client operating system such as Windows 11 running as a virtual desktop rather than a Windows Server session, the Microsoft requirement changes. Here you are not in RDS CAL territory; you are in Windows virtual desktop access territory. Microsoft requires appropriate virtual desktop access rights for users accessing a Windows client OS virtually, commonly satisfied through Windows Enterprise licensing on a per user basis or through the historical VDA licensing route for devices that do not otherwise qualify. The principle is the same as RDS CALs: Citrix delivers the desktop, but the right to run the Windows client OS virtually is a Microsoft license that Citrix does not provide.
The trap on the VDI side is subtle, because organisations often already license Windows for their physical estate and assume that coverage extends to virtual access. Whether it does depends on the specific Microsoft licensing they hold and how it treats virtualisation, which is exactly the kind of detail that varies and needs checking against current Microsoft terms rather than assumed. A device accessing a virtual Windows desktop may be covered by existing per user Windows Enterprise licensing, or it may need additional virtual desktop access rights, and the difference is a compliance gap. Because this interacts with where the desktops run, our guide to Citrix on Azure licensing requirements is relevant whenever the VDI sits in the cloud, where Microsoft's cloud specific rights add another layer.
Where the compliance gaps open
The gaps in the Citrix and Microsoft interplay are predictable, and they almost always sit on the Microsoft side. The most common is the assumption that the Citrix subscription covers the Windows and RDS layer, leaving the estate short on RDS CALs because nobody bought them in proportion to the Citrix users. A close second is the VDI estate that grew without the matching Windows virtual desktop rights, because the Windows licensing was scoped for physical machines and never revisited when virtual access expanded. A third is counting mismatch: RDS CALs bought per device when the usage pattern favoured per user, or the reverse, leaving the organisation technically uncovered for some access even though the total number purchased looks adequate.
What makes these gaps dangerous is that Citrix and Microsoft audit separately. A clean Citrix license position offers no protection in a Microsoft review, and the two vendors look at the same environment through different lenses. An organisation can pass a Citrix audit and fail a Microsoft one on the same estate, because the RDS CAL or virtual desktop shortfall was never a Citrix issue to begin with. This is why audit readiness has to span both stacks, and the discipline is the same one covered in our guide to Citrix license compliance self checks: count your real users and devices, then verify that both the Citrix and the Microsoft entitlements cover them.
How to keep both stacks compliant
Keeping the interplay clean is a mapping exercise run across both vendors at once. Start from a single source of truth: the real population of users and devices accessing Citrix, broken down by delivery model. For each group, identify what they consume on the Citrix side and what that implies on the Microsoft side. Session based published apps and desktops on Windows Server imply RDS CALs and Windows Server licensing. VDI of a Windows client OS implies Windows virtual desktop access rights. Then reconcile those implied requirements against what you actually own on each side. The gaps that surface are your remediation list, and closing them before either vendor reviews you is far cheaper than settling a shortfall after the fact.
The strategic point is that the two stacks are levers on the same cost and the same risk, so they should be optimised together. A delivery model decision that lowers the Citrix bill may raise the Microsoft bill, or vice versa, and only a combined view shows the true total. As of 2026, with Citrix renewals arriving at widely reported increases of 50% to 200% and Microsoft licensing under its own pressure, the organisations that control cost are the ones reasoning across both vendors rather than treating them as separate problems. For the full cost picture, see our guide to Citrix TCO analysis, and for how this fits the wider estate, the Citrix licensing fundamentals pillar.
Frequently asked questions
What is the Citrix and Microsoft licensing interplay?
The Citrix and Microsoft licensing interplay is the fact that a Citrix deployment relies on underlying Microsoft licensing that Citrix does not provide. Citrix licenses the delivery layer, but the Windows operating system, Remote Desktop Services access, and in some cases Windows virtual desktop access are licensed separately by Microsoft. As of 2026 a compliant Citrix estate needs both stacks in place, and gaps usually appear on the Microsoft side because buyers assume the Citrix license covers everything.
Does Citrix include Microsoft RDS CALs?
No. Citrix does not include Microsoft Remote Desktop Services Client Access Licenses. When users access session based desktops or published apps running on Windows Server, each user or device generally needs an RDS CAL from Microsoft in addition to the Citrix license. The Citrix entitlement covers the Citrix delivery technology; the RDS CAL covers the right to use the underlying Windows Server remote session host. Both are required and they are bought from different vendors.
What Microsoft licenses does a Citrix environment need?
It depends on the delivery model. Session based delivery on Windows Server typically needs Windows Server licensing plus RDS CALs per user or device. VDI delivery of a Windows client operating system needs the appropriate Windows virtual desktop access rights, often through Windows Enterprise per user or VDA licensing. There may also be CALs for other Microsoft server roles. The Citrix license sits on top of all of this and does not replace any of it.
Where do Citrix buyers get caught on Microsoft licensing?
The common gap is assuming the Citrix subscription covers the Windows and RDS layer, then being short on RDS CALs or Windows virtual desktop rights when a Microsoft review looks at the environment. Because Citrix and Microsoft audit separately, a clean Citrix position does not protect you on the Microsoft side. Mapping both stacks against your real user and device counts is the only way to close the gap before either vendor finds it.