After a full 5 minutes of thought on this, here's my $.02 on implementing.
1. A table with one row, one column with the number of licenses encrypted. Client application has decryption key and checks it upon startup to ensure max has not been exceeded. Encryption prevents customer with admin privilege from bumping the number.
2. Second table which stores current active login id's. Client App checks periodically to ensure current login still exists in table.
3. Mechanism to create encrypted values based on unique customer id. Customer can key in value via phone call, or DTS package can load file to update the user count.
4. Utility tool to refresh user count and current logins table in case client computers barf and don't clean up after themselves.
Just an idea, probably needs fleshing out.
Regards,
Tim