diff --git a/changelog/19891.txt b/changelog/19891.txt
new file mode 100644
index 000000000000..b030151e858b
--- /dev/null
+++ b/changelog/19891.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+core (enterprise): add configuration for license reporting 
+```
\ No newline at end of file
diff --git a/command/server/config_test_helpers.go b/command/server/config_test_helpers.go
index f0327f2e61ec..c171fdbe698b 100644
--- a/command/server/config_test_helpers.go
+++ b/command/server/config_test_helpers.go
@@ -1100,6 +1100,7 @@ func testParseSeals(t *testing.T) {
 			},
 		},
 	}
+	addExpectedDefaultEntConfig(expected)
 	config.Prune()
 	require.Equal(t, config, expected)
 }
diff --git a/command/server/config_test_helpers_util.go b/command/server/config_test_helpers_util.go
index ff72cd6dbc5a..7f8c02e1c6a0 100644
--- a/command/server/config_test_helpers_util.go
+++ b/command/server/config_test_helpers_util.go
@@ -6,4 +6,5 @@
 package server
 
 func addExpectedEntConfig(c *Config, sentinelModules []string)                         {}
+func addExpectedDefaultEntConfig(c *Config)                                            {}
 func addExpectedEntSanitizedConfig(c map[string]interface{}, sentinelModules []string) {}
diff --git a/vault/activity_log.go b/vault/activity_log.go
index 432cccc3bd95..00e685b9e524 100644
--- a/vault/activity_log.go
+++ b/vault/activity_log.go
@@ -196,6 +196,9 @@ type ActivityLogCoreConfig struct {
 
 	// CensusReportInterval is the testing configuration for time
 	CensusReportInterval time.Duration
+
+	// MinimumRetentionMonths defines the minimum value for retention
+	MinimumRetentionMonths int
 }
 
 // NewActivityLog creates an activity log.
@@ -956,6 +959,10 @@ func (a *ActivityLog) SetConfigInit(config activityConfig) {
 	a.defaultReportMonths = config.DefaultReportMonths
 	a.retentionMonths = config.RetentionMonths
 
+	if a.retentionMonths < a.configOverrides.MinimumRetentionMonths {
+		a.retentionMonths = a.configOverrides.MinimumRetentionMonths
+	}
+
 	if a.configOverrides.CensusReportInterval > 0 {
 		a.CensusReportInterval = a.configOverrides.CensusReportInterval
 	}
@@ -1013,6 +1020,9 @@ func (a *ActivityLog) SetConfig(ctx context.Context, config activityConfig) {
 
 	a.defaultReportMonths = config.DefaultReportMonths
 	a.retentionMonths = config.RetentionMonths
+	if a.retentionMonths < a.configOverrides.MinimumRetentionMonths {
+		a.retentionMonths = a.configOverrides.MinimumRetentionMonths
+	}
 
 	// check for segments out of retention period, if it has changed
 	go a.retentionWorker(ctx, time.Now(), a.retentionMonths)
diff --git a/vault/core.go b/vault/core.go
index a2e0c90c740d..8f2503a16046 100644
--- a/vault/core.go
+++ b/vault/core.go
@@ -644,6 +644,9 @@ type Core struct {
 	// censusAgent is the mechanism used for reporting Vault's billing data.
 	censusAgent *CensusAgent
 
+	// censusLicensingEnabled records whether Vault is exporting census metrics
+	censusLicensingEnabled bool
+
 	// activeTime is set on active nodes indicating the time at which this node
 	// became active.
 	activeTime time.Time
diff --git a/vault/logical_system_activity.go b/vault/logical_system_activity.go
index 40ded23640bd..8278247b0e85 100644
--- a/vault/logical_system_activity.go
+++ b/vault/logical_system_activity.go
@@ -325,6 +325,11 @@ func (b *SystemBackend) handleActivityConfigUpdate(ctx context.Context, req *log
 			if config.Enabled == "enable" && enabledStr == "disable" ||
 				!activityLogEnabledDefault && config.Enabled == "enable" && enabledStr == "default" ||
 				activityLogEnabledDefault && config.Enabled == "default" && enabledStr == "disable" {
+
+				// if census is enabled, the activity log cannot be disabled
+				if a.core.censusLicensingEnabled {
+					return logical.ErrorResponse("cannot disable the activity log while Reporting is enabled"), logical.ErrInvalidRequest
+				}
 				warnings = append(warnings, "the current monthly segment will be deleted because the activity log was disabled")
 			}
 
diff --git a/vault/testing.go b/vault/testing.go
index cd295058ca04..17d25ef8feda 100644
--- a/vault/testing.go
+++ b/vault/testing.go
@@ -239,6 +239,7 @@ func TestCoreWithSealAndUINoCleanup(t testing.T, opts *CoreConfig) *Core {
 	}
 
 	conf.ActivityLogConfig = opts.ActivityLogConfig
+	testApplyEntBaseConfig(conf, opts)
 
 	c, err := NewCore(conf)
 	if err != nil {