Microsoft: KMS host and client
KMS (Key Management Server)
What is a KMS?
KMS activates the clients operating system on your network instead of each client connecting to Microsoft. To do this, KMS uses a client/server method of implementation. KMS clients connect to a KMS server, called the KMS host, for activation. The KMS host resides on your local network.
On what types of product does it work?
With Volume Licensing for products such as Windows 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008, and Microsoft Office 2010, you must use a new type of product activation called Volume Activation (VA). To activate these operating systems with VA, you can use either a Multiple Activation Key (MAK) or Key Management Service (KMS), requiring a KMS key.
How many clients is required?
You will need at least 25 clients, the network must meet or exceed the activation threshold, or the minimum number of qualifying computers that KMS requires. Computers running Windows 7 must receive an activation count ≥25 to be activated. KMS clients in the grace state that are not activated because the activation count is too low connect to the KMS host every two hours to get the current activation count and will be activated when the threshold is met.
How does the KMS host keep values alive/uptodate ?
To track the activation threshold, the KMS host keeps a record of the KMS client computers that request activation. The KMS host gives each KMS client computer a client machine identification (CMID) designation, and the KMS host saves each CMID in a table. Each activation request remains in the table for 30 days. When a client computer renews its activation, the cached CMID is removed from the table, a new record is created, and the 30-day period begins again. If a KMS client computer does not renew its activation within 30 days, the KMS host removes the corresponding CMID from the table and reduces the activation count by one.
How long is an activation valid?
KMS activations are valid for 180 days. To remain activated, KMS client computers must renew their activation by connecting to the KMS host at least once every 180 days. By default, KMS client computers attempt to renew their activation every seven days. If KMS activation fails , the client will retry every two hours. After a client computer’s activation is renewed, the activation validity interval begins again.
How does clients discover the host?
By default, KMS clients query DNS for KMS service information. The first time a KMS client queries DNS for KMS service information, it randomly chooses a KMS host from the list of SRV RRs that DNS returns.
By default, client computers connect to the KMS host for activation by using anonymous RPCs through TCP port 1688. (You can change the default port.) After establishing a TCP session with the KMS host, the client sends a single request packet. The KMS host responds with the activation count. If the count meets or exceeds the activation threshold for that operating system, the client is activated and the session is closed. The KMS client uses this same process for renewal requests. The communication each way is 250 bytes.
Setup in 5 easy steps:
1. Enter the DNS on the primary Domain Controller (or if you have a separate icensserver on the selected network. Navigate Forward Lookupzone > *Domain* > _tcp >. Edit the _VLMCS value as followed:
2. Connect to your DC/License server. Add following command with your KMS Key: slmgr.vbs /ipkxxxx.xxxx.xxxx.xxxx
You should see something like this:
Microsoft ® Windows Script Host Version 5.7
Copyright © Microsoft Corporation. All rights reserved.
Installed product key xxxxx-xxxxx-xxxxx-xxxxx-xxxxx successfully.
Copyright © Microsoft Corporation. All rights reserved.
Installed product key xxxxx-xxxxx-xxxxx-xxxxx-xxxxx successfully.
3. Type slmgr.vbs /dlv to check that KMS could activate to Microsoft, and to see status of clients who have tried to establish connection to the kms host: 
4. Make firewall rules to accespt KMS traffic. (not necessary) In Windows Firewall, click on Exceptions and allow the now listed Key Management Services, failure to do this step will mean that your KMS hosts can not talk to the KMS service and therefore will not activate.
KMS listens on port 1688, to change the port you must do as follows:
5. Test the conneciton type following in CMD:
And we are done, happy licensing !
No comments:
Post a Comment