Tuesday, August 9, 2011

Understand and Installing KMS Server

There are 2 different types of keys with todays Office and Windows products, KMS and MAK. These are used to manage Windows Server 2008 and 2008 R2, Windows Vista and 7, and Office 2010.

MAK - Multiple Activation Key - Activate one-time basis against MS hosted activation services (across internet)
KMS - Key Management Service - Activate systems within internal network

KMS and MAK can be mixed in an environment based on client needs.

Frequently Asked Questions About Volume License Keys

Why use KMS?
1. MAK has usage limits, this is important in corporate environments especially with virtual desktop environments. Improperly utilizing MAK keys can lead to all of the activations being consumed (see FAQ site linked above).
2. Easier to manage new deployments with KMS. Set it and forget it

Why use MAK?
1. Mobile workstations that will not have visibility to KMS host within timeframe required for activation limits (180 days).
2. Very small deployments of less than 25 workstations, or less than 5 servers (running described OS). See below for KMS Host activation thresholds. Note: if in a vdi environment then review support for MAK deployment by the software vendor (ie Citrix XenDesktop supports MAK for Windows 7 with PVS, but does not support MAK for Office 2010 at time of this writing).

What is a CMID?
The CMID is how KMS identifies unique machines. This is important in environments that utilize virtualization such as XenApp and XenDesktop (or other virtual technologies).

KMS Host activation thresholds:
The activation threshold how many end clients have to request a license from the host before the host will activate and start handing out valid licenses. This is different by product:
Windows OS - Either 5 Server client requests or 25 Workstation client requests
Office 2010 - 5 client requests
Once the proper number of clients have requested activation then the Host will begin handing out licenses.

The KMS Host will also cache twice the number of clients to ensure that the count does not drop below the required count to remain activated.

This is important to note for a few reasons:
1. If your planning redundancy of kms hosts then the number of clients is somewhere over double the minimum number of clients needed for activation. This is due to having to meet the threshold on two hosts and the fact that each has a activation threshold cache.
2. Application virtualization and vdi/workstation virtualization technologies may actually only count as 1 client since they will all have the same CMID.

I will not be focusing on installing / configuring redundant KMS hosts. It should be noted that you can configure the weight / priority of hosts in this type of environment.

Client Discovery:
Client discovery by default is done through dns via a srv record through tcp port 1688. Note that Windows 7 firewall by default blocks so it needs enabled.

Understanding KMS

Installation of KMS Host is as easy as plugging in the KMS license key for the Windows OS or installing the service for Office.

Note: extra steps may be needed for depending on which OS flavor it would be hosted on. Extra patches may be needed for 2003 and 2008 hosts.

Windows OS Host setup
1. Pull your KMS license key out of your Volume license site. This key should ONLY be used on servers you intend to be hosts.
2. Open Control Panel\System and Security\System
3. Change product key
4. Enter your KMS product key
5. Click Yes to the prompt warning you that you are using a KMS key that will setup activation services

Note that a Windows Server 2008 R2 can activate both servers and clients.

Office 2010 Host setup
1. Go to your volume license downloads
2. Download the "Office 2010 Key Management Service Host". Note that if you have different versions you may see one for Professional, Standard, etc. Either one will do (don't need both). This doesn't include the actual keys
3. Get the Office suites KMS key from the license agreement page
4. Run the installer and accept the EULA.
5. When it asks for the host product key enter the KMS key

Fresh installations of the OS or Office by default are set to search out a KMS host and activate (via the DNS srv record).

Viewing KMS info
In order to see information about the KMS Host you can use the slmgr.vbs script. This is done from a command prompt at C:/Windows/System32

To display Windows license information use cscript slmgr.vbs /dlv
This does not display information regarding Office licensing

In addition you can use /dlv all to display information on all licenses (ie Windows and Office)

If you only want to see office KMS licensing information you can add the activation id of the product. Thus it would look like this:
cscript slmgr.vbs /dlv bfe7a195-4f8f-4f0b-a622-cf13c7d16864

DNS Srv Record
If we look in DNS we'll find a new srv record for each KMS Host.
You'll find the records under the Forward Lookup Zones - your domain - _tcp
The records will be named _VLMCS

No comments:

Post a Comment