Windows Vista Activation Options

from Microsoft
Windows Vista utilizes two new Volume Activation (VA 2.0) options :

- Multiple Activation Key (MAK)
- Key Management Services (KMS)

MAK Activation
MAKs are installed on each volume-licensed computer that will activate once with Microsoft over the Internet or telephone. A MAK can be installed on individual computers or can be included in an image that can be bulk-duplicated or provided for download using Windows Deployment Services (WDS). MAKs are recommended for computers that are rarely or never able to connect to the organization’s network. A MAK can be installed on a computer that was set up to use KMS activation, whose activation is at risk of expiring, or that has actually reached the end of its grace period. The 30-day grace period cannot be extended and therefore, you must activate MAK immediately. As a computer nears the end of its activation grace period, pop-up activation notifications are presented to users with increasing frequency, unless pop-up notifications are disabled on the computers.

KMS Activation
Key Management Service (KMS) enables organizations to perform local activations for computers in a managed environment, without the need to connect to Microsoft individually. You can enable KMS functionality on any Windows Vista or Windows Server “Longhorn” computer by installing the KMS key and then activating the computer against Microsoft once, either over the Internet or over the telephone. After initializing KMS, the KMS activation infrastructure is self-maintaining. The KMS service does not require dedicated computers to run it, and can be easily co-hosted with other services. A single KMS host can support hundreds of thousands of KMS clients. Windows Server 2003 KMS service for Volume Activation 2.0 is currently under development with expected availability in 2007. In case of significant changes to the hardware on the KMS host, reactivation is a must.
By default, Windows Vista Business and Windows Vista Enterprise Edition are designed to activate using KMS, without the need for user interaction. Client computers locate the KMS host dynamically using the SRV records found in the DNS or connection information specified in the registry. The client computers use information obtained from the KMS host to self-activate. A KMS host must have at least 25 physical Windows Vista client computers connected to it before any one of them can activate. This is referred to as n value or n-count.
Clients that are not activated attempt to connect with the KMS host every two hours (value configurable). Clients must renew their activation by connecting to the KMS host at least once every 180 days to stay activated. Once activated, the client computers attempt to renew their activation every seven days (by default). After each successful connection, the expiration is extended out to the full 180 days.
When a client computer activates against a KMS host, its client machine ID (CMID) is added to a protected table. On successful renewals, the corresponding cached CMID and date stamp are removed from the table. If the client computer does not renew its activation within 30 days, the corresponding CMID is removed from the table and the count is reduced by one.
Client computers connect to KMS host for activation information using anonymous RPC over TCP using default port 1688. The firewall and the router network may need to be configured to pass communications for the TCP port that will be used. The client computer establishes a TCP session with the KMS host and then sends a single request packet. The KMS host then responds and the session is closed. The same type of request-response is used for activation requests as well as renewal requests. Both requests and responses are logged by the client in the global application event log (Microsoft Windows Security Licensing SLC events 12288 and 12289, respectively). KMS host logs the requests that it receives from all client computers (Microsoft-Windows-Security-Licensing-SLC event 12290). Note that this KMS event is located in the Applications and Services Logs\Key Management Service event log.

No comments:

Recent Posts