How do I use Multiple KMS host keys with 1 KMS host server

Posted on 2011-02-28
Last Modified: 2012-06-27

I'm sure others must have encountered this.  Here's the scenario:

Single domain company with sites across Europe.  Each site has their own license agreement with Microsoft and their own specific KMS host key for Windows 7.

The desktop deployment process is managed from the UK where a KMS host is installed under the UK Microsoft Agreement.  All countries use Altiris for desktop deployment which is hosted in the UK and managed by UK staff.  

Can the UK KMS host server take account of the individual KMS licenses for each country?  I expect the answer is no.  So how is it possible to license Windows 7 using each countries individual KMS license?  Does each country have to setup their own KMS host, if so how will that work in a single domain?  

Clients use DNS to lookup the KMS host and at the moment they will be pointing to the UK host and will activate against it accordingly.  How can we ensure that each client only activates against the correct host if indeed we need disparate KMS hosts in our environment?


Question by:ishamsi
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2

Expert Comment

ID: 35003222
I'm not sure it is possible to have multiple KMS hosts the way you are trying to set it up...

KMS doesn't track a maximum number of license activations, but rather activates based on a minimum threshold being met.  As long as you are tracking your licenses accordingly, I don't know that it will care what country the clients are coming from.

If you need to segregate the licenses by country you would probably need separate DNS pools with a host on each network.  This could be done by setting up DNS servers without integrating them with Active Directory.

Author Comment

ID: 35005622
It doesn't matter that the KMS clients are activating from different countries, from a technical point of view it works great.  And I agree as long as we are tracking our licenses by other means then why should Microsoft care which key is being used for any given client as long as the corresponding company has a license bought for that client.  

However Microsofts view on this is a bit different I think, or rather they don't know what their view is.   I tried to figure this out between the licensing team and technical support but couldnt get a firm answer.  Something along the lines of if your parent agreement is a global one then they could possibly comprimise with regional specific agreements sharing keys to ease the technicalities of managing distribution companywide.  But nobody could tell me what our agreement is and shrugged it off to the local reseller who may be able to discuss this with Microsoft HQ in Ireland.  

I'd rather not alter the DNS landscape to allow for multiple KMS hosts.  Is it possible to not use DNS at all and simply tell each client for each country its own KMS host using

slmgr /skms

and have this run for each client during deployment.  Each machine would be pointing to its own KMS and if the script didnt run for whatever reason they wouldnt activate against a different KMS host in the domain because DNS did not contain the record?  

Or do you think that I should forget all this and continue with the current setup of one KMS host centrally and run license audit reports for the various regions seperately.  Regions can still purcahse their own keys against their requirements, MS have no visibility over which host has activated which client, as long as the licenses bought match number of machines for each Region.  

Accepted Solution

__ST earned 500 total points
ID: 35007418

If you're set on doing it the hard way, try this:

1) Disable publishing of KMS SRV records to DNS on all KMS host servers by adding a DWORD "DisableDnsPublishing"="1" to HKLM\Software\Microsoft\Windows NT\CurrentVersion\SL
2) Remove all _VLMCS records from DNS (foreward lookup zones\[domain]\_tcp)
3) Manually assign the KMS hosts to each client via slmgr.vbs as you noted above: cscript \windows\system32\slmgr.vbs /skms <KMS_FQDN>:<port>

You'll want to monitor the clients and hosts pretty closely to make sure they're aimed correctly.

Author Comment

ID: 35015938
That looks like it will work.  But I'd rather not do it the hard way!  

I'll carry on with a central KMS host for now and audit the licenses for the regions after the rollout.  


Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring Remote Assistance for use with SCCM
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question