Go Premium for a chance to win a PS4. Enter to Win


How do I use Multiple KMS host keys with 1 KMS host server

Posted on 2011-02-28
Medium Priority
Last Modified: 2012-06-27

I'm sure others must have encountered this.  Here's the scenario:

Single domain company with sites across Europe.  Each site has their own license agreement with Microsoft and their own specific KMS host key for Windows 7.

The desktop deployment process is managed from the UK where a KMS host is installed under the UK Microsoft Agreement.  All countries use Altiris for desktop deployment which is hosted in the UK and managed by UK staff.  

Can the UK KMS host server take account of the individual KMS licenses for each country?  I expect the answer is no.  So how is it possible to license Windows 7 using each countries individual KMS license?  Does each country have to setup their own KMS host, if so how will that work in a single domain?  

Clients use DNS to lookup the KMS host and at the moment they will be pointing to the UK host and will activate against it accordingly.  How can we ensure that each client only activates against the correct host if indeed we need disparate KMS hosts in our environment?


Question by:ishamsi
  • 2
  • 2

Expert Comment

ID: 35003222
I'm not sure it is possible to have multiple KMS hosts the way you are trying to set it up...

KMS doesn't track a maximum number of license activations, but rather activates based on a minimum threshold being met.  As long as you are tracking your licenses accordingly, I don't know that it will care what country the clients are coming from.

If you need to segregate the licenses by country you would probably need separate DNS pools with a host on each network.  This could be done by setting up DNS servers without integrating them with Active Directory.

Author Comment

ID: 35005622
It doesn't matter that the KMS clients are activating from different countries, from a technical point of view it works great.  And I agree as long as we are tracking our licenses by other means then why should Microsoft care which key is being used for any given client as long as the corresponding company has a license bought for that client.  

However Microsofts view on this is a bit different I think, or rather they don't know what their view is.   I tried to figure this out between the licensing team and technical support but couldnt get a firm answer.  Something along the lines of if your parent agreement is a global one then they could possibly comprimise with regional specific agreements sharing keys to ease the technicalities of managing distribution companywide.  But nobody could tell me what our agreement is and shrugged it off to the local reseller who may be able to discuss this with Microsoft HQ in Ireland.  

I'd rather not alter the DNS landscape to allow for multiple KMS hosts.  Is it possible to not use DNS at all and simply tell each client for each country its own KMS host using

slmgr /skms kmshost.companydomain.com:1688

and have this run for each client during deployment.  Each machine would be pointing to its own KMS and if the script didnt run for whatever reason they wouldnt activate against a different KMS host in the domain because DNS did not contain the record?  

Or do you think that I should forget all this and continue with the current setup of one KMS host centrally and run license audit reports for the various regions seperately.  Regions can still purcahse their own keys against their requirements, MS have no visibility over which host has activated which client, as long as the licenses bought match number of machines for each Region.  

Accepted Solution

__ST earned 2000 total points
ID: 35007418

If you're set on doing it the hard way, try this:

1) Disable publishing of KMS SRV records to DNS on all KMS host servers by adding a DWORD "DisableDnsPublishing"="1" to HKLM\Software\Microsoft\Windows NT\CurrentVersion\SL
2) Remove all _VLMCS records from DNS (foreward lookup zones\[domain]\_tcp)
3) Manually assign the KMS hosts to each client via slmgr.vbs as you noted above: cscript \windows\system32\slmgr.vbs /skms <KMS_FQDN>:<port>

You'll want to monitor the clients and hosts pretty closely to make sure they're aimed correctly.

Author Comment

ID: 35015938
That looks like it will work.  But I'd rather not do it the hard way!  

I'll carry on with a central KMS host for now and audit the licenses for the regions after the rollout.  


Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
The article covers five tools all IT professionals should know about, as they up productivity by a great deal!
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question