Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1822
  • Last Modified:

How do I use Multiple KMS host keys with 1 KMS host server

Hello,

I'm sure others must have encountered this.  Here's the scenario:

Single domain company with sites across Europe.  Each site has their own license agreement with Microsoft and their own specific KMS host key for Windows 7.

The desktop deployment process is managed from the UK where a KMS host is installed under the UK Microsoft Agreement.  All countries use Altiris for desktop deployment which is hosted in the UK and managed by UK staff.  

Can the UK KMS host server take account of the individual KMS licenses for each country?  I expect the answer is no.  So how is it possible to license Windows 7 using each countries individual KMS license?  Does each country have to setup their own KMS host, if so how will that work in a single domain?  

Clients use DNS to lookup the KMS host and at the moment they will be pointing to the UK host and will activate against it accordingly.  How can we ensure that each client only activates against the correct host if indeed we need disparate KMS hosts in our environment?

Thanks,

0
ishamsi
Asked:
ishamsi
  • 2
  • 2
1 Solution
 
__STCommented:
I'm not sure it is possible to have multiple KMS hosts the way you are trying to set it up...

KMS doesn't track a maximum number of license activations, but rather activates based on a minimum threshold being met.  As long as you are tracking your licenses accordingly, I don't know that it will care what country the clients are coming from.

If you need to segregate the licenses by country you would probably need separate DNS pools with a host on each network.  This could be done by setting up DNS servers without integrating them with Active Directory.
0
 
ishamsiAuthor Commented:
It doesn't matter that the KMS clients are activating from different countries, from a technical point of view it works great.  And I agree as long as we are tracking our licenses by other means then why should Microsoft care which key is being used for any given client as long as the corresponding company has a license bought for that client.  

However Microsofts view on this is a bit different I think, or rather they don't know what their view is.   I tried to figure this out between the licensing team and technical support but couldnt get a firm answer.  Something along the lines of if your parent agreement is a global one then they could possibly comprimise with regional specific agreements sharing keys to ease the technicalities of managing distribution companywide.  But nobody could tell me what our agreement is and shrugged it off to the local reseller who may be able to discuss this with Microsoft HQ in Ireland.  

I'd rather not alter the DNS landscape to allow for multiple KMS hosts.  Is it possible to not use DNS at all and simply tell each client for each country its own KMS host using

slmgr /skms kmshost.companydomain.com:1688

and have this run for each client during deployment.  Each machine would be pointing to its own KMS and if the script didnt run for whatever reason they wouldnt activate against a different KMS host in the domain because DNS did not contain the record?  

Or do you think that I should forget all this and continue with the current setup of one KMS host centrally and run license audit reports for the various regions seperately.  Regions can still purcahse their own keys against their requirements, MS have no visibility over which host has activated which client, as long as the licenses bought match number of machines for each Region.  
0
 
__STCommented:

If you're set on doing it the hard way, try this:

1) Disable publishing of KMS SRV records to DNS on all KMS host servers by adding a DWORD "DisableDnsPublishing"="1" to HKLM\Software\Microsoft\Windows NT\CurrentVersion\SL
2) Remove all _VLMCS records from DNS (foreward lookup zones\[domain]\_tcp)
3) Manually assign the KMS hosts to each client via slmgr.vbs as you noted above: cscript \windows\system32\slmgr.vbs /skms <KMS_FQDN>:<port>

You'll want to monitor the clients and hosts pretty closely to make sure they're aimed correctly.
0
 
ishamsiAuthor Commented:
That looks like it will work.  But I'd rather not do it the hard way!  

I'll carry on with a central KMS host for now and audit the licenses for the regions after the rollout.  

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now