• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 774
  • Last Modified:

KMS Server limited to an OU

Hello,

We're using a big domain with many OU inside. Till now, I was the only one using KMS to activate my Windows and Office.

But now, there is another OU which want to do the same.
I don't want them to use my KMS because of licence key (we have separate contrat from microsoft).
So my question, is it possible to limit a KMS to an OU ?
Or should I publis multiple KMS and limit "view" by restriciting access-list on my firewall ?

Any suggestions will be appreciate.
Thx in advance.
0
Sybux
Asked:
Sybux
1 Solution
 
Ernie BeekExpertCommented:
I think the latter would be the way to go. KMS doesn't really integrate into AD (only uses DNS which technically is a part of AD).
So you can't limit it to an OU but need to address this on a network level.
0
 
barrymercerCommented:
Have a look at this:
http://technet.microsoft.com/en-us/library/ff793431
and this
http://technet.microsoft.com/en-us/library/ff793418#EWAA

though yes you can just add them both then limit the ports on the firewall. It picks them at random until it finds one that works. http://technet.microsoft.com/en-us/library/ff793434.aspx see "client discovery" section
0
 
TI2HeavenCommented:
KMS does not require Domain authentication so there is no way to select witch clients have access to licensing keys. Blocking that traffic is one way but I would explore how to set KMS to only give licensing keys to selected subnets.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now