KMS mechanism and Establishment

KMS is the key management service, which is used for batch activation within an enterprise. There is also an activation method called Mak, which is usually activated through the Internet or by phone. The specific differences are many in Baidu.

The following is a schematic diagram,

650) This. width = 650; "src =" http://attach.52pojie.cn/forum/201311/16/193323puco52pkdtxutb72.jpg "alt =" 193323puco52pkdtxutb72.jpg "/>

The following figure shows the detailed construction process and corresponding working mechanism.

1. Install the Windows kms host key on the kms host.

   Slmgr. vbs-IPK AAAAA-BBBBB-CCCCC-DDDDD-EEEEE/* import kms-key */

   Slmgr. vbs-ATO/* activate the key entered above */

2. Activate a kms host over the Internet or by phone

3. When kms is started, SRV record service resource records are added to DNS.

4. Each time the kms client queries the DNS kms service information, a kms host is randomly selected from the service resource record list provided by the DNS. If the selected kms host does not respond, the kms client computer will delete this kms host record from its SRV record list and randomly select a new kms host from the list. (Windows client may not perform this step. Not all clients are kms clients, by default, if you do not enter the serial number when installing the system, the default value is vol key'. You have to ask me what is vol key, which is free and public, the Input key is the vol key, which is the kms client, and the above step 4th is executed '. Run the following script to solve this problem: cd % SystemRoot % \ system32 \

   Cscript.exe slmgr. vbs-ipk xxxx-xxxx/* XXXX indicates vol key */

   Cscript.exe slmgr. vbs-skms kms-server-IP/* does not need to be executed. You can also add this step to specify the kms server. kms-server-IP is the IP address of the kms server */

   Cscript.exe slmgr. vbs-ATO/* execute activation process */below are some vol key Windows 7 Professional-FJ82H-XT6CR-J8D7P-XQJJ2-GPDD4

   Windows 7 Professional MRPKT-YTG23-K7D7T-X2JMM-QY7MG

   Windows 7 Enterprise-33pxh-7y6kf-2vjc9-xbbr8-hvthh

   Windows 7 Enterprise N-YDRBP-3D83W-TY26F-D46B2-XCKRJ

   Windows 7 enterprise e-C29WB-22CC8-VJ326-GHFJW-H9DH4

   Windows Server 2008 R2 HPC edition-FKJQ8-TMCVP-FRMR7-4WR42-3JCD7

   Windows Server 2008 r2 datacenter-74yfp-3qfb3-kqt8w-pmxwj-7m648

   Windows Server 2008 r2 enterprise-489j6-vhdmp-x63pk-3k798-cpx3y

   Windows Server 2008 R2 for itanium-based systems-GT63C-RJFQ3-4GMB6-BRFB9-CB83V

   Windows Server 2008 R2 Standard-YC6KT-GKW9T-YTKYR-T4X34-R7VHC

   Windows Web Server 2008 R2-6tpjf-rbvhg-wbw2r-86qph-6rtm4

   Windows Vista Business-YFKBB-PQJJV-G996G-VWGXY-2V3X8

   Windows Vista Business N-HMBQG-8H2RH-C77VX-27R82-VMQBT

   Windows Vista enterprise VKK3X-68KWM-X2YGT-QR4M6-4BWMV

   Windows Vista enterprise N-VTC42-BM838-43QHV-84HX6-XJXKV

   Windows Server 2008 datacenter-7m67g-pc374-gr742-yh8v4-tcby3

   Windows Server 2008 datacenter without hyper-v-22xq2-vrxrg-p8d42-k341_g3qqc

   Windows Server 2008 for itanium-based systems-4dwfp-jf3dj-b7dth-78fjb-pdrhk

   Windows Server 2008 Enterprise-YQGMW-MPWTJ-34KDK-48M3W-X4Q6V

   Windows Server 2008 enterprise without hyper-v-39bxf-x8q23-p2wwt-38t2f-g3p-2

   Windows Server 2008 Standard-TM24T-X9RMF-VWXK6-X8JC9-BFGM2

   Windows Server 2008 standard without hyper-v-W7VD6-7JFBR-RX26B-YKQ3Y-6FFFJ

   Windows Web Server 2008-WYR28-R7TFJ-3X2YQ-YCY4H-M249D)

5. The client computer connects to the kms host through an anonymous TCP remote call. The default port is 1688. After a TCP session is established between the client computer and the kms host, the client computer generates a cmid Client ID and sends a request record to the kms host. This request record is signed using the AES encryption algorithm. Activated clients send a request every seven days to refresh the activation record. unactivated Windows 8 clients send a request every two hours for activation. If the cached kms host cannot respond to subsequent activation status updates, the kms client computer will use the kms SRV record in DNS to find the new kms host again.

6. The kms host saves the Client ID (cmid) in a table (cmid/data-stamp) on the kms host. Each activation request remains in the table for 30 days. When a Windows client refresh its activation, the cache cmid of the client will be deleted from the table and a new record will be created, and the retention period will change to 30 days. If a kms client does not refresh its activation within 30 days, the corresponding cmid is deleted from the table and the activation count is reduced by 1.

7. The kms host returns the activation count to the client. The client compares the activation Count value with the authorization policy. If the activation threshold value is met, the kms host is activated. By default, Windows 8 clients are automatically activated once a week.

8. The specific authorization policy is: when the table on the kms host (

When the number of cmids in cmid/data-stamp reaches a certain number, the activation process is performed uniformly. For this number, 2008 & 2008 R2 is 5, Vista & win7 is 25, and office2010 is 5.

This article from the "free in the soul" blog, please be sure to keep this source http://tobyxia.blog.51cto.com/6674512/1539042