How to: Setup a KMS Host Server with Server 2008 R2

I recently had to setup a KMS (Key Management Service) Host Server. This is a service that will run on a server and let your operating systems or products “check in” with it to activate their licensing. I am setting this up with Server 2008 R2, and the process is a little different than that from 2003. With Server 2k3 you needed to download additional software from Microsoft in order to run this service. Now everything that you need is built right into the OS, but there’s still no way to assign this service through the server manager, so I’ll detail some steps you’ll need to take to get up and running.

Configuring the Host

First things first, if you have a firewall running on this server, you will need to open up port 1688. This is the default port that is used for KMS.

After any changes that you make, you will need to restart the Software Licensing Service. To do this, open a command prompt and type net stop sppsvc && net start sppsvc

To enable KMS functionality, you need to use a KMS capable key. In my case, I had to call Microsoft to get it. The key that you use will determine what prodocts you’ll be able to activate via your KMS server. In my case, I can activate Server 2008 R2 licenses.

Installing KMS Hosts

To install a KMS key, open a command prompt and type slmgr.vbs /ipk

Next you need to activate your key either via the internet or phone.

After activating the KMS key, restart the Software Protection Service.

Windows 7 and Windows Server 2008 R2 display the warning shown in Figure 1 any time administrators install a KMS host key by using the UI (Users will not see this warning if they install a KMS host key by using the Slmgr.vbs script). This message prevents accidentally installing a KMS key on computers that administrators do not intend to be KMS hosts.

To verify that the KMS host is configured correctly, check the KMS count to see whether it is increasing. In the Command Prompt window on the KMS host, type slmgr.vbs /dli to display the current KMS count. Administrators can also check the Key Management Service log in the Applications and Services Logs folder for event ID 12290. The Key Management Service log records activation requests from KMS clients. Each event displays the name of the computer and the time stamp of each activation request.

Configuring DNS

I will be explaining how to manually add an SRV record in your DNS in case yours was not automatically published.

Using DNS Manager, in the appropriate forwarding lookup zone, create a new SRV RR using the appropriate information for the location. By default, KMS listens on TCP port 1688, and the service is _VLMCS.

At this point you should be able to activate client OS’s with this new KMS host.

One Response

Leave a Reply