Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fermilab KMS Experiences with Microsoft’s Key Management Server 1 HEPiX Nov 5, 2007 Fermilab KMS Experiences.

Published byDominic Eaton Modified over 8 years ago

Similar presentations

Presentation on theme: "Fermilab KMS Experiences with Microsoft’s Key Management Server 1 HEPiX Nov 5, 2007 Fermilab KMS Experiences."— Presentation transcript:

1 Fermilab KMS Experiences with Microsoft’s Key Management Server 1 HEPiX Nov 5, 2007 Fermilab KMS Experiences

2 What is KMS? With Vista (and Windows Server 2008) Microsoft introduces new software activation Enterprise customers can now have a central server for activation No need to give out installation codes Reduces threat of stolen keys being used by hackers HEPiX Nov 5, 2007 Fermilab KMS Experiences 2

3 KMS – Activated Vista system HEPiX Nov 5, 2007 Fermilab KMS Experiences 3

4 KMS – System not activated HEPiX Nov 5, 2007 Fermilab KMS Experiences 4

5 KMS and Vista Systems Vista can be installed without activation…but… After 30 days, it is no longer useable Once activated, system good for 180 days Every 7 days, Vista will try to contact KMS server again, and extend activation back to 180 days Once deactivated, you go into ‘degraded’ mode HEPiX Nov 5, 2007 Fermilab KMS Experiences 5

6 KMS – The Good, the Bad, and the Ugly Easy to install – Originally only ran on Vista or ‘Longhorn’ server – On 03/22/07 the service can now run on Windows 2003 server Must have 25 active activations requests, or the KMS server will not activate anyone Unless you have a MOM server, there are no reports HEPiX Nov 5, 2007 Fermilab KMS Experiences 6

7 KMS – Build your own report Every time someone tries to ‘activate’, an event record is generated on the KMS server Event record is part of special ‘Key Management Service’ records HEPiX Nov 5, 2007 Fermilab KMS Experiences 7

8 KMS – The event record Event Type:Information Event Source:KmsRequests Event Category:None Event ID:12290 User:N/A Computer:kms-server Description: An activation request has been processed. Info: 0x0,25,PPD101835.dhcp.fnal.gov,bb99473f-3fb3-4e7c-9e6e- 1b711e5b4ae8,2007/10/31 11:57,0,1,257764,cfd8ff08-c0d7-452b-9f60- ef5c70c32094 HEPiX Nov 5, 2007 Fermilab KMS Experiences 8

9 KMS Commands HEPiX Nov 5, 2007 Fermilab KMS Experiences 9 On the KMS server issue the following to get count of current number of activated systems: cscript %windir%\system32\slmgr.vbs -dli

10 KMS Activation count KMS will not activate any system until 25 different systems have requested activation Virtual machines do not count Can not simply re-name a machine to ‘fool’ the count Must maintain 25 active requests. If count falls below 25, then activation stops again HEPiX Nov 5, 2007 Fermilab KMS Experiences 10

11 KMS – Fun with DNS HEPiX Nov 5, 2007 Fermilab KMS Experiences 11 KMS server dynamically updates DNS with a special service record. This allows Vista systems to automatically find your KMS server. NOTE: port 1688 needs to be open to your systems on-site, but blocked from off-site

12 KMS – Manual activation If you run into DNS issues, the client can manually issue activation request Command must be run from user ‘administrator’ on client machine First - Tell client name of KMS server: – Cscript slmgr.vbs –skms dns-name-of-kms-server Second - Request activation: – Cscript slmgr.vbs -ato HEPiX Nov 5, 2007 Fermilab KMS Experiences 12

13 KMS – Degraded mode If client machine fails to get activation, the machine goes to degraded mode Degraded mode basically only allows user to activate Can not fool system by changing system date May not be able to start VPN software when in degraded mode Can extend activation if client can not contact your KMS server – Slmgr -rearm HEPiX Nov 5, 2007 Fermilab KMS Experiences 13

14 KMS – Additional info You can have multiple KMS servers … but… – Multiple KMS servers do not communicate to each other (each one will need to have 25 active requests) The KMS server does not report any info to Microsoft Microsoft may use KMS for future application software activation HEPiX Nov 5, 2007 Fermilab KMS Experiences 14

Download ppt "Fermilab KMS Experiences with Microsoft’s Key Management Server 1 HEPiX Nov 5, 2007 Fermilab KMS Experiences."

Similar presentations

Volume activation.

Volume activation.
Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.
A p p l i c a t i o n P a c k a g e NEVO-ASC Company automatic communications systems ®

A p p l i c a t i o n P a c k a g e NEVO-ASC Company automatic communications systems ®
Microsoft Goals Engineer a product less vulnerable to piracy and counterfeit Provide set of tools to help ensure a more managed installation environment.

Microsoft Goals Engineer a product less vulnerable to piracy and counterfeit Provide set of tools to help ensure a more managed installation environment.
BePunctual Employee Time & Attendance (T&A) System User Guide.

BePunctual Employee Time & Attendance (T&A) System User Guide.
Virtual LANs.

Virtual LANs.
PulseHR Time and Attendance software development and coding web development, web hosting IT project management and consulting www.pulsesoft.ro Str. Ghioceilor.

PulseHR Time and Attendance software development and coding web development, web hosting IT project management and consulting Str. Ghioceilor.
Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.

Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
Windows Vista @MIT Windows Vista Activation @MIT And Windows Vista for WIN.MIT.EDU.

Windows Windows Vista And Windows Vista for WIN.MIT.EDU.
Vista Volume Activation Overview VLK 2.0 Anders Björling Senior Consultant Microsoft.

Vista Volume Activation Overview VLK 2.0 Anders Björling Senior Consultant Microsoft.
Deploying Servers Installing Windows Server 2008

Deploying Servers Installing Windows Server 2008
Www.nicelabel.com NICE Watch NICE Watch Synchronization module NICE Watch is a special module enabling synchronization of label production process with.

NICE Watch NICE Watch Synchronization module NICE Watch is a special module enabling synchronization of label production process with.
A CHAT CLIENT-SERVER MODULE IN JAVA BY MAHTAB M HUSSAIN MAYANK MOHAN ISE 582 FALL 2003 PROJECT.

A CHAT CLIENT-SERVER MODULE IN JAVA BY MAHTAB M HUSSAIN MAYANK MOHAN ISE 582 FALL 2003 PROJECT.
Chapter 2: Automating the Windows Vista Installation.

Chapter 2: Automating the Windows Vista Installation.
Kalpesh Patel Ramprabhu Rathnam

Kalpesh Patel Ramprabhu Rathnam
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Windows Vista Product Activation And The Fashionable LSP

Windows Vista Product Activation And The Fashionable LSP
Patch Management Module 13. Module 2-421 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
Senior Technical Writer

Senior Technical Writer

Similar presentations

Ads by Google