Win8 KMS activation principle detailed

  
Windows 8 Volume Activation
Windows 8 provides two volume activation methods for enterprises: KMS and MAK. MAK's activation service is handled by Microsoft's public platform and is suitable for small and medium-sized enterprises with less than 50 computers. KMS requires enterprises to provide a server that accepts this service, which is suitable for large enterprises with more than 50 computers.
KMS Activation Principle (Key Management Service)
KMS uses a client-server topology, and personal computers can obtain authorization services only through the local network. The KMS client computer connects to the KMS host through the DNS domain name system or static configuration, and the KMS host issues authorization through the RPC remote procedure call. KMS hosts can run on physical or virtual machines with Windows Server 2003 and above.
KMS Activation Process
The first step in deploying KMS activation is to install the Windows KMS Host key and activate the KMS host. After the KMS host is activated, KMS will use the SRV (Service Resource Record) to store the KMS host location in the DNS server. . KMS hosts are automatically published by Dynamic DNS (Dynamic DNS) by default, and KMS clients (Win8 activated by KMS) use the published information to find and connect to KMS hosts.
The KMS host will save an "activation count" as one of the conditions for activating the Windows 8 client. At the initial deployment, the activation count increases each time a new Windows 8 client successfully connects to the KMS host. When the activation count reaches the threshold of 25, all Windows 8 clients are automatically activated. The activation count will be maintained by the KMS host and the KMS host will automatically remove the CMID record for more than 30 days.

1. KMS host installs Windows 8 KMS Host key
2. Activate KMS host via Internet or phone
3. KMS service will add SRV record service resource record in DNS every time it starts. Br>4. Each time the KMS client queries the DNS for KMS service information, a KMS host is randomly selected from the list of service resource records provided by the DNS. If the selected KMS host does not respond, the KMS client computer will delete the KMS host record from its list of SRV records and randomly select a new KMS host from the list.
5. The client computer connects to the KMS host via TCP anonymous remote procedure call. The default port is 1688. After the client computer and the KMS host establish a TCP session, the client computer generates a CMID client identity and then sends a request record to the KMS host. This request record will be signed with the AES encryption algorithm. The activated client sends a request to refresh the activation record every 7 days, and the inactive Windows 8 client sends a request every 2 hours for activation.
Note: If the cached KMS host is unable to respond to subsequent activation status updates, the KMS client computer will re-discover the new KMS host via the KMS SRV record in DNS.
6. The KMS host will store the client ID (CMID) in a table on the KMS host. Each activation request has a retention time of 30 days in the table. When a Windows 8 client refreshes its activation, the client's cached CMID is removed from the table and a new record is created, with the retention period re-changing to 30 days. If a KMS client does not refresh its activation within 30 days, the corresponding CMID will be removed from the table and the activation count will be decremented by 1.
7. The KMS host returns the activation count to the client, and the client compares the value of the activation count with the authorization policy and activates if the activation threshold is met. By default, the Windows 8 client automatically activates once a week.

Copyright © Windows knowledge All Rights Reserved