Getting KMS hosting working on Server 2012 Core

I had occasion to set up a Windows Server Datacentre 2012 Core VM recently, as a domain controller, FSMO role holder, and DNS server.

Since the network didn’t have a KMS host in use (but did have KMS keys) I thought I’d set it up as one.

Installing the key and activating the host is a cinch. From an administrative command prompt:

slmgr -ipk <key>
 slmgr -ato

But to get other clients to connect to this host, there are a few hoops to jump through.

First, you need to set a firewall exemption for the KMS traffic. From the same command prompt:

netsh advfirewall firewall set rule group="Key Management Service" new enable=yes

You’ll also need the DNS entry for the KMS service. This should be created automatically by your first KMS host, but if it isn’t there are a few permissions you’ll need to set. I followed the broad instructions here to allow for adding another KMS host in the future. In my situation, however, the KMS entry was automatically created.

It’s also worth noting that if you have multiple DNS servers (you do, don’t you?) then you’ll want to wait for, or force, replication of this record between those servers to avoid red herring chases of spurious DNS errors.

Your last obstacle should then be actually getting enough clients to try to authenticate that your KMS host can activate them. If you have a bunch of servers, this is easy again. Five servers should tip you over to activation, or you can settle for 25 workstation clients.

If you need the KMS client keys, everything from 2012 R2/8.1 on down is here: http://technet.microsoft.com/en-us/library/jj612867.aspx

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s