• Volume License Mak Or Kms Key
• Mak License Vs Kms
• Mak Vs Kms Activation
• What Is A Mak Or Kms License
• Microsoft Kms Vs Mak Keys

Updated: February 23, 2016

Applies To: Windows 10, Windows 8.1, Windows Server 2012 R2

The following sections describe key scenarios for KMS and MAK activation.

On this page

Cornell's site license for Microsoft Windows and Microsoft Office Professional Plus provides unlimited licensing via our Key Management Service (KMS). This page provides instructions for technical support providers (TSPs) to switch a computer from the earlier Multiple Activation Key (MAK) system to the preferred KMS system. Aug 17, 2018  When Microsoft released Windows Vista they also released a new volume licensing model using two different types of software license keys: MAK and KMS. The main requirement is for it to secure that the KMS host can connect to Microsoft’s volume licensing servers. In terms of activation capacity and expiration, MAK is more advantageous than KMS. The former has a one-time, non-expiring activation and doesn’t require frequent updates with product keys, thus providing better security against activation failure. KMS or MAK activation. With a volume licence, client's don't need to activate with Microsoft through the internet. For larger organisations, that would cause too much internet traffic. Instead, you use a local activation service within your network. You can either deploy a KMS (Key Management Service) or use the Volume Actication Management Tool (VAMT).

KMS scenarios

KMS can support simple, single-site networks and global networks. The following scenarios show:

• The default implementation of KMS.

• The implementation expanded to support a global network.

Default KMS implementation for a single-site network

Contoso has 100 Windows 7 Enterprise clients and a mixed set of Windows Vista, Windows Server 2008, and Windows Server 2008 R2 systems. Contoso is a flat domain (Contoso.com). The DNS server runs Microsoft DNS in its default configuration. This configuration supports DNS dynamic update protocol and DNS record scavenging to remove stale records.

Contoso purchases a license agreement that provides a KMS key, which will activate all of its systems. The information technology (IT) administrator installs Contoso’s KMS host key (CSVLK) on two KMS hosts running Windows Server 2008 R2 by using the following command run locally at an elevated command prompt:

The IT administrator then creates a Security Group in Active Directory® Domain Services (AD DS) named KMS_Hosts. The administrator adds the servers KMS_1 and KMS_2 to the KMS_Hosts membership.

The host KMS_1 is activated against Microsoft via the Internet: Slmgr.vbs /ato. KMS_1 automatically publishes its SRV resource records (RRs) to DNS. The IT administrator accesses the DNS server, locates the RR for _vlmcs._tcp.contoso.com, and changes its permissions to give KMS_Hosts Read, Write, and Delete permission to the record. The host KMS_2 is now activated against Microsoft via the Internet: Slmgr.vbs /ato.

Finally, the administrator confirms that the KMS host exclusion is enabled in Windows Firewall. The Key Management Service firewall exception needs to be enabled.

KMS clients on the Contoso network query DNS and receive the SRV records for both KMS hosts. The clients pick one or the other host and are activated (as soon as the KMS count rises above the threshold). See the section, “Activation Policy Values,” for more information about KMS count requirements.

KMS implementation in a complex, global network

Contoso has expanded into two domains, east.contoso.com and west.contoso.com. Network traffic can pass privately between the two networks through a firewalled wide area network (WAN) link. This link has limited bandwidth, so resources (including DNS) are replicated on both sides of the WAN link to reduce traffic when possible.

Contoso uses image-based deployment. Its client systems are standardized on Windows Vista, but the Windows Vista systems are being replaced by Windows 7 clients.

Users regularly travel geographically, and their network connection changes from one domain to the other. Clients’ IP addressing is provided dynamically by DHCP, including specifying the local DNS host, local gateway address, and so on.

To provide activation support for the existing Windows Vista clients and the new Windows 7 clients, Contoso installs four KMS hosts (using its KMS B key). Two KMS hosts are configured in east.contoso.com, and two are configured in west.contoso.com.

The IT administrator configures the KMS hosts so that the DNS SRV records drive Windows 7 and Windows Server 2008 R2 clients in the east domain to KMS_E1, if available, or to KMS_E2. If neither is available, the clients will attempt KMS_W1 and, finally, KMS_W2. Likewise, DNS in the west domain is configured so that Windows 7 clients in the west domain will prefer contacting KMS_W1, then KMS_W2 and only when these fail will attempt activation with KMS_E1 and KMS_E2 on the far side of the WAN link.

The IT administrator accomplishes this by making the following configuration changes (see Table 5):

• KMS_E* hosts are added to the security group KMS_E. This group is given Read, Write, and Delete rights to the record _vlmcs._tcp.east.contoso.com.

• KMS_W* hosts are added to the security group KMS_W. This group is given Read, Write, and Delete rights to the record _vlmcs._tcp.west.contoso.com.

• DHCP servers are configured to add east.contoso.com and west.contoso.com to the DNS suffix search list for all clients.

• Firewalls between east and west domains are configured to allow RPC traffic to the KMS hosts on port 1688.

Table 5. KMS Host Configuration

Then, the administrator confirms that the Windows Firewall exceptions are set to allow KMS client traffic and configures client computers, as Table 6 describes.

Table 6. KMS Client Configuration

The client reference computer is KMS activated, then sysprep /generalize is run. The system is shut down and imaged using ImageX from the Windows 7 Windows Automated Installation Kit (Windows AIK). The Windows AIK is available to download at http://go.microsoft.com/fwlink/?LinkId=136976.

MAK scenarios

The following sections describe scenarios for MAK activation. This section involves network and workgroup environments that are typical within large enterprises.

In the Core Network environment, all computers are within a common network managed by AD DS. The Secure Zone represents higher-security Core Network computers that have addition firewall protection.

The Isolated Lab environment is a workgroup that is physically separate from the Core Network, and its computers do not have Internet access. The network security policy states that no information that could identify a specific computer or user may be transferred out of the Isolated Lab.

MAK independent activation

The VAMT allows automation of MAK deployment and activation over the network by distributing MAKs from a centralized console. VAMT queries Microsoft activation servers to get the number of remaining activations for a given MAK, then lists the activation status of all MAK-activated systems in the environment. This count is a snapshot in time, not a real-time count. VAMT version 3.1 is included in the Windows ADK. For more information about VAMT, see Volume Activation Management Tool (VAMT) Technical Reference, and VAMT How-To Topics

In this scenario, the VAMT is deployed in the Core Network environment. The VAMT is installed on a central computer with network access to all client computers. Both the VAMT host and client computers have Internet access. The following instructions describe how to perform independent activation:

1. Install and launch the VAMT on a networked host computer:

   1. Install the Windows ADK on the host computer.

   2. Click Start, and then click VAMT to open the VAMT console.

2. Configure the Windows Management Instrumentation (WMI) firewall exception on target computers. Ensure that the WMI firewall exception has been enabled for all target computers.

3. Add computers to the computer information list (CIL):

   1. On the VAMT console, click Action, and then click Add Computers to display the Add Computers dialog box.

   2. Enter a Computer Group name such as Core Network Group to identify the group of computers you are activating.

   3. Click the drop-down list to select a search option. You can search for computers in a workgroup, in an AD DS domain, or by individual computer name or IP address.

   4. If you are searching by individual computer name or IP address, enter that information in the text box below the drop-down list.

   5. If you are searching a domain or a workgroup, select the domain or workgroup from the additional drop-down list displayed for those options. Use the Filter by computer name field to search for a specific computer within the domain or workgroup.

   6. Click OK.

      The VAMT queries Active Directory Domain Services (AD DS) via Lightweight Directory Access Protocol (LDAP) and adds the computers it finds to the CIL.

4. Collect status information from the discovered computers:

   1. For the VAMT to perform an action on a computer, it must have current license status data for that computer. Collect status from individual computers by directly selecting one or more computers in the computer list view pane. To perform operations for an entire group, in the tree view pane, select the Status Unknown node or the User Defined GroupsCore Network Group node.

   2. Right-click the group or the desired computers, and then click Refresh Computer Status.

   3. If you are activating computers that require administrator credentials different from the ones you are currently using, select Use Alternate Credentials.

   4. Click OK.

   5. Provide a Domain Administrator account (to collect status from all computers in the domain) and password when prompted.

      The VAMT displays the Collecting computer information dialog box while it collects the status of all selected computers. When the process is finished, the refreshed status of each computer appears in the computer list view pane of the VAMT console.

      Note

      To retrieve the licensing status on the selected computers, the VAMT must have administrative permissions on the remote computers, and WMI must be accessible through Windows Firewall. In addition, for workgroup computers, a registry key must be created to enable remote administrative actions under User Account Control (UAC). For more information about configuring systems for VAMT remote management, see the VAMT help.

5. Add a MAK, and determine its remaining activation count:

   1. Click Options, and then click Manage MAKs to open the Manage MAK Keys dialog box.

   2. Click Add to enter a MAK.

   3. Enter the MAK, and then click Validate.

      Once validated, the Edition field is automatically populated.

   4. Provide a meaningful description, and then click Add.

      The MAK is now listed in the Manage MAK Keys dialog box.

   5. Click Refresh remaining count to retrieve the number of remaining activations for the listed MAKs from Microsoft. (This step requires Internet connectivity.)

   6. Click Exit to close the dialog box.

6. Install the MAK, and activate the client computers:

   1. Select the computers to be activated, either by clicking a group in the tree view pane or by selecting individual computers in the list view pane.

   2. Right-click the selected group or computers, and then click MAK Independent Activate to display the MAK Independent Activate dialog box.

   3. Select the appropriate MAK from the Install MAK list.

   4. Select the Install MAK (overwrite existing) and Activate Now check boxes to instruct the selected computers to activate immediately by contacting Microsoft Windows Activation over the Internet.

      If an asterisk (*) appears next to the text for these check boxes, the action will apply only to applicable computers. For example, a computer installed with a Windows Vista retail edition cannot be activated using a MAK.

   5. If you are activating computers that require administrator credentials different from the those you are currently using, select Use Alternate Credentials.

   6. Click OK.

      VAMT displays the Assigning Product Keys dialog box, and then displays the Activating Computers dialog box until it completes the requested action. If you selected Use Alternate Credentials, you will be prompted to enter the credentials prior to these dialog boxes.

MAK proxy activation

In this scenario, the VAMT is used to activate workgroup computers within an Isolated Lab environment. For workgroups such as this, which are completely isolated from the larger network, you can perform MAK proxy activation by installing a second VAMT on a computer within the isolated workgroup and using removable media to transfer VAMT CILs between that computer and another VAMT host that has Internet access. For more information about configuring systems for VAMT remote management, see the VAMT help. The following steps describe how to use the VAMT tool for proxy activation:

1. Install a VAMT on a workgroup computer in the Isolated Lab:

   1. Install the Windows AIK on a host computer in the Isolated Lab workgroup.

      This computer can be running Windows XP with Service Pack 2 (SP2), Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2.

   2. Click Start, and then click VAMT to open the VAMT console.

   3. Configure the Windows Management Instrumentation (WMI) firewall exception on target computers. Ensure that the WMI firewall exception has been enabled for all target computers.

2. Add computers to the CIL:

   1. On the VAMT console, click Action, and then click Add Computers to open the Add Computers dialog box.

   2. Enter a Group name such as Isolated Lab Group to identify the group of computers you are activating.

   3. Select the Workgroup option, and specify the name of the workgroup, and then click OK.

      The VAMT searches the workgroup for computers.

      Note

      For the VAMT to discover client computers in a workgroup, the network discovery Windows Firewall exception must be enabled.

3. Collect status from the discovered computers:

   1. For the VAMT to perform an action on a computer, it must have current license status data for that computer. Collect status from individual computers by directly selecting one or more computers in the computer list view pane. To perform operations for an entire group, in the left pane, select the Status Unknown node or the User Defined GroupsIsolated Lab Group node.

   2. Right-click the group or the desired computers, and then click Refresh Computer Status.

   3. If you are activating computers that require administrator credentials different from the those you are currently using, select Use Alternate Credentials.

   4. Click OK. When prompted, provide the credentials for an account that has local administrative rights on the selected workgroup computers.

      The VAMT displays the Collecting computer information dialog box while it collects the status of all selected computers. When the process is finished, the refreshed status of each computer appears in the computer list view pane of the VAMT console.

      Note

      To retrieve the licensing status on the selected computers, the VAMT must have administrative permissions on the remote computers, and WMI must be accessible through Windows Firewall. In addition, for workgroup computers, a registry key must be created to enable remote administrative actions under UAC.

4. Add a MAK:

   1. Click Options, and then click Manage MAKs to open the Manage MAK Keys dialog box.

   2. Click Add to enter a MAK.

   3. Enter the MAK, and then click Validate.

      Once validated, the Edition field is automatically populated.

   4. Provide a meaningful description, and then click Add.

      The MAK is now be listed in the Manage MAK Keys dialog box.

   5. Click Exit to close the dialog box.

      Note

      Because the VAMT is not installed on a computer with Internet access, the Refresh Remaining Count option will not operate. This feature requires Internet access.

5. Install the MAK on the Isolated Lab computers:

   1. Select the Isolated Lab group in the tree view pane.

   2. Right-click the selected group, and then click MAK Proxy Activate to display the MAK Proxy Activate dialog box.

   3. Select the appropriate MAK from the Install MAK list.

   4. Select Install MAK (overwrite existing).

      If an asterisk (*) appears next to the text for this checkbox, the action will apply only to applicable computers. For example, a computer installed with a Windows Vista retail edition cannot be activated using a MAK.

   5. Clear the Get Confirmation ID from Microsoft check box, because this computer does not have Internet access.

   6. Clear the Apply Confirmation ID and Activate check box, because confirmation IDs (CIDs) have not yet been requested.

   7. If you are activating computers that require administrator credentials different from the those you are currently using, select Use Alternate Credentials, and then click OK.

      VAMT displays the Assigning Product Keys dialog box until it completes the requested action. If you selected Use Alternate Credentials, you will be prompted to enter the credentials prior to this dialog box.

      Note

      Selecting the Install MAK (overwrite existing) check box force-installs a MAK on a client computer. This must be done with care. If the pre-SP1 version of Windows Vista has been installed on the computer for more than 30 days, then its Initial Grace period has expired, and the computer will enter Reduced Functionality Mode (RFM) if activation is not completed successfully before the next logon. However, you can use MAK proxy activation to recover properly configured computers from RFM as long as the computers are accessible to the VAMT host. RFM only applies to the pre-SP1 version of Windows Vista. Windows Vista with SP1 or later, Windows 7, Windows Server 2008, or Windows Server 2008 R2 will not enter RFM.

6. Save the CIL:

   Wp8060 pen tablet driver. How to Install Drivers After you have found the right HID device wp800, follow these simple instructions to install it. Lenovo Ideapad 80TIH This iBall 8-inch level tablet with cordless mouse and pen is a smart option for professionals like fashion designers, writers and artists.Learn More — opens in a new window or tab International shipping and import charges paid to Pitney Bowes Inc. Pen Digitizer iBallWp pen tablet cost cannot be calculated. Not tested pressure sensitivity as it is tabblet working on Linux Gimp.More precise and intuitive than a traditional keyboard and mouse combination, every point on the tablet has a iball pen tablet wp8060 location on the tablft.

   In this step, the full CIL is saved on the local (that is, workgroup) VAMT host. In MAK proxy activation, it is critical to retain this file, because the VAMT uses it to apply the CIDs to the proper computers.

   1. Using the VAMT tree view or list view pane, select the group or the individual computers that successfully received a MAK.

   2. From the File menu, click Save to display the Save the Computer Information List dialog box.

   3. Select a directory, and then enter a CIL file name such as IsolatedLabGroup.CIL.

   4. Click Save.

7. Export the CIL:

   As stated previously, the enterprise’s security policy states that no information that could identify a specific computer or user may be transferred out of the Isolated Lab. Therefore, this type of data must be excluded from the CIL file to be transferred to the Core Network VAMT host.

   1. Using the VAMT tree view or list view pane, select the group or the individual computers that successfully received a MAK.

   2. Right-click the selected group or computers, and then click Export Computers to display the Save the Computer Information List dialog box.

   3. Select Exclude any sensitive environment data.

   4. Click Browse to display the Save As dialog box.

   5. Select a directory, and then enter a CIL file name such as IsolatedLabGroupSecureExport.CIL.

   6. Click Save.

   7. Copy the IsolatedLabGroupSecureExport.CIL file to removable media (disk drive, CD/DVD, or USB flash drive [UFD]).

      Whether you are looking for the entireMicrosoft Office Suite or extra programs like Publisher or Access, wecarry a variety of software options to get the right software for yourhome or business. I have purchased HP computer with Windows vista Basic and the Product Key How To Buy Windows Vista Premium Product Key buy windows 7 key india windows 10 pro key purchase visual communicator 2Buy Windows Vista Business Product Key purchase quickbooks pro 2012 online outlook 2016 wont start how to buy windows electronicallybuy windows vista product key$divdiv22 results. Buy windows vista home basic product key. If you dont want. Createprofessional-looking documents and reports or design marketingmaterials and presentations with popular Microsoft® Office® software andother Microsoft programs.

      Note

      Selecting the Exclude any sensitive environment data check box excludes Personally Identifiable Information (PII) from being saved in the CIL. As a result, the CIL must be re-imported in this VAMT host and into the full-save CIL file so that the CIDs requested from Microsoft can be correctly assigned to the computers in the Isolated Lab group.

8. Import the CIL on a VAMT host with Internet access:

   1. Copy IsolatedLabGroupSecureExport.CIL from the removable media to a drive on a VAMT host that has Internet access.

   2. Open the VAMT console.

   3. From the File menu, click Import to open the Open Computer Information List dialog box.

   4. Locate and select IsolatedLabGroupSecureExport.CIL and then click Open to load the CIL into the VAMT.

   5. Confirm that the computer, group, and workgroup names are not visible.

9. Request CIDs from Microsoft:

   1. Right-click the imported computers, and then click MAK Proxy Activate to open the MAK Proxy Activate dialog box.

   2. Clear the Install MAK (overwrite existing) check box.

   3. Clear the Get Confirmation ID from Microsoft check box.

   4. Clear the Apply Confirmation ID and Activate check box, because this VAMT host is not on the same network as the selected computers.

   5. Click OK.

      The VAMT displays the Acquiring Confirmation ID online dialog box while it contacts Microsoft and collects the CIDs.

10. Export the CIL from the Internet-connected VAMT host:

    1. After the CIDs have been retrieved for all computers, save the CIL file. In the VAMT console, scroll to the right and confirm that the PendingCID column has values.

    2. From the File menu, click Save As, and provide a new name for the file, such as IsolatedLabGroupSecureExportwithCID.CIL.

    3. Copy the updated file IsolatedLabGroupSecureExportwithCID.CIL to removable media (disk drive, CD/DVD, or UFD).

11. Import the CIL on the original VAMT host within the Isolated Lab:

    1. Copy IsolatedLabGroupSecureExportwithCID.CIL from the removable media onto a drive on the VAMT host in the Isolated Lab.

    2. Open the VAMT console.

    3. From the File menu, click Open to display the Open Computer Information List dialog box.

    4. Locate and select IsolatedLabGroup.CIL, and then click Open to load the CIL into the VAMT.

       This displays the previously discovered computers and their license states in the computer list view pane.

    5. From the File menu, click Import and browse to the file that contains the CIDs (IsolatedLabGroupSecureExportwithCID.CIL).

       This starts the merge process that matches the CIDs to the computers’ IIDs.

    6. From the File menu, click Save, and then enter a file name such as IsolatedLabGroupwithCID.CIL to save this file that associates the IIDs with the corresponding CIDs.

       Important

       Saving this file is critical for reimaging scenarios. It is strongly recommended that you back up this file and protect it from being overwritten.

12. Apply the CIDs, and activate the Isolated Lab computers:

    1. Right-click the Isolated Lab group in the tree view pane, and then click MAK Proxy Activate to open the MAK Proxy Activate dialog box.

    2. Clear the Install MAK (overwrite existing) check box, because the selected computers already have a MAK installed.

    3. Clear the Get Confirmation ID from Microsoft check box.

    4. Select the Apply Confirmation ID and Activate check box to instruct the VAMT to activate the selected computers by installing their CIDs.

    5. Click OK.

       The VAMT displays the Assigning Confirmation IDs dialog box while it installs the CIDs on the selected computers.

13. Optionally, reactivate reimaged computers in the Isolated Lab:

    If the computers in the Isolated Lab have been reimaged but the underlying hardware has not changed, the VAMT can reactivate them using the IsolatedLabGroupwithCID.CIL file.

    1. Redeploy Windows to each computer using the same computer names as before.

    2. Open the VAMT console on the local (workgroup) VAMT host.

    3. From the File menu, click Open, and then select the IsolatedLabGroupwithCID.CIL file.

    4. In the tree view pane, right-click the Isolated Lab group, and then click Reapply Confirmation ID to display the MAK Proxy Reactivate dialog box.

    5. Leave the Install MAK (overwrite existing) check box selected, and ensure that the previously used MAK is selected from the list.

    6. Leave the Reapply Confirmation ID and Reactivate check box selected to reapply the stored CIDs from the IsolatedLabGroupwithCID.CIL file.

    7. Leave the Require exact IID match check box selected if the hardware has not changed since the initial MAK Proxy Activation and you are using the same MAK to reactivate the computer.

       Clear this check box if the hardware has changed but you would still like VAMT to attempt a reactivation using the previously stored CID. Note that Windows might not be successfully reactivated in this scenario.

    8. If you are activating a computer that requires administrator credentials different from those you are currently using, select the Use Alternate Credentials check box.

    9. Click OK.

       The VAMT displays the Assigning Product Keys dialog box while it applies the MAK to the Isolated Lab Group.

       The VAMT displays the Assigning Confirmation IDs dialog box while it installs the CIDs on the selected computers.

       Note

       Selecting the Install MAK (overwrite existing) check box force-installs a MAK. This must be done with care. If the pre-SP1 version of Windows Vista has been installed for more than 30 days, then its Initial Grace period has expired and it will enter RFM if activation is not completed successfully before the next logon. VAMT can be used to recover properly configured remote computers from RFM as long as they are accessible on the network. RFM only applies to the pre-SP1 version of Windows Vista. Windows Vista with SP1 or later, Windows 7, Windows Server 2008, and Windows Server 2008 R2 will not enter RFM.

VAMT support for KMS activation

In this scenario, the VAMT is used to install and activate KMS client keys on either Core Network or Isolated Lab computers. The procedure described below assumes that the VAMT has been installed and the computers have been added to the CIL. These tasks are described in steps 1–4 in either Scenario 1 (for the Core Network) or Scenario 2 (for the Isolated Lab workgroup).

1. Open the VAMT console.

2. Select the computers to be activated, either by clicking a group in the tree view pane or by selecting individual computers in the list view pane.

3. Right-click the selected group or computers, and then click Configure for KMS Activation to display the KMS Configuration dialog box.

4. Select Install KMS Client Key (overwrite existing) to instruct the VAMT to install a KMS client key on a client computer.

5. Select the appropriate activation option:

   • Auto-Discover KMS host using DNS. The VAMT first clears any previously configured KMS host on the target computer, then instructs the computer to query DNS to locate a KMS host and attempt activation.

   • Use specific KMS host and port. The VAMT sets the specified KMS host name and port on the target computer, and then instruct the computer to attempt activation with that specific KMS host.

6. If you are activating computers that require administrator credentials different from those you are currently using, select the Use Alternate Credentials check box, and then click OK.

   The VAMT displays the Assigning Product Keys dialog box, and then displays the Activating Computers dialog box until it completes the requested action. If you selected the Use Alternate Credentials check box, you will be prompted to enter the credentials prior to these dialog boxes.

Converting KMS to MAK activation

Windows 7 and Windows Server 2008 R2 install automatically as KMS clients. To convert a KMS client to MAK activation, install a MAK. A MAK can be installed during or anytime after operating system installation.

A MAK key can be installed on a reference image of Windows 7 and Windows Server 2008 R2 to make all installations from that image use MAK activation instead of the default KMS activation. Doing so alleviates the need to specify a MAK in an unattended installation file.

Installing a MAK during operating system installation

You can convert a KMS client to a MAK client during the initial installation of Windows 7 or Windows Server 2008 R2 by including a MAK in an unattended setup (Unattend.xml) file. The Unattend.xml file can be used with Setup.exe or Windows Deployment Services. For more information, see the Unattended Windows Setup Reference help file in the Windows AIK at http://go.microsoft.com/fwlink/?LinkId=136976.

Note

The MAK is stored in clear text in the Unattend.xml file. During an unattended installation, the file Unattend.xml or AutoUnattend.xml is copied to the %SystemRoot%Panther folder of the target computer. However, at the end of the Setup process, the Setup program replaces it with “SENSITIVEDATADELETED.”

Installing a MAK after operating system installation

You can configure a volume edition of Windows 7 or Windows Server 2008 R2 to use MAK activation by using the Control Panel System item or by running the Slmgr.vbs script:

• To install a MAK by using System Center, click the Change your product key link, and then type the MAK in the Change your product key for activation dialog box.

• To install a MAK by using Slmgr.vbs, run the following command at a command prompt:

  where MultipleActivationKey is the MAK.

If users install a MAK by using the user interface (UI), the MAK client attempts to activate itself over the Internet one time. If the users install a MAK key by using the Slmgr.vbs script, the MAK client does not try to activate automatically. The user can use Slmgr.vbs /ato to manually activate the MAK over Internet.

See also

In software licensing, a volume licensing is the practice of selling a license authorizing one computer program to be used on a large number of computers or by a large number of users. Customers of such licensing schemes are typically business, governmental or educational institutions, with prices for volume licensing varying depending on the type, quantity and applicable subscription-term. For example, Microsoft software available through volume-licensing programs includes Microsoft Windows, Microsoft Office.^[1][2]

Traditionally, a volume licensing key (VLK), which could be supplied to all instances of the licensed computer program, was involved in volume licensing. With the popularity of the software as a service practices, volume licensing customers only supply their software with credentials belonging to an online user account instead, which is used for other aspects of services and provisioning.

• 2Notable examples
• 3Unauthorized use

Overview[edit]

Traditionally, a product key has been supplied with computer programs. It acts analogously to a password: The computer programs of the old ask the user to prove their entitlement; in response, the user provides this key. This key, however, must only be used once, i.e. on one computer. A volume licensing key (VLK), however, can be used on several computers. Vendors can take additional steps to ensure that their products' key are only used in the intended number. These efforts are called product activation.

Volume License Mak Or Kms Key

Volume licenses are not always transferable. For example, only some types of Microsoft volume license can be transferred, provided a formal transfer process is completed, which enables Microsoft to register the new owner. A very small number of software vendors specialize in brokering such transfers in order to allow the selling of volume licenses and keys. The most notable of these, Discount-Licensing, pioneered the sale of Microsoft volume licenses in this way.^[3]

Notable examples[edit]

Microsoft[edit]

Microsoft has been engaged in volume licensing since its inception, as the enterprise sector is its primary market. With the release of Windows XP in 2001, Microsoft introduced Microsoft Product Activation, a digital rights management (DRM) scheme to curb software piracy among consumers by verifying the user's entitlement to the product license. At the time, however, the volume-licensed versions of Windows XP were exempt from this measure. (See § Unauthorized use.) Starting with Windows Vista, Microsoft introduced two volume licensing methods for IT professionals in charge of installing Windows in organizations, both of which are covered by Microsoft Product Activation: The first is Multiple Activation Keys (MAK), which are the same as Windows XP's volume licensing keys but require product activation. The second is Key Management Server (KMS) and its corresponding keys. Hosts activated via a KMS have to report back to a software license server once every 180 days.^[4][5] Licenses using these schemes can be procured via the Microsoft Software Assurance program.

A large group of Microsoft customers are OEMs that assemble and sell computers, such as desktops, laptops, tablet computers and mobile device. In the devices sold by these OEMs, Windows license data is stored in the computer's BIOS in an area referred to as the 'ACPI_SLIC', so that KMS can detect the use of previous Microsoft products even with the storage device removed or erased.^[6] For Windows Vista and Windows 7, the SLIC data are complementary; a volume licensing product key is still supplied with the device, which the user needs in the event of reinstalling Windows. Starting with Windows 8, however, everything needed to authorize the device is stored with SLIC data.

In 2010, Microsoft introduced the Office 365 licensing program. in which Microsoft Office, Microsoft Exchange Server and Skype for Business Server products are licensed based on the software as a service (SaaS) model: In exchange for a monthly subscription fee, software, its updates, support for them, provisioning, administration, licensing and additional services are all provided through an online web-based dashboard. In this scheme, licensed apps communicate recurrently with Microsoft over the Internet; as such, a product key needs not be issued to the user. Instead the administrator needs to sign up for Microsoft account, which holds details such as licensed apps, their number, and payment methods. This account is protected by credentials such as a username and a password.

Adobe[edit]

Introduced in 2011, Adobe Creative Cloud is a SaaS offering in which software produced by Adobe, their updates, support for them, provisioning, administration, licensing and additional services are all provided over the Internet, in exchange for a monthly subscription fee. As with the Office 365, a user account registered with Adobe is all that is required to authorize software and store payment information.

Unauthorized use[edit]

Microsoft has blocked several volume license keys that have been abused in service packs, starting with Windows XP Service Pack 1. Microsoft even developed a new key verification engine for Windows XP Service Pack 2 that could detect illicit keys, even those that had never been used before. Several security consultants have condemned the move by Microsoft, saying that leaving a large install base unpatched from various security holes is irresponsible because this unpatched install base can be leveraged in large scale Internet attacks, such as Trojan horses used to send spam e-mail. Others have come to Microsoft's defense, arguing that Microsoft should not have to provide support for illegal users. After much public outcry, Microsoft elected to disable the new key verification engine. Service Pack 2 only checks for the same small list of commonly used keys as Service Pack 1. Users of existing installations of Windows XP can also change their product key by following instructions from Microsoft.^[7]

Mak License Vs Kms

Leaked keys[edit]

A volume license key that was commonly used to bypass product activation in early versions of Microsoft's Windows XP operating system was FCKGW-RHQQ2-YXRKT-8TG6W-2B7Q8.^[8] This key was part of the first warez release of the final version of Windows XP by a group called devils0wn, 35 days before the official retail release on 28 August 2001.^[9] The key is now obsolete, as it has been blacklisted by Microsoft since August 2004, and affected computers will display a WGA notification.^[10] It was made famous partly because it featured in a popular image circulated on the Internet before the retail launch of Windows XP. In the image, the key is written on a CD-R containing the leaked operating system and held in front of a digital Microsoft sign counting down the days until the release of Windows XP.^[11]

Mak Vs Kms Activation

Users using these keys will receive an error message when they install the latest service pack, and such users are told to obtain a legitimate license and change their product key.^[12]

Public KMS servers[edit]

Any client machine with the correct KMS client setup keys can authenticate against any KMS server. KMS client keys are well known and documented publicly by Microsoft.^[13] KMS servers require a minimum of 25 clients to properly activate, but also stop counting additional licenses beyond 50, and automatically accept any client key once reaching the 25 client threshold.

Businesses operating KMS servers are required to properly shield the KMS server behind firewalls so that it cannot be reached from the Internet, and be used to authorize illegal use of KMS client keys by the general public. Public exposure of a KMS server can result in Microsoft revoking the server key, thereby disabling all attaching clients.

External KMS server access is desirable for devices on long-term leave away from the corporate network, as KMS client activation will expire after six months of not being able to contact a KMS server. For this situation, a business can make it accessible through a virtual private network (VPN) known only to the devices outside the corporate network.

KMS server and client emulators[edit]

An unofficial KMS server emulator exists that will activate Windows or Office even if the software was not licensed or paid for, regardless of whether or not there are 25 or more computers on the network, and regardless of whether or not a previous version of Windows was installed.^[14] There is also a program that will send KMS requests to a legitimate KMS server, in order to fool the server into thinking that there are 25 or more computers on the network. Microsoft considers both of these exploits to be a violation of the Terms and Conditions.^[15]

References[edit]

What Is A Mak Or Kms License

1. ^Lowe, Doug (2008). Networking All-in-One Desk Reference For Dummies (3rd ed.). John Wiley & Sons. pp. 205–206. ISBN9780470333884.
2. ^Microsoft. 'Microsoft Volume Licensing'. Retrieved 21 June 2010.
3. ^'Second-Hand Software Licences for Sale (And They're Legal)'. Out-Law.com. Pinsent Masons. 9 November 2005. Retrieved 23 December 2014.
4. ^Top 7 Things You Should Know About Activation and Genuine Windows (PowerPoint, referred from Windows Activation Genuine Windows 7, Vista, XP TechNet)
5. ^'Windows Activation Technologies in Windows 7'. Technet.Microsoft.com.
6. ^'Windows 7 Activation Can Fail Due to BIOS ACPI_SLIC table Issues'. Softpedia. 3 August 2010. Retrieved 22 June 2018.
7. ^Microsoft Help and Support: How to change the product key at the time of activation
8. ^bit-tech.net: Microsoft outlines Vista piracy plans, Published on 5 October 2006 by Wil Harris
9. ^'[iSONEWS] KMSAuto Lite - Microsoft Windows 10 Activator'. Archived from the original on 22 June 2018.
10. ^arstechnica.com: Windows Genuine Advantage for dummies By Matt Mondok Last updated 29 November 2006 6:19 PM
11. ^'More on the FCKGW-RHQQ2-YXRKT-8TG6W-2B7Q8!'. HarshJ.com. 19 March 2007. Archived from the original on 21 June 2014. Retrieved 22 January 2015.
12. ^'TechRepublic Get IT Done: Change the Product Key on Windows XP'. Articles.TechRepublic.com.^{[permanent dead link]}
13. ^Volume activation: Plan for volume activation: Appendix A: KMS Client Setup Keys, Published: 24 August 2012, Updated: 16 July 2014, https://technet.microsoft.com/en-us/library/jj612867.aspx
14. ^'Microsoft Toolkit - Official KMS Solution for Microsoft Products'. Archived from the original on 3 August 2015.
15. ^'Microsoft Campus-Agreement End-User License-Agreement'. You may not use different versions of different components, such as server software and additional software, unless the license terms for the product expressly permit you to do so.

External links[edit]

Microsoft Kms Vs Mak Keys