To resolve this problem, use one or more of the following methods, as appropriate for your situation.
Method 1: Change the product key to an MAK
If KMS activation will not be used, and if there is no KMS server, the product key should be changed to an MAK. For Microsoft Developer Network (MSDN), or for TechNet, the stock-keeping units (SKUs) that are listed below the media are generally volume licensed-media, and the product key that’s provided is an MAK key.
To change the product key to an MAK, follow these steps:
- Open an elevated command prompt. To do this, use one of the following methods, as appropriate for your OS.
- At the command prompt, type the following command, and then press Enter:
slmgr -ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
Note The xxxxx-xxxxx-xxxxx-xxxxx-xxxxx placeholder represents your MAK product key.
Method 2: Configure a KMS host server for the clients to activate against
KMS activation requires that a KMS host server be configured for the clients to activate against. If there are no KMS host servers configured in your environment, install and activate one by using an appropriate KMS host server key. After you configure a computer on the network to host the KMS software, publish the Domain Name System (DNS) settings. For information about the KMS host server configuration process, see Set up a KMS host on a Windows Server 2008 R2 machine.
For more information about how to set up a KMS server and how to publish the DNS settings, go to the following Microsoft websites:
Method 3: Manually create a KMS SRV record in a Microsoft DNS server
If your network has a KMS host computer set up, and if the client cannot locate a KMS host on the network for activation, follow these steps:
- Verify that the computer that has the KMS host installed and is activated by using a KMS key that’s registered in DNS. To do this, follow these steps:
- Open an elevated command prompt.Windows 7 or Windows Vista (Windows Server 2003)
Select Start > All Programs > Accessories, right-click Command Prompt, and then select Run as administrator. If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.
Windows 8.1 and Windows 10 (Windows Server 2012, Windows Server 2012 R2)
Press Windows logo key+X, and then select Command Prompt(Admin), or right-click the Start button, and then select Command Prompt(Admin). If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.
- At the command prompt, type the following command, and then press Enter:
nslookup -type=all _vlmcs._tcp>kms.txt
- Open the KMS.txt file that’s generated by the command. This file should contain one or more entries that resemble the following entry:
_vlmcs._tcp.contoso.com SRV service location: priority = 0 weight = 0 port = 1688 svr hostname = kms-server.contoso.com
- If these “_vlmcs” entries are present, and if they contain the expected KMS host names, go to Method 4.
- Check the registry to determine whether the KMS host server is registering with DNS. By default, a KMS host server dynamically registers a DNS SRV record one time every 24 hours. To check this setting, follow these steps:
- Start Registry Editor.Windows 7 or Windows Vista
Click Start, type regedit, and then press Enter.
Windows 8.1 and Windows 10
Right-click Start, select Run, type regedit, and then press Enter.
- Locate and then click the following subkey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SLIf the DisableDnsPublishing subkey is present and has a value of 1, the KMS service does not register in DNS.
a If the DisableDnsPublishing subkey is missing, create a new DWORD value named DisableDnsPublishing. If dynamic registration is acceptable, change the subkey value to 0. To do this, right-click DisableDnsPublishing, click Modify, type 0 in the Value data box, and then click OK.
Note By default, this registry key has an undefined value that results in the dynamic registration every 24 hours.
If the DNS Server service does not support dynamic updates, or if dynamic updates are not occurring, the “VLMCS._TCP, SRV” record can be manually registered.
To manually create a KMS SRV record in a Microsoft DNS server, follow these steps:
- On the DNS server, open DNS Manager. To open DNS Manager, click Start, click Administrative Tools, and then click DNS.
- Click the DNS server where you have to create the SRV resource record.
- In the console tree, expand Forward Lookup Zones, right-click the domain, and then click Other New Records.
- Scroll down the list, click Service Location (SRV), and then click Create Record.
- Type the following information:
Service: _VLMCS
Protocol: _TCP
Port number: 1688
Host offering the service: <FQDN_of_KMS_Host>
- When you are finished, click OK, and then click Done.
To manually create SRV records in a BIND 9.x Compliant DNS server include the following information when you create the record.
Note If your organization uses a non-Microsoft DNS server, you can create the required SRV records as long as the DNS server is BIND 9.x compliant.
- Name=_vlmcs._TCP
- Type=SRV
- Priority = 0
- Weight = 0
- Port = 1688
- Hostname = <FQDN or A-Name of the KMS host>
Note The Priority and Weight fields are not used by KMS and are ignored by the KMS client. However, they must be included in the zone file.
To configure a BIND 9.x DNS server to support KMS auto-publishing, configure the BIND server to enable resource record updates from KMS hosts. For example, add the following line to the zone definition in Named.conf or in Named.conf.local:
allow-update { any; };
Method 4: Manually assign a KMS server
By default, the KMS clients use the automatic discovery feature and query DNS for a list of servers that have published the _VLMCS record within the membership zone of the client. DNS returns the list of KMS hosts in a random order. The client picks a KMS host and tries to establish a session on it. If this attempt works, the client caches the server and tries to use it for the next renewal attempt. If the session setup fails, the client picks another server randomly. We highly recommend that you use the automatic discovery feature. However, you can manually assign a KMS server. To do this, open an elevated command prompt on the KMS client.
- Open an elevated command prompt.Windows 7 or Vista (Windows Server 2003)
Click Start, type cmd in the Start Search box, right-click cmd.exe in the results list, and then click Run as administrator. If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.
Windows 10 and Windows 8.1 (Windows Server 2012 R2, Windows Server 2012)
Press the Windows logo key+X, and then select Command Prompt(Admin), or right-click Start, and then select Command Prompt(Admin). If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.
- Use the following commands at an elevated command prompt:
- To assign a KMS host by using the FQDN of the host, type the following command:
cscript \windows\system32\slmgr.vbs -skms <KMS_FQDN>:<port>
- To assign a KMS host by using the version 4 IP address of the host, type the following command:
cscript \windows\system32\slmgr.vbs -skms <IPv4Address><:port>
- To assign a KMS host by using the version 6 IP address of the host, type the following command:
cscript \windows\system32\slmgr.vbs -skms <IPv6Address><:port>
- To assign a KMS host by using the NETBIOS name of the host, type the following command:
cscript \windows\system32\slmgr.vbs -skms <NetbiosName><:port>
- To revert to automatic discovery on a KMS client, type the following command:
cscript \windows\system32\slmgr.vbs –ckms
Method 5: Automatically publish KMS in multiple DNS domains
If the previous methods have not resolved this problem, the problem may be related to the ability of the client to resolve the DNS name of the KMS server or to connect to the KMS server. If this is the problem, follow these steps:
Note Unless otherwsie stated, do the following steps on a KMS client that has experienced the error that is mentioned in the “Symptoms” section:
- At a command prompt, type the following command, and then press Enter:
- From the command results, note the assigned IP address, the DNS server address, and the default gateway address.
- Verify basic IP connectivity to the DNS server by using the ping command. To do this, run the following command.
ping <DNS_Server_IP_address>
Note If this command does not ping the server, this problem must be resolved first.
For more information about how to troubleshoot TCP/IP issues if you cannot ping the DNS server, see the Microsoft TechNet topic Troubleshooting TCP/IP.
- Verify that the search list of the primary DNS suffix contains the DNS domain suffix that the KMS host registered.For the computers that have joined the domain, the DNS automatic discovery of KMS requires that the DNS zone contains the SRV resource record for the KMS host. This DNS zone is the DNS zone that corresponds to either the primary DNS suffix of the computer or to the domain of the Active Directory DNS.
For workgroup computers, the DNS automatic discovery of KMS requires that the DNS zone contains the SRV resource record for the KMS host. This DNS zone is the DNS zone that corresponds to either the primary DNS suffix of the computer or to the DNS domain name that is assigned by the Dynamic Host Configuration Protocol (DHCP). This domain name is defined by the option that has the code value of 15 as defined in Request for Comments (RFC) 2132.
- Verify that the KMS host SRV records are registered in DNS. At an elevated command prompt, type the following command, and then press Enter:
nslookup -type=all _vlmcs._tcp>kms.txt
- Open the Kms.txt file that was generated by this command. This file should contain one or more entries that resemble the following:
_vlmcs._tcp.contoso.com SRV service location:
priority = 0
weight = 0
port = 1688 svr hostname = kms-server.contoso.com
Verify the IP address, host name, and port of the KMS host.
Note If the nslookup command finds the KMS host, it does not mean that the DNS client can find the KMS host. If the nslookup command finds the KMS host, and if you still cannot activate the KMS host server, check the other settings, such as the primary DNS suffix and the search list of the DNS suffix.
The SRV records are registered in the DNS zone that corresponds to the KMS host domain membership. For example, assume that a KMS host joins the contoso.com domain. In this scenario, the KMS host registers its VLMCS._TCP SRV record under the contoso.com DNS zone. Therefore, the VLMCS._TCP.CONTOSO.COM record is created.
If the clients are configured to use a different DNS zone, automatically publish KMS in multiple DNS domains. To do this, follow these steps:
- Log on to a KMS host.
- Open an elevated command prompt.Windows 7 or Vista (Windows Server 2003)
Select Start, type cmd in the Start Search box, right-click cmd.exe in the results list, and then select Run as administrator. If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.
Windows 8.1 and Windows 10 (Windows Server 2012, Windows Server 2012 R2)
Press the Windows logo key+X, and then select Command Prompt(Admin), or right-click Start, and then select Command Prompt(Admin). If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.
- At the command prompt, type regedit.exe, and then press Enter.
- Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SL
- In the navigation pane, select SL.
- Right-click a blank area in the details pane, point to New, and then select Multi-String Value.
- Type DnsDomainPublishList as the name for the new value, and then press Enter.
- Right-click the new DnsDomainPublishList value, and then select Modify.
- In the Edit Multi-String dialog box, type each DNS domain suffix that is published by KMS on a separate line, and then select OK.
- In the Edit Multi-String dialog box, type each DNS domain suffix that is published by KMS on a separate line, and then select OK.Note For Windows 7 and for Windows Server 2008 R2, the format for DnsDomainPublishListdiffers.
For more information, see the Volume Activation Technical Reference Guide.
- Restart the Software Licensing service by using the Service administrative tool. This operation creates the SRV records.
- Verify that the host name that is returned in the last step can be resolved by using a typical method on the KMS client. When the name is resolved, also verify that the IP address that is returned is accurate. If either of these verifications fails, investigate this DNS client resolver issue.
- To use the KMS automatic discovery feature, run the following command at an elevated command prompt to clear any previously cached KMS host names:
cscript C:\Windows\System32\slmgr.vbs –ckms
- If you believe that you have an SRV record issue, you can troubleshoot it by using one of the commands that are documented in “Method 4” to statically specify a KMS host. The following commands can be used to determine whether this is a name resolution issue or an SRV record issue. If none of these commands resolves the problem, you may be encountering a blocked port or an inaccessible host (see the “More Information” section).Run the following commands:
cscript \windows\system32\slmgr.vbs -skms <KMS_FQDN>:<port>
cscript \windows\system32\slmgr.vbs –ato
If these commands resolve the problem, this is an SRV record issue. To fix it, you must troubleshoot the SRV record.
If these commands do not resolve the problem, run the following commands:
cscript \windows\system32\slmgr.vbs -skms <IP Address>:<port>
cscript \windows\system32\slmgr.vbs –ato
If these commands resolve the problem, this is most likely a name resolution issue.
The 1688 TCP port is used for the activation communication between the KMS client and the KMS host. If the communication seems to be blocked, check the firewall configurations or anything else that may block the 1688 TCP port.
The Wiert Corner - irregular stream of stuff 