Active Directory Activation makes it possible to
store activation object within the Active Directory schema, therefore
simplifying the management of licenses within a Windows-based infrastructure.
Although in some environment Key Management Service (KMS) will probably still
be required, as AD Activation is only supported on Windows 8/Server 2012 and
above at this time. Traditionally KMS has been a nightmare service to manage
due to it being managed entirely from the CLI. It looks like Microsoft are
trying to move away from this with AD Activation being the replacement.
Please note - KMS and Active Directory Activation
CAN be running simultaneously.
If you have a mixed environment with KMS & AD
Activation the activation order is;
·
Active Directory-based Activation
·
KMS Activation
·
MAK Activation
There are not many requirements for Active Directory Activation, the only one is that you
have at least one Domain Controller in your domain running Windows Server 2012
or later, this ensure the domain has the 2012 schema extensions. This should
not be confused with the domain/forest functional levels.
Domain Controllers running older versions of
Windows Server can still participate in AD Activation as the objects are
replicated to the entire schema.
Install the Volume Activation Services (VAS) from
Server Manager, it is a Server Role.
Once installed click VA Services, right
click and select Volume Activation Tools.
Click Next on the Introduction to
Volume Activation Services wizard pane.
Click Active Directory-Based Activation and
click Next.
Paste in your KMS key into the Install your
KMS Host Key dialog box. If you have to install multiple KMS keys, which
you probably will as there are separate keys for Windows 8, Windows Server etc
you must run through this part multiple times. When you do this the wizard
writes to the AD schema.
The KMS Keys have to be validated by either phone
or over the Internet.
Once the wizard has completed you can check by
using ADSI Edit open a connection to the Configuration Container.
Expand CN=Configuration/CN=Services/CN=Microsoft
SPP/CN=Activation Objections if you are running AD-based Activation for the
first time this should now exist. If you have added multiple KMS keys there
will be multiple entries in the CN=Activation Objects directory.
The Software Protection service on Windows looks for the AD-based Activation, to check if your devices are being activated by AD Activation restart and then run slmgr /dli
