Overview

I recently had a client needing to upgrade their existing KMS 2012 to 2022 since we recently upgraded the internal PKI 2012. I wanted to capture the key information about KMS and the steps I used to migrate.

What is KMS?

Key Management Services (KMS) uses a client-server model to active clients and is used for volume activation. KMS clients connect to a KMS server, called the KMS host, for activation. The KMS host must reside on a local network.

KMS hosts do not need to be dedicated servers, and KMS can be cohosted with other services. You can run a KMS host on any physical or virtual system that is running a supported Windows Server or Windows client operating system. A KMS host running on a Windows Server operating system can activate computers running both server and client operating systems, however a KMS host running on a Windows client operating system can only activate computers also running client operating systems.

To use KMS, a KMS host needs a key that activates, or authenticates, the KMS host with Microsoft. This key is sometimes referred to as the KMS host key, but it is formally known as a Microsoft Customer Specific Volume License Key (CSVLK). You can get this key from the Product Keys section of the Volume Licensing Service Center for the following agreements: Open, Open Value, Select, Enterprise, and Services Provider License. You can also get assistance by contacting your local Microsoft Activation Center.

Operational Requirements

KMS can activate physical and virtual computers, but to qualify for KMS activation, a network must have a minimum number of computers (called the activation threshold). KMS clients activate only after this threshold is met. To ensure that the activation threshold is met, a KMS host counts the number of computers that are requesting activation on the network.

KMS hosts count the most recent connections. When a client or server contacts the KMS host, the host adds the machine ID to its count and then returns the current count value in its response. The client or server will activate if the count is high enough. Clients will activate if the count is 25 or higher. Servers and volume editions of Microsoft Office products will activate if the count is five or greater. The KMS only counts unique connections from the past 30 days, and only stores the 50 most recent contacts.

• KMS activations are valid for 180 days, a period known as the activation validity interval.
• A single KMS host can support an unlimited number of KMS clients.
• After the first KMS host is activated, the CSVLK that is used on the first host can be used to activate up to five more KMS hosts on your network for a total of six.

Network Requirements

KMS activation requires TCP/IP connectivity. KMS hosts and clients are configured by default to use Domain Name System (DNS). KMS hosts use DNS dynamic updates to automatically publish the information that KMS clients need to find and connect to them. You can accept these default settings, or if you have special network and security configuration requirements, you can manually configure KMS hosts and clients.

By default, a KMS host is configured to use TCP on port 1688.

Activation Versions

The following table summarizes KMS host and client versions for networks that include Windows Server and Windows client devices.

Important: Windows Updates might be required on the KMS server to support activation of newer clients. If you receive activation errors, check that you have the appropriate updates listed below this table.

Migrate Steps for KMS:

1. Uninstall the KMS host key first by running the following command:
   1. slmgr -upk
2. Install the default KMS key by running the following command:
   1. slmgr /ipk [KMS Client Setup Key]
   2. The default KMS client setup keys can be found here: http://technet.microsoft.com/en-us/library/cc303280.aspx
3. Delete the record from the DNS by opening the DNS console:
   1. Expand _tcp node under the domain.com.
   2. There will be a record _VLMCS. 
   3. Delete the record above.
4. The KMS server is uninstalled.
5. To install KMS on a new server, enter: cscript C:\windows\system32\slmgr.vbs /ipk <KmsKey> then to activate the KMS host, enter: cscript C:\windows\system32\slmgr.vbs /ato
6. After activation is complete, restart the Software Licensing Service.
7. Verify that the record is created for the new server in the DNS.
   To verify that the KMS host is configured correctly, you can check the KMS count to see if it is increasing.
   1. Run slmgr.vbs /dli on the KMS host to obtain the current KMS count.
   2. You can also check the Key Management Service log in the Applications and Services Logs folder for 12290 events, which records activation requests from KMS clients. Each event displays the name of the computer and the time-stamp of an individual activation request.