[Samba] Volume Activation with Samba AD

Christian Naumer cn at brain-biotech.de
Tue Jul 24 19:57:33 UTC 2018

Am 24.07.2018 um 19:33 schrieb Andrew Bartlett via samba:
> On Tue, 2018-07-24 at 19:15 +0200, Christian Naumer wrote:
>> Am 24.07.2018 um 18:34 schrieb Thomas Glanzmann:
>>> Hello Christian,
>>>> what I meant is not acting as a KMS server but something new Microsoft
>>>> introduced. In windows 10 the tool vor managing Volume Licences asks if
>>>> you have a KMS server or if you want to use AD for activating the
>>>> software. I haven't tried it yet as I would need to setup a test
>>>> environment.
>>>> So I asked here to see if somebody tried it before. I can test this with
>>>> samba but I don't have a Windows AD so can not help there.
>>> from my understanding is. You have a KMS server on the network. You set
>>> a DNS record. Than Windows tries to connect to the KMS server and
>>> activates itself. If you miss that DNS record, you can do it manually:
>>> Here is an example request:
>>> 18:13:08.769942 IP > 54581+ SRV?  _VLMCS._TCP.gmvl.de. (37)
>>> Here is how you do it manually:
>>> slmgr -skms <kmsserver>
>>> slmgr -ato
>> We have a KMS running and it is working fine. However, we don't want to
>> replace this server when 2008R2 is dropped from support. So we are
>> looking for alternatives that do not require Windows servers
>> I mean this here:
>> https://blogs.technet.microsoft.com/askpfeplat/2013/02/04/active-directory-based-activation-vs-key-management-services/
>> So there is a Schema update needed for it to work. I thought this might
>> be possible with samba.
> That seems unlikely, we won't have whatever is in that Volume
> Activation Services Role software.  Even if that is just a client to AD
> (and it just puts enough stuff in AD to operate without any DRM?), you
> would need that around to set it up. 
> But I guess it is worth a try, perhaps after the adprep patches are
> done (started at the end of last year) land which get the domain and
> forest prep stuff done, or if you adprep the Samba domain yourself. 
> It will be an interesting ride...

According to this post from the page above it is just an entry in AD:

"KMS is a "real" service that is running in your environment. All AD
Based-Activation is an object in AD. Once you've run through the wizard
to install the object in AD, you can get rid of it. It won't matter, the
object will remain in AD unless you go and uninstall it. The role
installed on a server is simply to configure the activation and manage
the keys. That server is not being used to perform the activations or
validations. This is very different from KMS where the server IS being
used for activations.



> Andrew Bartlett

Dr. Christian Naumer
Research Scientist
Plattform-Koordinator Bioprozesstechnik

B.R.A.I.N Aktiengesellschaft
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail cn at brain-biotech.de, homepage www.brain-biotech.de
fon +49-6251-9331-30  /   fax +49-6251-9331-11

Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Dr. Juergen Eck (Vorsitzender), Frank Goebel
Aufsichtsratsvorsitzender: Dr. Ludger Mueller

More information about the samba mailing list