Migrate to ADBA and Stop fighting with KMS

By /

Introduced in Windows 8 and Server 2012, Active Directory-Based Activation (ADBA) modernizes enterprise license management. By storing activation objects directly within the Active Directory configuration partition, ADBA eliminates the single-point-of-failure risk and maintenance overhead associated with dedicated KMS host machines.

Key Points

  • Supported Operating Systems & MS Office: Windows 8 and later, Server 2012 and later; MS Office 2013 and later.
    Windows 7, Server 2008 R2 and prior; Office 2010 and prior cannot use ADBA and still require a traditional KMS host.
  • Downward Compatibility: Much like traditional KMS, a higher-version Windows Server Customer Specific Volume License Key (CSVLK) activates lower-tier client and server operating systems. For example, if a Windows Server 2019 activation object exists in AD, you do not need to install a separate Windows 10 key.
  • LDAP Path: ADBA objects are stored globally within the Active Directory Configuration naming context:
    CN=Activation Objects,CN=Microsoft SPP,CN=Services,CN=Configuration,DC=[YourDomain],DC=[TLD]

Implementation

Role Installation

Prerequisites require provisioning the management tooling on an administrative server.

  • Install the Volume Activation Services role via Server Manager or PowerShell:
Install-WindowsFeature VolumeActivation -IncludeManagementTools

Managing OS Activation Objects

  • Launch the Volume Activation Tools wizard.
  • Select Active Directory-Based Activation.
  • Enter your CSVLK (KMS Host Key) and provide a clear display name for the AD object.
  • Activate online or via telephone.

Extending ADBA for Microsoft Office

To activate volume-licensed versions of Office via ADBA, the server running the Volume Activation Services tools must first be extended with version-specific vendor manifests. You must download and install the specific Office Volume License Pack executable on the management server before the keys can be activated.

Once the VL Pack is installed, re-run the Volume Activation Tools wizard to input and commit your Office CSVLK to the AD configuration partition.

Cleaning Up

You’ve got a few things to address, so don’t skip the cleanup work.

DNS – clean up tasks

  • Open DNS Manager – dnsmgmt.msc
  • Expand Forward Lookup Zones and select your internal domain zone.
  • Locate and expand the _tcp subfolder.
  • Locate the _vlmcs SRV record pointing to your old KMS host, right-click, and select Delete.

KMS Server – clean up tasks

  • Disable automatic DNS publishing
    cscript slmgr.vbs /cdns
  • Uninstall the KMS Host Product Key (CSVLK)
    cscript slmgr.vbs /upk
  • Clear the key from the registry to secure it
    cscript slmgr.vbs /cpky
  • Restart the Software Protection Service to commit changes
    net stop sppsvc && net start sppsvc

Client Side Troubleshooting

Since few things ever just work, here’s some stuff to use for troubleshooting

  • Clear any manually cached KMS host names and force auto-discovery (ADBA)
    cscript slmgr.vbs /ckms
  • Force immediate background activation against AD
    cscript slmgr.vbs /ato
  • Display verbose license info to verify “AD Activation” status
    cscript slmgr.vbs /dlv
  • To ensure no hidden or accidental KMS hosts are still broadcasting on your network, run this from any workstation:
    nslookup -type=srv _vlmcs._tcp
Hello World Featured Image

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by
Scroll to Top