More on Provisioning Services and KMS

Last fall, we posted about Citrix Provisioning Services and Microsoft KMS activation. To briefly recap, here’s the issue:

  • When you convert a Windows 7 OS image to a shared image for provisioning, it breaks the Microsoft license key.
  • The way you deal with that is to use Microsoft’s Key Management Services (KMS) to auto-activate systems as they boot.
  • A KMS server must have a minimum number of systems checking in for activation before it will activate anything (5 different server systems must check in before it will begin activating servers, and an aggregate of 25 servers and/or workstations must check in before it will begin activating workstations.)
  • If your KMS server is running on Windows Server 2008 R2, both physical and virtual systems will increment the counter. If it’s running on an earlier server version, only physical systems will increment the counter.

In the comment thread of that earlier post, “Chris” stated that he was trying to use Provisioning Server to provision Windows 7 systems, but that they were not incrementing the counter on the KMS server. It turns out that he was absolutely right, and I thought this was important enough to bump the issue by writing another post rather than just going back and commenting on the older one.

It turns out that, although Provisioning Server changes the host name as systems boot, it does not change the machine ID (“CMID”). And, unfortunately, the CMID is what a KMS server looks at to determine whether a machine that’s checking in is a new one that hasn’t previously checked in. Therefore, all of your provisioned Windows 7 systems will look to the KMS server like the same system checking in over and over again, and will not continue to increment the threshold counter.

According to a blog post by Thomas Koetzing a couple of weeks ago, Citrix has told him that this will be fixed in the next release of Provisioning Services, scheduled for sometime in Q4.

Frankly, I’m pretty disappointed by this whole issue. Windows 7 has been out now for almost a year. The big push by both Citrix and Microsoft is that XenDesktop is a great way to roll out Windows 7. Provisioning Services is a must for any significant VDI deployment, because otherwise you eat up far too much of your expensive SAN storage. But yet we’re still stuck in a situation where we can’t use Provisioning Services to provision Windows 7 unless we have at least 25 physical systems checking in with our KMS server for activation. In my opinion, there is no excuse for this issue not being addressed long ago…particularly when it’s been a known issue since the release of Windows Vista.

I did find a workaround described by Kirk Kosinski in a Citrix forum post:

What I did was create a VM with VL media, sysprep and power off, convert to a template, then deploy the template 25 times and boot each VM once (a few required a reboot before contacting the KMS for whatever reason). My KMS server could then activate clients successfully, at least for a while… the activation count will decrease over time if the machine doesn’t contact the KMS server, so you will periodically need to redo this process.

The VMs don’t have to join the domain to activate so you don’t need a complicated sysprep script, just make sure to not include any license key in the script…

This strikes me as a bit of a pain, particularly when you’ve got to do it every six months or so to keep your systems alive, but it should at least work until Citrix and Microsoft get this sorted out.

About Sid Herron

Sid Herron has been involved with Citrix technology since the days of WinFrame (the NT v3.51 product). He has held a number of sales and marketing management positions within the company, and is currently Director of Channel Sales.

7 Thoughts on “More on Provisioning Services and KMS

  1. But what if you already have an existing KMS server that works with an older Cirtix environment? We are trying to upgrade to use PVS 6.1, but nothing we do will keep the activation’s on the new desktops.
    They all start up with message that windows will automatically activate in three days, please activate now. My KMS server sees them within ten minutes and activates them. When you restart the three day message comes back. After three days the desktops all then say license invalid, please enter new key. Any ideas? Citrix has been terrible with support for this.
    Thank you

  2. Geoff Keate on March 12, 2013 at 9:27 am said:

    Fantastic script and just what I needed. Windows does whinge at you about unlawful acts etc, but it does what it needs to. No more nursing 25 bad tempered greedy Windows 7 vms in order to prime my KMS. I do wish MS would realize what a complete PINA having to do this is for those of us using VDI.

  3. HI,

    ok the Script with Windows 7 is working fine. But noch i have to activate Microsoft Office Pro Plus,
    andy idea how i can activate this via script.

    Thx for your helpt.

    Chris from Austria

  4. None on June 22, 2012 at 3:31 pm said:

    Is that your unique product key in the code?

  5. Marcus on March 11, 2011 at 6:53 am said:

    An easier way is to run up one Windows 7 vm then just execute this script i have created within it, It will increment the KMS counter to 25.


    REM Increment KMS to 25 so it starts activating clients
    REM save as a bat file.
    REM Windows 7 Enterprise inbuilt KMS Client key used in this one.

    setLocal EnableDelayedExpansion

    set /p X=how many time do you want to run
    set /a N+=1
    if !N! gtr !X! goto :eof
    echo your task goes here
    taskkill /im sppsvc.exe /f
    net stop sppsvc /y

    del C:WindowsServiceProfilesNetworkServiceAppDataRoamingMicrosoftSoftwareProtectionPlatformtokens.dat /q
    del C:WindowsServiceProfilesNetworkServiceAppDataRoamingMicrosoftSoftwareProtectionPlatformtokens.dat.bak /q
    attrib -H C:WindowsSystem32*.C7483456-A289-439d-8115-601632D005A0
    del C:WindowsSystem32*.C7483456-A289-439d-8115-601632D005A0 /q

    rem net start sppsvc /y

    cscript %systemroot%system32slmgr.vbs -ipk 33PXH-7Y6KF-2VJC9-XBBR8-HVTHH
    cscript %systemroot%system32slmgr.vbs /ckms
    cscript %systemroot%system32slmgr.vbs /ato
    goto :loop

    Have fun


  6. Pingback: Citrix Fixes the Provisioning Services - KMS Activation Problem! | Moose Logic Blog

  7. Pingback: Desktop Virtualization for the SMB | Moose Logic Blog

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Post Navigation