The Issue
All of a sudden when users log into our VDIs, they are getting a pop up message advising them that Office 2010 is not activated. Nothing appears to have changed and so we will do some investigation into what is happening.
Issues with application virtualization
There are some fantastic benefits for using application virtualization however there are a few disadvantages as listed below.
- Application virtualization means all apps can be centralised and controlled however some apps may not be suited to this.
- Over time, an original software vendor may not support the use of ThinApp or other tools like it
- Software that installs or requires some kind of kernel mode driver will in most cases be impossible to capture in the application virtualization software. For example, you cannot create a ThinApp of VMware Workstation. When VMware Workstation installs, it adds drivers to the underlying Windows OS and modifies the underlying network infrastructure as well. This limitation also extends to scanner software and webcam software.
- Although you can have three different versions of Acrobat Reader or Microsoft Word simultaneously running fine on one OS, only one of them can “own” the file associations of the application. So when you double-click on a PDF file, the question would be which ThinApp would be used as the default application? Most application virtualization vendors have a method of setting a preference. In the case of View, it uses an .INI file
- You will really want to use applications which allow for bulk activation, or even bypass the activation process altogether. However, ThinApp obviously doesn’t change your application vendor’s license policy, it merely captures the install you would have done if you didn’t own some kind of application virtualization software. So, if you want to run 20 copies of an application, and the vendor says you need a special unique TXT file for each application that runs, the same restriction would apply to a ThinApp.
- You will need a clean Windows install every time you capture an app, so that there are no dependencies present during the capture process. This avoids a situation where a .NET application refuses to function because the source OS had .NET installed before the capture process, and it was therefore ignored. When the virtual application is loaded on the destination it might fail because .NET is not installed.
- Do you want the user being notified about software updates? Edit all settings before capturing.
- Some organizations decide that large multi-app application suites like Microsoft Office are better installed locally to the virtual desktop, leaving application virtualization to deliver strategic applications. This is not dissimilar from how companies use Citrix XenApp to deliver mission critical services like email and database access, but still continue to install applications locally. It remains to be seen whether such approaches remain popular as application virtualization technology matures.
So what’s going on?
It looks like the reason our Microsoft Office applications will not activate is because the CMID (Client Machine ID) for the Office suite is the same across all of our virtual desktops. This can happen if you forgot to rearm the Office 2010 suite before you deployed your new VMware View pool. Failure to rearm the Office 2010 suite will mean that all of the cloned virtual desktops, although quickprepped or sysprepped with new CMID for the Windows operating system, will retain the old Office 2010 CMID.
Are your VDIs using the same CMID?
Run the following command in cmd.exe or PowerShell to see the CMID
You can then do one of two things
- Re-arm all the Virtual Desktop’s Office Suite via a script or if there are many VDI VMs it is best to modify the master image.
What is Volume Activation?
Volume Activation is a product activation technology that was first introduced with Windows Vista and Windows Server 2008. It is designed to allow Volume License customers to automate the activation process in a way that is transparent to end users.
What is a KMS Server?
The Key Management Service (KMS) is an activation service that allows organizations to activate systems within their own network, eliminating the need for individual computers to connect to Microsoft for product activation. It does not require a dedicated system and can be easily co-hosted on a system that provides other services.
KMS requires a minimum number of either physical or virtual computers in a network environment. These minimums, called activation thresholds, are set so that they are easily met by Enterprise customers.
- Activation Thresholds for Windows – Your organization must have at least five (5) computers to activate servers running Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 and at least twenty-five (25) computers to activate client systems running Windows Vista, Windows 7, or Windows 8.
- Activation Thresholds for Office – Your organization must have at least five (5) computers running Office 2013, Project 2013, Visio 2013, Office 2010, Project 2010, or Visio 2010 to activate installed Office products using KM
Am I running a KMS Server?
To find out if you are running a KMS server anywhere on your network, you can do the following
- Log into DNS
- Go to Servername
- Go to Forward Lookup Zones
- Go to your <domain>
- Go to _tcp > _VLMCS
- You should then see the servers that are KMS Servers. Note I have had to blank out our names but you should be looking at the _VLMCS section.
- You can also type in nslookup -type=srv _vlmcs._tcp.[your_domain].local and this will give you your KMS servers
You can also log into a cmd.exe prompt or PowerShell and run the following which will show you more KMS Information
Install Microsoft Windows 2008 R2 Key Management Service (EASY)
- The most difficult part is locating your KMS Key! If you have a Microsoft License agreement, log into the the Microsoft Volume License Service Center, and retrieve the KMS License Key for your produc
- Note: To License/Activate Server 2008 R2 AND Windows 7 THIS IS THE ONLY KEY YOU NEED. You do NOT need to add additional keys for Windows 7. (You DO for Office 2010, but I’ll cover that below)
- When you have your new key, you simply need to change the product key on the server that will be the KMS server, to the new key. Start > Right Click “Computer” > Properties. (Or Control Panel > System). Select “Change Product Key” > Enter the new KMS Key > Next
- You will get a warning that you are using a KMS Key > OK. You may now need to activate your copy of Windows with Microsoft, if you can’t get it to work over the internet you can choose to do it over the phone.
- Sometimes you may need to allow access through the local firewall for the “Key Management Service”, (this runs over TCP port 1688)
- That is all you need to do. Your KMS Server is up and running
- Next to license any more keys you will need to run the following command in cmd.exe as an Administrator or PowerShell
- Next we need to activate the server. Follow the onscreen prompts and it should tell you it was successfully added.
Before it will start working, you need to meet certain thresholds, with Windows 7 clients it WONT work till it has had 25 requests from client machines. If you are making the requests from Windows 2008 Servers then the count is 5. (Note: For Office 2010 the count is 5 NOT 25)
- There is no GUI console for KMS to see its status, so run the following command on the KMS server;
- Next. Installing Office KMS Keys
An Office 2010 KMS host is required if you want to use KMS activation for your volume license editions of Office 2010 suites or applications, Microsoft Project 2010 or Microsoft Visio 2010. When Office 2010 volume edition client products are installed, they will automatically search for a KMS host on your organization’s DNS server for activation. All volume editions of Office 2010 client products are pre-installed with a KMS client key, so you will not need to install a product key.
This download contains an executable file that will extract and install KMS host license files. Run this file on either 32-bit or 64-bit supported Windows operating systems. These license files are required for the KMS host service to recognize Office 2010 KMS host keys. It will also prompt you to enter your Office 2010 KMS host key and activate that key. After this is done, you may need to use the slmgr.vbs script to further configure your KMS host.
- First locate your Office 2010 KMS Key! If you have a Microsoft License agreement, log into the the Microsoft Volume License Service Center, and retrieve the KMS License Key for “Office 2010 Suites and Apps KMS”
- Download and run the “Microsoft Office 2010 KMS Host License Pack“.
- When prompted type/paste in your “Office 2010 Suites and Apps KMS” product key > OK. It should accept the license key
What is Best Practice for dealing with VDIs and License Keys?
It is considered best practice when dealing with View to utilize a KMS server. KMS is preferred (although either KMS or MAK may be used) because each time a computer is activated using a MAK, one activation is decremented. This applies to both physical and virtual computers
Frequently Asked Questions
https://www.microsoft.com/en-us/licensing/existing-customer/FAQ-product-activation.aspx
Great Link for KMS (Thanks to Pete Long)
http://www.petenetlive.com/KB/Article/0000582.htm