Deploying Windows XP is as easy as sysprep’ing a sample installation, throw in an answer file in the mix with a Volume License Key (VLK) and rolling out the newly created image with your preferred distribution method. A volume Windows XP product key is easily attained by buying a 5 PC equivalent Volume License and using it to roll out all your computers. Since a volume license key in the Windows XP era isn’t checked by Microsoft after deployment you’re fine. (Note: the Windows XP edition needs to be the same as the Windows XP OEM edition that came with your PCs)

In Windows Vista and Windows 7, however, Microsoft checks your license after deployment: It is called 'activation'. This method bears resemblance with the way Windows XP OEM activation works. You will now need to purchase the same amount of volume license keys as you have PCs. Furthermore, when you have a large amount of PCs, it is wise to invest in an activation infrastructure.

Some things work differently between Windows XP and Windows 7. When exchanging Windows XP for Windows 7, you will run into all this new activation stuff. No worries, Active Directory is here to help to soften the burden.

Microsoft Activation

Windows Activation Technologies (WAT), the new name for Windows Genuine Advantage (WGA), help use genuine copies of Windows 7 Home Premium, Windows 7 Professional, Windows 7 Enterprise, Windows 7 Ultimate, Office Standard 2010 and Office Professional Plus 2010. Microsoft helps by providing four ways to activate:

• Key Management Services (KMS) Activation
• Custom Windows Activation with Volume Activation Management Tool (VAMT) 2.0
• Multiple Activation Key Activation
• Retail (or FPP) Activation
• Original Equipment Manufacturers (OEM) Activation

These four technologies in the list above are sorted by organization size.

Large organizations

In environments with at least one Windows Server 2003 or Windows Server 2008 R2-based server, KMS activation is the preferred activation method for both Windows 7 and Office 2010. It’s also the default activation technology used by volume licensed installations.

Note:
A Windows Server 2008-based KMS host server can be patched to allow Windows 7 activation, but it won’t be able to activate Office 2010. In this scenario either use a Windows 7 installation as the basis for your KMS host or upgrade the server to Windows Server 2008 R2. (requires a new license)

Note:
On a Windows Server 2003-based KMS host server you will need to install at least Service Pack 2. Then, install KMS 1.2 by following the instructions in Microsoft Knowledgebase 968915.

Note:
On Windows 7 and Windows Server 2008 R2-based KMS host servers download and install the Microsoft Office 2010 KMS Host License Pack for Office Activation.

With KMS, client computers connect to the local KMS host to activate the first time (after a 30-day grace period for Windows and a 25-day grace period for Office), then they reconnect every seven days (configurable) to keep the 180-day license period and the corresponding activation for Windows and Office current. KMS is capable of activating an unlimited number of computers, so it can be used for a volume license agreement of any size, as long as a minimum of 25 Windows 7 hosts (physical or virtual) are activating through the KMS host.

Small to medium sized organizations

KMS Activation may not be the preferred activation technology for every environment. Particularly non-Internet connected infrastructures (where the KMs host can’t communicate with Microsoft), environments with less than 25 (Windows Server 2008 R2 and/or Windows 7) hosts, and laptops that don’t check in every 180 days (and thus will lose their initial activation) are reasons not to use KMS activation.

Multiple Activation Key (MAK) Activation would be the weapon of choice in these scenarios. MAK Activation is a one-time activation method using the Microsoft activation services.

In these situations, I recommend you use the Volume Activation Management Tool (VAMT) 2.0. This tool offers proxy activation (where the host running VAMT acts as a proxy towards Microsoft), license reporting and advanced license management, combining both KMS, MAK and Retail activation management in one tool.

Small Organizations (< 5 PCs)

Small organizations under five PCs don’t purchase volume licenses and have the options:

• Use the pre-installed OEM installations with its own one-time activation method
• Install a Microsoft product from a purchased Full Packaged Product (FPP) and activate the Windows license manually within 30 days. The Windows Activation Technology will try and reactivate with Microsoft every 90 days (configurable to every 365 days).

Active Directory and Activation

Active Directory and KMS Activation

In many environments, KMS Activation will be the easiest way to activate volume licensed Windows 7 installations. Active Directory can help you through activation by offering you to host a KMS SRV record. In environments with multiple sites, KMS Servers can be pointed to on a site by site basis.

That way, Active Directory saves inter-site bandwidth and enables activation management per site. Active Directory doesn’t even have to do anything special; site affinity functionality is built-in!

The high-level steps to configure a KMS Activation infrastructure for Windows 7 activation include:

1. Assign a Windows Server 2008 R2 host as the KMS host per Active Directory site.
2. (optionally) install the Microsoft Office 2010 Host License Pack on the server too.
3. (create a Group Policy to) Allow traffic on TCP 1688 through the Windows Firewall on the KMS host.
4. Use the KMS Product Key from the Volume Licensing Service Center (VLSC), TechNet or MSDN website on the KMS host to activate it, by issuing the following four consecutive commands on an elevated prompt:     slmgr.vbs /ipk ABCDE-FGHIJ-KLMNO-PQRST-UVWXY
        slmgr.vbs /sdns
        net stop slsvc
        net start slsvc
   
5. (optionally) Tweak KMS SRV records for the KMS host in DNS. (more info here)
6. (optionally) Introduce additional KMS hosts per site.
7. (create a Group Policy to) Allow the connection for Windows Management Instrumentation (ASync-In), Windows Management Instrumentation (DCOM-In), and Windows Management Instrumentation (WMI-In) in the Domain Profile for Windows Firewall for the Organizational Unit where the KMS clients will reside.
8. Deploy Windows 7. In answer files use the Product Keys you find here.
9. Run slmgr.vbs /dli on the KMs host(s) to display the current KMS count.

Active Directory and MAK Activation

Even when you’re not using KMS activation, Active Directory can help. Managing Multiple Activation Keys with the Volume Activation Management Tool (VAMT) adds significant value to using Multiple Activation Keys on a host by host basis.

For instance, using the VAMT, you can remotely update product keys and activation methods. For these neat little tricks, VAMT needs administrative privileges on the remote hosts and WMI access to the remote hosts. Both can be easily and centrally achieved using Active Directory user accounts and Group Policies.