Thursday, March 17, 2016

Azure VM Activation

Azure VM Activation fail

One of the great things of Microsoft Azure is that license cost of the operating system is included in the running cost of the virtual machine. That saves you the hassle of having to procure operating system licenses and activating them through the internet or via your own KMS server.

This method Azure uses to active your server licenses is unfortunately not fool proof. It's dependent on the Microsoft Azure KMS service. This service needs to be available.

The KMS service that Azure VMs connect to is kms.core.windows.net and listens on port 1688. If you can't connect it for any reason you'll find your server reporting that it's not activated. The screenshot below indicates a Windows 2012R2 server which isn't activated..

Windows Server 2012 - Activate Windows

So why and how does it break?

The service stops functioning when your Azure virtual machine is no longer able to connect the the Microsoft Azure KMS server. Either because it cannot connect, or because the service is not available. Let's assume that the service is always available and therefore it's an issue on your virtual machine.

I myself have run into this issue due to the following. And I'll describe how I resolved this.

In the first scenario we migrated virtual machines from on premises infrastructure (vmware) to Microsoft Azure. The VMs were moved using DoubleTake Move and Azure Site Recovery.

After migration we found that the virtual machine would no longer be activated. Which makes absolute sense as the virtual machine in question was still pointing at the on premises KMS server!

To Update the Azure Virtual Machine run through the following commands.

1. Logon to the Azure Virtual Machine
2. Open PowerShell as a Administrator
3. Run the following command:
iex “$env:windir\system32\cscript.exe $env:windir\system32\slmgr.vbs /skms kms.core.windows.net:1688″

It should return the following:
Key Management Service machine name set to kms.core.windows.net:1688 successfully.
4. After that we'll run the command to activate the server.
 iex “$env:windir\system32\cscript.exe $env:windir\system32\slmgr.vbs /ato”
5. Which will if connectivity is working correctly result in the following.

Activating Windows(R), ServerDatacenter edition (12345678-1234-1234-1234-12345678) …
Product activated successfully.

Activating Windows






But what if this still won't work?
You might actually find that this doesn't work. And it could manifest itself with the following error.

Error: 0xC004F047 The Software Licensing Service reported that the computer could not be activated. No Key Management Service (KMS) could be contacted. Please see the Application Event Log for additional information.

Failed Activation

Hmm ok. Well it's likely to be due to network connectivity. To confirm what's wrong by running ping kms.core.windows.net. As per screenshot below in my case I couldn't even resolve the name. Let alone connect to it.

Connectivity test

Solution:
In my case it was all due to a name resolution. The virtual machine I was working on did not have a functioning DNS server to look up kms.core.windows.net. Therefore it could not contact the KMS server. This was simply resolved by adding kms.core.windows.net into the hosts file located in c:\windows\system32\drivers\etc.

Update the hosts file with the following entry.

23.102.135.246 kms.core.windows.net

Update host file

After this repeat the basic connectivity test by running ping kms.core.windows.net. Confirm it can now resolve the name. The ping can time out. It's just for the name resolution.

Resolution working
After this run the KMS activation command again and confirm your success!

Activation completed!

Hope you enjoyed this article. Any comments please feel free to leave feedback.


No comments:

Post a Comment