Activation and Registration Associated with a New Installation or an Upgrade

(Note: This topic describes not just Windows XP Professional with Service Pack 2, but also Windows XP Professional with Service Pack 3.)

On This Page

Purposes of Activation and Registration Associated with a New Installation or an Upgrade
Overview: Activation and Registration in the Context of a Managed Environment
How a Computer Communicates with Sites on the Internet During Activation and Registration
Choosing Volume Licensing So That Individual Product Activation Need Not Take Place
Procedure for Preventing Online Product Registration with Microsoft

Purposes of Activation and Registration Associated with a New Installation or an Upgrade

This subsection briefly describes the differences between product activation and registration, and then describes the purpose of each.

Product registration involves the provision of personally identifiable information, such as an e-mail address, to Microsoft for the purpose of receiving information about product updates and special offers. Registration is usually done on a per-product basis and is not required. If registration is completed, all registration information is stored using a variety of security technologies. When you register, you can specify what kinds of communication you wish to receive and whether your information can be used in particular ways. For example, if you provide a mailing address during registration, you can specify whether your mailing address can be shared with other companies. Other than the uses you specify, your registration information is never loaned or sold outside Microsoft.

Product activation involves the authentication with Microsoft of nonpersonally identifiable information, including the product identifier for Microsoft Windows XP Professional with Service Pack 2 (SP2) and a hardware hash representing the computer, for the purpose of reducing software piracy. (A hardware hash is a non-unique number generated from the computer's hardware configuration.) Activation of Windows XP is required in situations where the product is not purchased through a volume licensing program such as Microsoft Select License, Microsoft Enterprise Agreement, or Microsoft Open License. Many computer manufacturers can bypass activation on software preinstalled on a new computer by binding the software to the computer’s basic input/output system (BIOS). In this situation, no activation of that software is required. Detailed information about product activation can be found on the Microsoft Web site at:

https://go.microsoft.com/fwlink/?LinkId=29484

For more information about volume licensing, see "Choosing Volume Licensing So That Individual Product Activation Need Not Take Place," later in this section.

Activation is aimed at reducing software piracy as well as ensuring that Microsoft customers are receiving the product quality that they expect. Activation means that a specific product key becomes associated with the computer (the hardware) it is installed on. After that happens, that product key cannot be used for activation on other computers (unless the owner is enrolled in a special program that permits additional activations, for example, a program through the Microsoft Developer Network [MSDN]).

Overview: Activation and Registration in the Context of a Managed Environment

Product activation is an anti-piracy technology designed to verify that software products have been legitimately licensed. If you have software re-imaging rights granted under a Microsoft volume license agreement, and if you obtained Windows XP Professional with SP2 through a retail channel or preinstalled by the computer manufacturer, you can re-image it with Windows XP Professional with SP2 licensed through one of the Microsoft volume licensing programs. With volume licensing, there is no need to perform product activation.

Product registration involves the provision of personally identifiable information, such as an e-mail address, to Microsoft for the purpose of receiving information about product updates and special offers. In a managed environment, you might want to prevent users from registering the product with Microsoft. You can use Group Policy to do this.

How a Computer Communicates with Sites on the Internet During Activation and Registration

Windows XP with SP2 can be activated through the Internet or by phone. When it is activated through the Internet, Windows XP with SP2 communicates with Web sites as follows:

  • Specific information sent or received: During activation of Windows XP with SP2, the following information is sent to the activation server at Microsoft:

    • Request information, that is, protocol information necessary for successfully establishing communication with the activation server.

    • Product key information in the form of the product ID, plus the product key itself.

    • A hardware hash (a non-unique number generated from the computer's hardware configuration). The hardware hash does not represent any personal information or anything about the software. It is based on the MD5 message-digest hash algorithm, and consists of a combination of partial MD5 hash values of various computer components. The hardware hash cannot be used to determine the make or model of the computer, nor can it be backward-calculated to determine the raw computer information.

    • Date and time.

    • The language being used on the system (so that any error message that is sent back can be in the correct language).

    • The operating system being activated (and the version number of the activation software).

    Depending on the owner’s preference, the preceding information is either sent over the Internet to the activation system at Microsoft, or the product key information and hardware hash (combined into one number) are called in by phone.

  • Default setting and ability to disable: Product activation can only be disabled by installing the operating system with software acquired through one of the Microsoft volume licensing programs. Product activation can be bypassed by many computer manufacturers if they bind the product to the computer’s BIOS instead. In all other cases, product activation cannot be disabled.

  • Trigger and notification for activation: When activation is required, the operating system provides a reminder each time a user logs on and at common intervals until the end of the activation grace period stated in the End-User License Agreement (thirty days is the typical grace period). With software acquired through one of the Microsoft volume licensing programs, there is no need for activation, and therefore there are no reminders that appear about activation.

  • Trigger and notification for registration: Registration is optional. A user can register at activation time by choosing appropriate options on the Windows Product Activation interface. As an alternative, a user can type regwiz /r to start the Registration Wizard for Windows XP with SP2. Before the wizard starts and in the first page of the wizard, brief explanations notify the user that completing the wizard will cause the product to be registered.

  • Logging: Entries that track the progress of activation and registration (for example, return codes and error codes) are logged into a text file, systemroot\setuplog.txt. This file can be used for troubleshooting if activation (or any part of setup) fails. If the owner of Windows XP chooses to register the product, two entries are made in this text file. One entry records the country or region that was chosen for the operating system. A second entry records whether the owner chooses to have Microsoft (or the computer manufacturer) send information about product updates and special offers. No other registration data is logged.

  • Privacy, encryption, and storage for activation data: Customer privacy was a paramount design goal in building the product activation technology. No personally identifiable information is collected as part of activation. The data is encrypted (using HTTPS) during transmission and is stored on servers located in controlled facilities at Microsoft. The data is accessible to a restricted number of server and program support personnel who oversee and maintain the activation servers and the product activation program.

    To review the Microsoft online privacy statement on activation, see the Microsoft Web site at:

    https://go.microsoft.com/fwlink/?LinkId=29923

  • Privacy, encryption, and storage for registration data: When a user registers at activation time (through the Windows Product Activation interface), registration data is encrypted (using HTTPS) during transmission. When a user registers by using the Registration Wizard (which is started by typing regwiz /r), registration data is encrypted (using HTTPS) during transmission unless the wizard is unable to establish an HTTPS connection through port 443 with the Microsoft registration server. In this situation, registration data will be sent unencrypted, using HTTP through port 80.

    Registration data, which contains information that the user chooses to send to Microsoft, is stored on servers with restricted access that are located in controlled facilities. The data can be seen by customer service representatives and marketing personnel. To review the Microsoft online privacy statement on product registration, see the Microsoft Web site at:

    https://go.microsoft.com/fwlink/?LinkId=29508

  • Transmission protocol and port:

    • For Windows Product Activation: When Windows XP with SP2 is activated through the Internet and a modem is not used, the first transmission uses HTTP through port 80 and goes to wpa.one.microsoft.com/ to check the HTTP response code. A response code of less than 500 indicates that a product activation server is available. (With a modem, there is only a check to see whether the modem can currently be used to make a connection to the Internet.) If the product activation server can be reached (or for a modem, if a connection to the Internet can be made), any activation or registration data that is sent by Windows Product Activation uses HTTPS through port 443.

    • For the Registration Wizard: When a user registers by using the Registration Wizard (which is started by typing regwiz /r), HTTPS is used through port 443 unless the wizard is unable to establish an HTTPS connection through port 443 with the Microsoft registration server. In this situation, HTTP is used through port 80.

Activation Improvements in Windows XP Service Packs

Microsoft has introduced additional technological measures in Windows XP Service Pack 1 (SP1) and Windows XP Service Pack 2 (SP2) aimed at ensuring that legally licensed customers receive the full benefits of owning their valid license. Some of the changes include:

  • Product key validation during activation.

  • The addition of a three-day grace period, where re-activation is required because of a significant hardware change. (Before SP1, there was no grace period for reactivation after a significant hardware change.)

  • The ability for volume license customers to encrypt their volume license product keys in unattended installations.

The preceding changes were made in SP1 and are continued in SP2. For more information about the changes to activation in that occurred in SP1, see the Microsoft Web site at:

Choosing Volume Licensing So That Individual Product Activation Need Not Take Place

If you use the rights granted under a volume licensing agreement to purchase or re-image software, you cannot and need not perform activation on the individual computers that are installed under the volume license. Qualifying as a volume licensing customer is not difficult. Customers can qualify for a Microsoft volume license by purchasing as few as five licenses. For more information, see the Microsoft Web site at:

https://go.microsoft.com/fwlink/?LinkId=29878

Procedure for Preventing Online Product Registration with Microsoft

Use the following procedure to configure Group Policy to prevent online registration with Microsoft.

  1. See Appendix B, "Learning About Group Policy and Updating Administrative Templates,” for information about using Group Policy. Ensure that your Administrative templates have been updated, and then edit an appropriate GPO.

  2. Click Computer Configuration, click Administrative Templates, click System, click Internet Communication Management, and then click Internet Communication settings.

  3. In the details pane, double-click Turn off Registration if URL connection is referring to Microsoft.com, and then click Enabled.

    Important   You can also restrict Internet access for this and a number of other components by applying the Restrict Internet communication policy setting, which is located in Computer Configuration/Administrative Templates/System/Internet Communication Management. For more information about this Group Policy and the policies that it controls, see Appendix C, "Group Policy Settings Listed Under the Internet Communication Management Key."