Activation and Resulting Internet Communication in Windows Vista
In This Section
Purposes of Activation for Windows Vista
The purposes of product activation are to reduce software piracy and to ensure that Microsoft customers are receiving genuine Microsoft software. Activation of Windows Vista is required unless you purchase new computers with the operating system preinstalled by the manufacturer and bound to the computer’s basic input/output system (BIOS). A person who purchases Windows Vista to install on an individual computer can carry out activation either through the Internet or by phone. If you acquire licenses through a volume license program, you can perform Volume Activation in one of two ways: the Key Management Service (KMS) or a Multiple Activation Key (MAK). For more information about volume licensing, see "Activation Options with Volume Licensing," later in this section.
Product activation means that a specific product key becomes associated with the computer hardware that it is installed on. More information about product activation can be found on the Microsoft Web site at:
Windows Genuine Advantage Program
After a genuine copy of Windows Vista is activated on a computer, the user of that computer qualifies for benefits such as free downloads through the Windows Genuine Advantage program. For information about these benefits, see the Genuine Windows page on the Microsoft Web site:
For details about the information sent and received during the validation process for genuine Windows, see the Microsoft Genuine Advantage privacy statement on the Microsoft Web site:
Overview: Activation in the Context of a Managed Environment
In an environment with many computers running Windows Vista, you will probably want to use one of the activation options designed for use with volume licensing. The following subsection describes these options.
|To avoid the activation process (online activation or telephone activation), you can purchase new computers with the operating system preinstalled by the manufacturer and bound to the computer’s basic input/output system (BIOS). For these computers, activation of Windows Vista is not necessary.|
Activation Options with Volume Licensing
Organizations that have a volume license agreement have multiple options for activation:
Key Management Service (KMS): In managed environments where 25 or more computers running Windows Vista will be connected to the corporate network, you can use KMS to simplify the activation process. With KMS, you manage activations within your organization's network, rather than having each computer communicate with a server at Microsoft during activation. The computers you activate through KMS must connect to your organization's network at least twice a year to stay activated.
Multiple Activation Key (MAK): In networks where users rarely or never connect to the corporate network, you can use a MAK. Each MAK belongs to a specific organization and can activate multiple computers running Windows Vista, up to the limit assigned to that MAK. You can activate these computers one at a time (in which case each computer connects to an activation server at Microsoft) or use MAK Proxy Activation, where a centralized activation request is sent (through a single connection to Microsoft) on behalf of multiple desktops.
For more information about volume licensing, see the Microsoft Web site at:
How a Computer Communicates with Sites on the Internet During Activation
Windows Vista can be activated through the Internet or by phone. The following list describes how Windows Vista communicates with Web sites when it is activated through the Internet:
Specific information sent or received: During activation of Windows Vista, the following information is sent to the activation server at Microsoft:
Request information, that is, protocol information necessary for successfully establishing communication with the activation server.
The product key and supporting validation data.
A group of hardware hashes (non-unique numbers generated from the computer's hardware configuration). The hardware hashes do not represent any personal information or anything about the software. They are based on the SHA-1 message-digest hash algorithm, and they consist of a combination of partial SHA-1 hash values of various computer components. The hardware hashes cannot be used to determine the make or model of the computer, nor can they be backward-calculated to determine the raw computer information.
Along with the hashes, information about the algorithm used for the hashes is sent.
An XrML license that uses public key encryption.
The operating system being activated and the version number of the activation software.
- Request information, that is, protocol information necessary for successfully establishing communication with the activation server.
Default setting and ability to disable: Product activation cannot be disabled, but if you acquire licenses through a volume license program, you can perform Volume Activation, either through the Key Management Service (KMS) or a Multiple Activation Key (MAK). For more information, see "Activation Options with Volume Licensing," earlier in this section and the volume licensing pages on the Microsoft Web site at:
Note that product activation is not necessary if you purchase new computers with the operating system preinstalled by the manufacturer and bound to the computer’s basic input/output system (BIOS).
Trigger and notification: When activation is required, the operating system provides a reminder each time a user logs on and at common intervals until the end of the activation grace period stated in the Microsoft Software License Terms (30 days is the typical grace period).
Logging: Entries that track the progress of activation (for example, return codes and error codes) are logged in Event Viewer in Windows Logs\Application with a Source of Security-Licensing-SLC. You can use these events for troubleshooting if activation fails.
Privacy, encryption, and storage: Customer privacy was a paramount design goal in building the product activation technology. The data is encrypted (using HTTPS) during transmission and is stored on servers located in controlled facilities at Microsoft. The data is accessible to a restricted number of server and program support personnel who oversee and maintain the activation servers and the product activation program.
The privacy statement is on the Microsoft Web site at:
Transmission protocol and port: When Windows Vista is activated through the Internet and a modem is not used, the first transmission uses HTTP through port 80 and communicates with go.microsoft.com to check the HTTP response code. A response code of less than 500 indicates that a product activation server is available. (With a modem, there is only a check to see whether the modem can currently be used to make a connection to the Internet.) If the product activation server can be reached (or for a modem, if a connection to the Internet can be made), any activation data that is sent by Windows Product Activation uses HTTPS through port 443 to sls.microsoft.com.