Close Menu
    Facebook X (Twitter) Instagram
    Trending
    • Successful Adoption of a “Cloud First” Strategy
    • Speaking at Nordic Virtual Summit
    • Workplace Ninja User Group Denmark February Meetup
    • Workplace Ninja User Group Denmark Meetup – May 2022
    • Workplace Ninja User Group Denmark Meetup – April 2022
    • Speaking at Modern Endpoint Management Summit 2022
    • Speaking at Nordic Virtual Summit 2022 – 3nd Edition
    • CoLabora Recordings – January 2022
    RONNIPEDERSEN.COM
    • Home
    • Enterprise Mobility
      • Configuration Manager
      • Identity and Access
      • Information Protection
      • Intune
    • Cloud and Data Center
      • Data Center Management
      • Group Policy
      • Enterprise Security
      • Hyper-V
      • PowerShell
    • Guides
    • Webcasts
    • Links
    • About
      • Contact me
      • Disclaimer
    RONNIPEDERSEN.COM
    You are at:Home»Cloud and Data Center»Active Directory Based Activation in an multi domain environment

    Active Directory Based Activation in an multi domain environment

    5
    By Ronni Pedersen on November 4, 2015 Cloud and Data Center, Data Center Management, Windows and Devices, Windows Deployment, Windows Server

    With the release of Windows 10, more and more customers are starting to move from the traditional KMS based activation model to Active Directory-based activation (ADBA).

    In a single domain environment, the setup process is really simple, and a complete step-by-step guide can be found here: https://technet.microsoft.com/en-us/library/dn613828.aspx.

    But if you’re using a multi domain setup, you might see this errors when you try to Activate online.

    clip_image002

    In this specific scenario, we had the KMS server installed the child domain, and new servers in the forest root domain was activated using a MAK key. This is not supported if you want to use the Volume Activation Tool to either configure KMS or ADBA on the server.

    Here is a brief overview over the setup:

    clip_image003

    To solve this problem we manually added the SRV record for the KMS host in the child domain to the DNS Servers in the forest root. This allowed new servers in the forest root to be registered and activated correct using the a KMS key.

    This solved the problem and the ADBA wizard could complete without any issues.

    /Enjoy

    For more updates on Deployment and Enterprise Client Managemet please follow me on Twitter: @ronnipedersen

    If you want to connect via LinkedIn, you can reach me here: https://dk.linkedin.com/in/ronnipedersen

    • Tweet
    • Share 0
    • +1
    • LinkedIn 0

    Related

    Ronni Pedersen
    • Website
    • Facebook
    • X (Twitter)
    • LinkedIn

    My name is Ronni Pedersen and I'm currently working as a Cloud Architect at APENTO in Denmark. My primary focus is Enterprise Client Management solutions, based on technologies like AzureAD, Intune, EMS and System Center Configuration Manager. I'm is also a Microsoft Certified Trainer and Microsoft MVP in Enterprise Mobility.

    Related Posts

    Workplace Ninja User Group Denmark February Meetup

    CoLabora Recordings – January 2022

    Universal Print (Preview): First Impressions

    5 Comments

    1. ju on September 17, 2019 04:08

      Hello, if we use a ADBA server in the child domain, does any computers in others child domains (or root) can activate with ADBA ?

      Reply
    2. Thomas KERJEAN on June 23, 2020 14:20

      Hi Ronni,

      Thanks for your article, but i have a question, for ADBA and multiple domains, i have actually 2 AD domains (Ex : domainA and domainB) on two differents forests, but with a trust relationship reciprocal between them.

      We have a project to create a new domain (Ex : domainC) to migrate 2 others domains in this new domain.
      So i would like to know if i can run ADBA on a new DC on the new domainC, with this domain i will created a trust relationship with domainA and domainB.

      Is it possible to activate Windows 10 and Windows Server (2012R2 and 2016) on the 3 domains ? I know it is possible to create SRV DNS entries on differents domains, but i would like to know if it is needed to install ADBA role on DC of each domain, athough there is trusted relationships.
      Not to much documentation about it, so this is why i ask you.

      Thanks you in advance for help

      Reply
      • Ronni Pedersen on June 25, 2020 12:16

        Good question. I dont have any experience with ADBA in a mutil-domain environment… Sorry.
        My best advice is to test it and see what happens. If you cant get it to work, create a support case with MS.

        Reply
      • TM on February 7, 2023 04:23

        This is an older question, but in case it helps others, no, you don’t need a domain trust in place for KMS activation to work with clients in a different domain to the KMS host.

        As long there’s a _VLMCS SRV record in the client domain pointing to the correct server and the port is open, it works fine.

        ADBA does not work, however. But we have both running in the primary domain, again with no issues.

        Reply
    3. NateR on July 26, 2022 19:24

      Need to run Volume Activation Tool as admin.

      Reply
    Leave A Reply Cancel Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Follow
    APENTO

    Follow APENTO here:

    Subscribe to Blog via Email

    Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    About
    My name i s Ronni Pedersen and I'm currently working as a Cloud Architect at APENTO in Denmark. My primary focus is Endpoint Management and Security, based on Microsoft technologies. I'm also a Microsoft Certified Trainer and a dual Microsoft MVP in both Security and Windows.
    Recent Posts
    • Successful Adoption of a “Cloud First” Strategy
    • Speaking at Nordic Virtual Summit
    • Workplace Ninja User Group Denmark February Meetup
    • Workplace Ninja User Group Denmark Meetup – May 2022
    • Workplace Ninja User Group Denmark Meetup – April 2022
    Archives
    TOP POSTS
    • Deploying Office 2016 using the Click-to-Run Deployment Tool
    • Find the TimeZoneName for your SCCM/MDT Deployments
    • How to Access the MBAM BitLocker Recover Keys directly in SQL
    • SCCM 2012 R2: Where is the SMSTS.log located?
    • Integrate Jamf Pro with Microsoft Intune
    RECENT COMMENTS
    • Sebi on Prepare for Co-Management: Migrate Intune Devices without user affinity
    • Vadim P on SCCM: Failed to Get Client Identity (80004005)
    • TM on Active Directory Based Activation in an multi domain environment
    • unkown on Setting OSDComputerName using CustomSettings.ini
    • TJ Scott on Setting OSDComputerName using CustomSettings.ini
    DISCLAIMER
    The content on this website is presented "as-is" with no guarantees. The use of scripts from this website is at your own risk. Always test before putting something in production! Opinions expressed are my own.
    © 2025 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.