mirror of
https://github.com/Wind4/vlmcsd.git
synced 2025-06-22 01:13:40 +02:00
vlmcsd-1105-2016-11-28-Hotbird64
This commit is contained in:
@ -1,5 +1,5 @@
|
||||
.mso www.tmac
|
||||
.TH VLMCS 1 "October 2016" "Hotbird64" "KMS Activation Manual"
|
||||
.TH VLMCS 1 "November 2016" "Hotbird64" "KMS Activation Manual"
|
||||
.LO 1
|
||||
|
||||
.SH NAME
|
||||
@ -81,6 +81,11 @@ Force a specific version of the KMS protocol. Valid versions are 4.0, 5.0 and 6.
|
||||
.IP "\fB-4\fR, \fB-5\fR and \fB-6"
|
||||
Force version 4, 5 or 6 of the KMS protocol. These options are actually shortcuts of \fB-K 4.0\fR, \fB-K 5.0\fR and \fB-K 6.0\fR.
|
||||
|
||||
.IP "\fB-j\fR \fIfilename\fR"
|
||||
Use KMS data file \fIfilename\fR. By default vlmcs contains product data that is recent when vlmcs was compiled. You may use a more recent KMS data file that contains additional products.
|
||||
|
||||
If vlmcsd has been compiled to use a default KMS data file, you may use \fB-j-\fR to ignore the default configuration file.
|
||||
|
||||
.IP "\fB-m"
|
||||
Let the client pretend to be a virtual machine. Early versions of Microsoft's
|
||||
KMS server did not increase the client count if the request came from a virtual
|
||||
|
@ -100,24 +100,33 @@ OPTIONS
|
||||
actually shortcuts of -K 4.0, -K 5.0 and -K 6.0.
|
||||
|
||||
|
||||
-m Let the client pretend to be a virtual machine. Early versions
|
||||
of Microsoft's KMS server did not increase the client count if
|
||||
the request came from a virtual machine. Newer versions ignore
|
||||
-j filename
|
||||
Use KMS data file filename. By default vlmcs contains product
|
||||
data that is recent when vlmcs was compiled. You may use a more
|
||||
recent KMS data file that contains additional products.
|
||||
|
||||
If vlmcsd has been compiled to use a default KMS data file, you
|
||||
may use -j- to ignore the default configuration file.
|
||||
|
||||
|
||||
-m Let the client pretend to be a virtual machine. Early versions
|
||||
of Microsoft's KMS server did not increase the client count if
|
||||
the request came from a virtual machine. Newer versions ignore
|
||||
this flag.
|
||||
|
||||
|
||||
-d Use NetBIOS names instead of DNS names. By default vlmcsd gener‐
|
||||
ates some random DNS names for each request. If you prefer Net‐
|
||||
BIOS names, you may use -d. A real Microsoft activation client
|
||||
uses DNS names or NetBIOS depending on the client name configu‐
|
||||
ates some random DNS names for each request. If you prefer Net‐
|
||||
BIOS names, you may use -d. A real Microsoft activation client
|
||||
uses DNS names or NetBIOS depending on the client name configu‐
|
||||
ration. KMS servers treat the workstation name as a comment that
|
||||
affects logging only. Clients will be identified by a GUID that
|
||||
can be specified using -c. -d has no effect if you also specify
|
||||
affects logging only. Clients will be identified by a GUID that
|
||||
can be specified using -c. -d has no effect if you also specify
|
||||
-w.
|
||||
|
||||
|
||||
-a application-guid
|
||||
Send requests with a specific application-guid. There are cur‐
|
||||
Send requests with a specific application-guid. There are cur‐
|
||||
rently only three known valid application-guids:
|
||||
|
||||
|
||||
@ -126,91 +135,91 @@ OPTIONS
|
||||
0ff1ce15-a989-479d-af46-f275c6370663 (Office 2013)
|
||||
|
||||
|
||||
A Microsoft KMS server uses these GUIDs to have seperate coun‐
|
||||
ters for the already activated clients. A client that does not
|
||||
contact the KMS server within 30 days will be deleted from the
|
||||
A Microsoft KMS server uses these GUIDs to have seperate coun‐
|
||||
ters for the already activated clients. A client that does not
|
||||
contact the KMS server within 30 days will be deleted from the
|
||||
database. Emulated KMS servers are always fully charged.
|
||||
|
||||
|
||||
-k kms-guid
|
||||
Send requests with a specific kms-guid. A Microsoft KMS server
|
||||
uses these GUIDs as a product id to decide whether to grant
|
||||
activation or not. A list of current kms-guids can be found in
|
||||
kms.c (table KmsIdList). Emulated KMS servers grant activation
|
||||
Send requests with a specific kms-guid. A Microsoft KMS server
|
||||
uses these GUIDs as a product id to decide whether to grant
|
||||
activation or not. A list of current kms-guids can be found in
|
||||
kms.c (table KmsIdList). Emulated KMS servers grant activation
|
||||
unconditionally and do not check the kms-guid.
|
||||
|
||||
|
||||
-s activation-guid
|
||||
The activation-guid defines the actual product, e.g. "Windows
|
||||
8.1 Professional WMC KMSCLIENT edition". A activation-guid maps
|
||||
1:1 to a product key. However, neither a Microsoft KMS server
|
||||
The activation-guid defines the actual product, e.g. "Windows
|
||||
8.1 Professional WMC KMSCLIENT edition". A activation-guid maps
|
||||
1:1 to a product key. However, neither a Microsoft KMS server
|
||||
nor emulated servers check this id. The activation-guid is use‐
|
||||
ful in logging to get a specific product description like "Win‐
|
||||
dows 8.1 Professional WMC". A list of current activation-guids
|
||||
ful in logging to get a specific product description like "Win‐
|
||||
dows 8.1 Professional WMC". A list of current activation-guids
|
||||
can be found in kms.c (table ExtendedProductList).
|
||||
|
||||
|
||||
-n requests
|
||||
Send requests requests to the server. The default is to send at
|
||||
Send requests requests to the server. The default is to send at
|
||||
least one request and enough subsequent requests that the server
|
||||
is fully charged afterwards for the application-guid you
|
||||
is fully charged afterwards for the application-guid you
|
||||
selected (explicitly with -a or implicitly by using -l).
|
||||
|
||||
|
||||
-T Causes to use a new TCP connection for each request if multiple
|
||||
requests are sent with vlmcsd. This is useful when you want to
|
||||
test an emulated KMS server whether it suffers from memory
|
||||
leaks. To test for memory leaks use -n with a large number of
|
||||
requests (> 100000) and then test twice (with and without -T).
|
||||
This option may become neccessary for future versions of Micro‐
|
||||
soft's KMS server because multiple requests with different
|
||||
clients-guids for the same kms-id-guid are impossible in a real
|
||||
-T Causes to use a new TCP connection for each request if multiple
|
||||
requests are sent with vlmcsd. This is useful when you want to
|
||||
test an emulated KMS server whether it suffers from memory
|
||||
leaks. To test for memory leaks use -n with a large number of
|
||||
requests (> 100000) and then test twice (with and without -T).
|
||||
This option may become neccessary for future versions of Micro‐
|
||||
soft's KMS server because multiple requests with different
|
||||
clients-guids for the same kms-id-guid are impossible in a real
|
||||
KMS szenario over the same TCP connection.
|
||||
|
||||
|
||||
-c client-machine-guid
|
||||
Normally vlmcs generates a random client-machine-guid for each
|
||||
request. By using this option you can specify a fixed client-
|
||||
machine-guid This causes a Microsoft KMS not to increment its
|
||||
client count because it receives multiple requests for the same
|
||||
client. Thus do not use -c if you want to charge a real KMS
|
||||
Normally vlmcs generates a random client-machine-guid for each
|
||||
request. By using this option you can specify a fixed client-
|
||||
machine-guid This causes a Microsoft KMS not to increment its
|
||||
client count because it receives multiple requests for the same
|
||||
client. Thus do not use -c if you want to charge a real KMS
|
||||
server.
|
||||
|
||||
|
||||
-o previous-client-machine-guid
|
||||
If the client-machine-guid changes for some reason, the real KMS
|
||||
client stores a previous-client-machine-guid which is sent to
|
||||
the KMS server. This happens rarely and usually
|
||||
00000000-0000-0000-0000-000000000000 is used. You can use -o to
|
||||
client stores a previous-client-machine-guid which is sent to
|
||||
the KMS server. This happens rarely and usually
|
||||
00000000-0000-0000-0000-000000000000 is used. You can use -o to
|
||||
specify a different previous-client-machine-guid.
|
||||
|
||||
|
||||
-G filename
|
||||
Grabs ePIDs and HWIDs from a KMS server and writes the informa‐
|
||||
tion to filename in format suitable to be used as a configura‐
|
||||
Grabs ePIDs and HWIDs from a KMS server and writes the informa‐
|
||||
tion to filename in format suitable to be used as a configura‐
|
||||
tion file (aka ini file) for vlmcsd(8). This is especially use‐
|
||||
ful if you have access to a genuine KMS server and want to use
|
||||
ful if you have access to a genuine KMS server and want to use
|
||||
the same data with vlmcsd(8).
|
||||
|
||||
If filename does not exist, it will be created. If you specify
|
||||
an existing filename, it will be updated to use the information
|
||||
received from the remote KMS server and a backup filename~ will
|
||||
If filename does not exist, it will be created. If you specify
|
||||
an existing filename, it will be updated to use the information
|
||||
received from the remote KMS server and a backup filename~ will
|
||||
be created.
|
||||
|
||||
-G cannot be used with -l, -4, -5, -6, -a, -s, -k, -r and -n
|
||||
|
||||
|
||||
-w workstation-name
|
||||
Send requests with a specific workstation-name. This disables
|
||||
the random generator for the workstation name. Since it is a
|
||||
Send requests with a specific workstation-name. This disables
|
||||
the random generator for the workstation name. Since it is a
|
||||
comment only, this option does not have much effect.
|
||||
|
||||
|
||||
-r required-client-count
|
||||
Also known as the "N count policy". Tells the KMS server that
|
||||
successful activation requires required-client-count clients.
|
||||
The default is the required-client-count that the product would
|
||||
need if the request was a real activation. A Microsoft KMS
|
||||
Also known as the "N count policy". Tells the KMS server that
|
||||
successful activation requires required-client-count clients.
|
||||
The default is the required-client-count that the product would
|
||||
need if the request was a real activation. A Microsoft KMS
|
||||
server counts clients up to the double amount what was specified
|
||||
with -r. This option can be used to "overcharge" a Microsoft KMS
|
||||
server.
|
||||
@ -218,57 +227,57 @@ OPTIONS
|
||||
|
||||
-t status
|
||||
Reports a specific license status to the KMS server. status is a
|
||||
number that can be from 0 to 6. 0=unlicensed, 1=licensed, 2=OOB
|
||||
grace, 3=OOT grace, 4=Non-genuinue grace, 5=notification,
|
||||
number that can be from 0 to 6. 0=unlicensed, 1=licensed, 2=OOB
|
||||
grace, 3=OOT grace, 4=Non-genuinue grace, 5=notification,
|
||||
6=extended grace. Refer to TechNet ⟨http://
|
||||
technet.microsoft.com/en-us/library/ff686879.aspx#_Toc257201371⟩
|
||||
for more information. A Microsoft KMS server collects this
|
||||
for more information. A Microsoft KMS server collects this
|
||||
information for statistics only.
|
||||
|
||||
|
||||
-g binding-expiration
|
||||
This tells the KMS server how long a client will stay in its
|
||||
current license status. This can be the remaining OOB time (the
|
||||
grace peroid that is granted between installation of a product
|
||||
and when activation is actuall required) or the remaining time
|
||||
when KMS activation must be renewed. binding-expiration is
|
||||
This tells the KMS server how long a client will stay in its
|
||||
current license status. This can be the remaining OOB time (the
|
||||
grace peroid that is granted between installation of a product
|
||||
and when activation is actuall required) or the remaining time
|
||||
when KMS activation must be renewed. binding-expiration is
|
||||
specified in minutes. A Microsoft KMS server apparantly does not
|
||||
use this information.
|
||||
|
||||
|
||||
-i protocol-version
|
||||
Force the use of Internet protocol protocol-version. Allowed
|
||||
values are 4 (IPv4) and 6 (IPv6). This option is useful only if
|
||||
you specfiy a hostname and not an ip-address on the command
|
||||
Force the use of Internet protocol protocol-version. Allowed
|
||||
values are 4 (IPv4) and 6 (IPv6). This option is useful only if
|
||||
you specfiy a hostname and not an ip-address on the command
|
||||
line.
|
||||
|
||||
|
||||
-p Do not set the RPC_PF_MULTIPLEX flag in the RPC bind request.
|
||||
-p Do not set the RPC_PF_MULTIPLEX flag in the RPC bind request.
|
||||
This can be used to test if the KMS server uses the same setting
|
||||
of this flag in the RPC bind respone. Some KMS emulators don't
|
||||
of this flag in the RPC bind respone. Some KMS emulators don't
|
||||
set this correctly.
|
||||
|
||||
|
||||
-N0 and -N1
|
||||
Disables (-N0) or enables (-N1) the NDR64 transfer syntax in the
|
||||
RPC protocol. Disable NDR64 only in case of problems. If NDR64
|
||||
RPC protocol. Disable NDR64 only in case of problems. If NDR64
|
||||
is not used, vlmcs cannot detect many RPC protocol errors in KMS
|
||||
emulators. If you want to test whether a KMS emulator fully sup‐
|
||||
ports NDR64, you must use the -n option to send at least two
|
||||
requests. This is because Microsoft's client always sends the
|
||||
first request using NDR32 syntax and subsequent requests using
|
||||
ports NDR64, you must use the -n option to send at least two
|
||||
requests. This is because Microsoft's client always sends the
|
||||
first request using NDR32 syntax and subsequent requests using
|
||||
NDR64 syntax.
|
||||
|
||||
|
||||
-B0 and -B1
|
||||
Disables (-B0) or enables (-B1) bind time feature negotiation
|
||||
(BTFN) in the RPC protocol. Disable BTFN only in case of prob‐
|
||||
Disables (-B0) or enables (-B1) bind time feature negotiation
|
||||
(BTFN) in the RPC protocol. Disable BTFN only in case of prob‐
|
||||
lems. If BTFN is not used, vlmcs cannot detect many RPC protocol
|
||||
errors in KMS emulators.
|
||||
|
||||
|
||||
Options that do not require an argument can be specified together with
|
||||
a single dash, e.g. vlmcs -6mvT. If you specify an option more than
|
||||
Options that do not require an argument can be specified together with
|
||||
a single dash, e.g. vlmcs -6mvT. If you specify an option more than
|
||||
once, the last occurence will be in effect.
|
||||
|
||||
|
||||
@ -278,34 +287,34 @@ FILES
|
||||
|
||||
EXAMPLES
|
||||
vlmcs kms.example.com
|
||||
Request activation for Windows Vista using v4 protocol from
|
||||
kms.example.com. Repeat activation requests until server is
|
||||
Request activation for Windows Vista using v4 protocol from
|
||||
kms.example.com. Repeat activation requests until server is
|
||||
charged for all Windows products.
|
||||
|
||||
|
||||
vlmcs -
|
||||
Request activation for Windows Vista using v4 protocol from a
|
||||
Request activation for Windows Vista using v4 protocol from a
|
||||
KMS server that is published via DNS for the current domain.
|
||||
|
||||
|
||||
vlmcs .example.com
|
||||
Request activation for Windows Vista using v4 protocol from a
|
||||
Request activation for Windows Vista using v4 protocol from a
|
||||
KMS server that is published via DNS for domain example.com.
|
||||
|
||||
|
||||
vlmcs -6 -l Office2013 -v -n 1
|
||||
Request exactly one activation for Office2013 using v6 protocol
|
||||
Request exactly one activation for Office2013 using v6 protocol
|
||||
from localhost. Display verbose results.
|
||||
|
||||
|
||||
vlmcs kms.bigcompany.com -G /etc/vlmcsd.ini
|
||||
Get ePIDs and HWIDs from kms.bigcompany.com and create/update
|
||||
Get ePIDs and HWIDs from kms.bigcompany.com and create/update
|
||||
/etc/vlmcsd.ini accordingly.
|
||||
|
||||
|
||||
BUGS
|
||||
Some platforms (e.g. Solaris) may have a man(7) system that does not
|
||||
handle URLs. URLs may be omitted in the documentation on those plat‐
|
||||
Some platforms (e.g. Solaris) may have a man(7) system that does not
|
||||
handle URLs. URLs may be omitted in the documentation on those plat‐
|
||||
forms. Cygwin, Linux, FreeBSD and Mac OS X are known to work correctly.
|
||||
|
||||
|
||||
@ -314,7 +323,7 @@ AUTHOR
|
||||
|
||||
|
||||
CREDITS
|
||||
Thanks to CODYQX4, crony12, deagles, DougQaid, eIcn, mikmik38, nos‐
|
||||
Thanks to CODYQX4, crony12, deagles, DougQaid, eIcn, mikmik38, nos‐
|
||||
ferati87, qad, Ratiborus, vityan666, ...
|
||||
|
||||
|
||||
@ -323,4 +332,4 @@ SEE ALSO
|
||||
|
||||
|
||||
|
||||
Hotbird64 October 2016 VLMCS(1)
|
||||
Hotbird64 November 2016 VLMCS(1)
|
||||
|
@ -1,5 +1,5 @@
|
||||
<!-- Creator : groff version 1.22.3 -->
|
||||
<!-- CreationDate: Fri Nov 4 17:18:01 2016 -->
|
||||
<!-- CreationDate: Mon Nov 28 01:28:23 2016 -->
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||
"http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
@ -208,6 +208,17 @@ the version fields of the request.</p>
|
||||
KMS protocol. These options are actually shortcuts of <b>-K
|
||||
4.0</b>, <b>-K 5.0</b> and <b>-K 6.0</b>.</p>
|
||||
|
||||
<p style="margin-left:11%;"><b>-j</b> <i>filename</i></p>
|
||||
|
||||
<p style="margin-left:22%;">Use KMS data file
|
||||
<i>filename</i>. By default vlmcs contains product data that
|
||||
is recent when vlmcs was compiled. You may use a more recent
|
||||
KMS data file that contains additional products.</p>
|
||||
|
||||
<p style="margin-left:22%; margin-top: 1em">If vlmcsd has
|
||||
been compiled to use a default KMS data file, you may use
|
||||
<b>-j-</b> to ignore the default configuration file.</p>
|
||||
|
||||
<table width="100%" border="0" rules="none" frame="void"
|
||||
cellspacing="0" cellpadding="0">
|
||||
<tr valign="top" align="left">
|
||||
|
BIN
man/vlmcs.1.pdf
BIN
man/vlmcs.1.pdf
Binary file not shown.
@ -100,24 +100,33 @@ OPTIONS
|
||||
actually shortcuts of -K 4.0, -K 5.0 and -K 6.0.
|
||||
|
||||
|
||||
-m Let the client pretend to be a virtual machine. Early versions
|
||||
of Microsoft's KMS server did not increase the client count if
|
||||
the request came from a virtual machine. Newer versions ignore
|
||||
-j filename
|
||||
Use KMS data file filename. By default vlmcs contains product
|
||||
data that is recent when vlmcs was compiled. You may use a more
|
||||
recent KMS data file that contains additional products.
|
||||
|
||||
If vlmcsd has been compiled to use a default KMS data file, you
|
||||
may use -j- to ignore the default configuration file.
|
||||
|
||||
|
||||
-m Let the client pretend to be a virtual machine. Early versions
|
||||
of Microsoft's KMS server did not increase the client count if
|
||||
the request came from a virtual machine. Newer versions ignore
|
||||
this flag.
|
||||
|
||||
|
||||
-d Use NetBIOS names instead of DNS names. By default vlmcsd gener‐
|
||||
ates some random DNS names for each request. If you prefer Net‐
|
||||
BIOS names, you may use -d. A real Microsoft activation client
|
||||
uses DNS names or NetBIOS depending on the client name configu‐
|
||||
ates some random DNS names for each request. If you prefer Net‐
|
||||
BIOS names, you may use -d. A real Microsoft activation client
|
||||
uses DNS names or NetBIOS depending on the client name configu‐
|
||||
ration. KMS servers treat the workstation name as a comment that
|
||||
affects logging only. Clients will be identified by a GUID that
|
||||
can be specified using -c. -d has no effect if you also specify
|
||||
affects logging only. Clients will be identified by a GUID that
|
||||
can be specified using -c. -d has no effect if you also specify
|
||||
-w.
|
||||
|
||||
|
||||
-a application-guid
|
||||
Send requests with a specific application-guid. There are cur‐
|
||||
Send requests with a specific application-guid. There are cur‐
|
||||
rently only three known valid application-guids:
|
||||
|
||||
|
||||
@ -126,91 +135,91 @@ OPTIONS
|
||||
0ff1ce15-a989-479d-af46-f275c6370663 (Office 2013)
|
||||
|
||||
|
||||
A Microsoft KMS server uses these GUIDs to have seperate coun‐
|
||||
ters for the already activated clients. A client that does not
|
||||
contact the KMS server within 30 days will be deleted from the
|
||||
A Microsoft KMS server uses these GUIDs to have seperate coun‐
|
||||
ters for the already activated clients. A client that does not
|
||||
contact the KMS server within 30 days will be deleted from the
|
||||
database. Emulated KMS servers are always fully charged.
|
||||
|
||||
|
||||
-k kms-guid
|
||||
Send requests with a specific kms-guid. A Microsoft KMS server
|
||||
uses these GUIDs as a product id to decide whether to grant
|
||||
activation or not. A list of current kms-guids can be found in
|
||||
kms.c (table KmsIdList). Emulated KMS servers grant activation
|
||||
Send requests with a specific kms-guid. A Microsoft KMS server
|
||||
uses these GUIDs as a product id to decide whether to grant
|
||||
activation or not. A list of current kms-guids can be found in
|
||||
kms.c (table KmsIdList). Emulated KMS servers grant activation
|
||||
unconditionally and do not check the kms-guid.
|
||||
|
||||
|
||||
-s activation-guid
|
||||
The activation-guid defines the actual product, e.g. "Windows
|
||||
8.1 Professional WMC KMSCLIENT edition". A activation-guid maps
|
||||
1:1 to a product key. However, neither a Microsoft KMS server
|
||||
The activation-guid defines the actual product, e.g. "Windows
|
||||
8.1 Professional WMC KMSCLIENT edition". A activation-guid maps
|
||||
1:1 to a product key. However, neither a Microsoft KMS server
|
||||
nor emulated servers check this id. The activation-guid is use‐
|
||||
ful in logging to get a specific product description like "Win‐
|
||||
dows 8.1 Professional WMC". A list of current activation-guids
|
||||
ful in logging to get a specific product description like "Win‐
|
||||
dows 8.1 Professional WMC". A list of current activation-guids
|
||||
can be found in kms.c (table ExtendedProductList).
|
||||
|
||||
|
||||
-n requests
|
||||
Send requests requests to the server. The default is to send at
|
||||
Send requests requests to the server. The default is to send at
|
||||
least one request and enough subsequent requests that the server
|
||||
is fully charged afterwards for the application-guid you
|
||||
is fully charged afterwards for the application-guid you
|
||||
selected (explicitly with -a or implicitly by using -l).
|
||||
|
||||
|
||||
-T Causes to use a new TCP connection for each request if multiple
|
||||
requests are sent with vlmcsd. This is useful when you want to
|
||||
test an emulated KMS server whether it suffers from memory
|
||||
leaks. To test for memory leaks use -n with a large number of
|
||||
requests (> 100000) and then test twice (with and without -T).
|
||||
This option may become neccessary for future versions of Micro‐
|
||||
soft's KMS server because multiple requests with different
|
||||
clients-guids for the same kms-id-guid are impossible in a real
|
||||
-T Causes to use a new TCP connection for each request if multiple
|
||||
requests are sent with vlmcsd. This is useful when you want to
|
||||
test an emulated KMS server whether it suffers from memory
|
||||
leaks. To test for memory leaks use -n with a large number of
|
||||
requests (> 100000) and then test twice (with and without -T).
|
||||
This option may become neccessary for future versions of Micro‐
|
||||
soft's KMS server because multiple requests with different
|
||||
clients-guids for the same kms-id-guid are impossible in a real
|
||||
KMS szenario over the same TCP connection.
|
||||
|
||||
|
||||
-c client-machine-guid
|
||||
Normally vlmcs generates a random client-machine-guid for each
|
||||
request. By using this option you can specify a fixed client-
|
||||
machine-guid This causes a Microsoft KMS not to increment its
|
||||
client count because it receives multiple requests for the same
|
||||
client. Thus do not use -c if you want to charge a real KMS
|
||||
Normally vlmcs generates a random client-machine-guid for each
|
||||
request. By using this option you can specify a fixed client-
|
||||
machine-guid This causes a Microsoft KMS not to increment its
|
||||
client count because it receives multiple requests for the same
|
||||
client. Thus do not use -c if you want to charge a real KMS
|
||||
server.
|
||||
|
||||
|
||||
-o previous-client-machine-guid
|
||||
If the client-machine-guid changes for some reason, the real KMS
|
||||
client stores a previous-client-machine-guid which is sent to
|
||||
the KMS server. This happens rarely and usually
|
||||
00000000-0000-0000-0000-000000000000 is used. You can use -o to
|
||||
client stores a previous-client-machine-guid which is sent to
|
||||
the KMS server. This happens rarely and usually
|
||||
00000000-0000-0000-0000-000000000000 is used. You can use -o to
|
||||
specify a different previous-client-machine-guid.
|
||||
|
||||
|
||||
-G filename
|
||||
Grabs ePIDs and HWIDs from a KMS server and writes the informa‐
|
||||
tion to filename in format suitable to be used as a configura‐
|
||||
Grabs ePIDs and HWIDs from a KMS server and writes the informa‐
|
||||
tion to filename in format suitable to be used as a configura‐
|
||||
tion file (aka ini file) for vlmcsd(8). This is especially use‐
|
||||
ful if you have access to a genuine KMS server and want to use
|
||||
ful if you have access to a genuine KMS server and want to use
|
||||
the same data with vlmcsd(8).
|
||||
|
||||
If filename does not exist, it will be created. If you specify
|
||||
an existing filename, it will be updated to use the information
|
||||
received from the remote KMS server and a backup filename~ will
|
||||
If filename does not exist, it will be created. If you specify
|
||||
an existing filename, it will be updated to use the information
|
||||
received from the remote KMS server and a backup filename~ will
|
||||
be created.
|
||||
|
||||
-G cannot be used with -l, -4, -5, -6, -a, -s, -k, -r and -n
|
||||
|
||||
|
||||
-w workstation-name
|
||||
Send requests with a specific workstation-name. This disables
|
||||
the random generator for the workstation name. Since it is a
|
||||
Send requests with a specific workstation-name. This disables
|
||||
the random generator for the workstation name. Since it is a
|
||||
comment only, this option does not have much effect.
|
||||
|
||||
|
||||
-r required-client-count
|
||||
Also known as the "N count policy". Tells the KMS server that
|
||||
successful activation requires required-client-count clients.
|
||||
The default is the required-client-count that the product would
|
||||
need if the request was a real activation. A Microsoft KMS
|
||||
Also known as the "N count policy". Tells the KMS server that
|
||||
successful activation requires required-client-count clients.
|
||||
The default is the required-client-count that the product would
|
||||
need if the request was a real activation. A Microsoft KMS
|
||||
server counts clients up to the double amount what was specified
|
||||
with -r. This option can be used to "overcharge" a Microsoft KMS
|
||||
server.
|
||||
@ -218,57 +227,57 @@ OPTIONS
|
||||
|
||||
-t status
|
||||
Reports a specific license status to the KMS server. status is a
|
||||
number that can be from 0 to 6. 0=unlicensed, 1=licensed, 2=OOB
|
||||
grace, 3=OOT grace, 4=Non-genuinue grace, 5=notification,
|
||||
number that can be from 0 to 6. 0=unlicensed, 1=licensed, 2=OOB
|
||||
grace, 3=OOT grace, 4=Non-genuinue grace, 5=notification,
|
||||
6=extended grace. Refer to TechNet ⟨http://
|
||||
technet.microsoft.com/en-us/library/ff686879.aspx#_Toc257201371⟩
|
||||
for more information. A Microsoft KMS server collects this
|
||||
for more information. A Microsoft KMS server collects this
|
||||
information for statistics only.
|
||||
|
||||
|
||||
-g binding-expiration
|
||||
This tells the KMS server how long a client will stay in its
|
||||
current license status. This can be the remaining OOB time (the
|
||||
grace peroid that is granted between installation of a product
|
||||
and when activation is actuall required) or the remaining time
|
||||
when KMS activation must be renewed. binding-expiration is
|
||||
This tells the KMS server how long a client will stay in its
|
||||
current license status. This can be the remaining OOB time (the
|
||||
grace peroid that is granted between installation of a product
|
||||
and when activation is actuall required) or the remaining time
|
||||
when KMS activation must be renewed. binding-expiration is
|
||||
specified in minutes. A Microsoft KMS server apparantly does not
|
||||
use this information.
|
||||
|
||||
|
||||
-i protocol-version
|
||||
Force the use of Internet protocol protocol-version. Allowed
|
||||
values are 4 (IPv4) and 6 (IPv6). This option is useful only if
|
||||
you specfiy a hostname and not an ip-address on the command
|
||||
Force the use of Internet protocol protocol-version. Allowed
|
||||
values are 4 (IPv4) and 6 (IPv6). This option is useful only if
|
||||
you specfiy a hostname and not an ip-address on the command
|
||||
line.
|
||||
|
||||
|
||||
-p Do not set the RPC_PF_MULTIPLEX flag in the RPC bind request.
|
||||
-p Do not set the RPC_PF_MULTIPLEX flag in the RPC bind request.
|
||||
This can be used to test if the KMS server uses the same setting
|
||||
of this flag in the RPC bind respone. Some KMS emulators don't
|
||||
of this flag in the RPC bind respone. Some KMS emulators don't
|
||||
set this correctly.
|
||||
|
||||
|
||||
-N0 and -N1
|
||||
Disables (-N0) or enables (-N1) the NDR64 transfer syntax in the
|
||||
RPC protocol. Disable NDR64 only in case of problems. If NDR64
|
||||
RPC protocol. Disable NDR64 only in case of problems. If NDR64
|
||||
is not used, vlmcs cannot detect many RPC protocol errors in KMS
|
||||
emulators. If you want to test whether a KMS emulator fully sup‐
|
||||
ports NDR64, you must use the -n option to send at least two
|
||||
requests. This is because Microsoft's client always sends the
|
||||
first request using NDR32 syntax and subsequent requests using
|
||||
ports NDR64, you must use the -n option to send at least two
|
||||
requests. This is because Microsoft's client always sends the
|
||||
first request using NDR32 syntax and subsequent requests using
|
||||
NDR64 syntax.
|
||||
|
||||
|
||||
-B0 and -B1
|
||||
Disables (-B0) or enables (-B1) bind time feature negotiation
|
||||
(BTFN) in the RPC protocol. Disable BTFN only in case of prob‐
|
||||
Disables (-B0) or enables (-B1) bind time feature negotiation
|
||||
(BTFN) in the RPC protocol. Disable BTFN only in case of prob‐
|
||||
lems. If BTFN is not used, vlmcs cannot detect many RPC protocol
|
||||
errors in KMS emulators.
|
||||
|
||||
|
||||
Options that do not require an argument can be specified together with
|
||||
a single dash, e.g. vlmcs -6mvT. If you specify an option more than
|
||||
Options that do not require an argument can be specified together with
|
||||
a single dash, e.g. vlmcs -6mvT. If you specify an option more than
|
||||
once, the last occurence will be in effect.
|
||||
|
||||
|
||||
@ -278,34 +287,34 @@ FILES
|
||||
|
||||
EXAMPLES
|
||||
vlmcs kms.example.com
|
||||
Request activation for Windows Vista using v4 protocol from
|
||||
kms.example.com. Repeat activation requests until server is
|
||||
Request activation for Windows Vista using v4 protocol from
|
||||
kms.example.com. Repeat activation requests until server is
|
||||
charged for all Windows products.
|
||||
|
||||
|
||||
vlmcs -
|
||||
Request activation for Windows Vista using v4 protocol from a
|
||||
Request activation for Windows Vista using v4 protocol from a
|
||||
KMS server that is published via DNS for the current domain.
|
||||
|
||||
|
||||
vlmcs .example.com
|
||||
Request activation for Windows Vista using v4 protocol from a
|
||||
Request activation for Windows Vista using v4 protocol from a
|
||||
KMS server that is published via DNS for domain example.com.
|
||||
|
||||
|
||||
vlmcs -6 -l Office2013 -v -n 1
|
||||
Request exactly one activation for Office2013 using v6 protocol
|
||||
Request exactly one activation for Office2013 using v6 protocol
|
||||
from localhost. Display verbose results.
|
||||
|
||||
|
||||
vlmcs kms.bigcompany.com -G /etc/vlmcsd.ini
|
||||
Get ePIDs and HWIDs from kms.bigcompany.com and create/update
|
||||
Get ePIDs and HWIDs from kms.bigcompany.com and create/update
|
||||
/etc/vlmcsd.ini accordingly.
|
||||
|
||||
|
||||
BUGS
|
||||
Some platforms (e.g. Solaris) may have a man(7) system that does not
|
||||
handle URLs. URLs may be omitted in the documentation on those plat‐
|
||||
Some platforms (e.g. Solaris) may have a man(7) system that does not
|
||||
handle URLs. URLs may be omitted in the documentation on those plat‐
|
||||
forms. Cygwin, Linux, FreeBSD and Mac OS X are known to work correctly.
|
||||
|
||||
|
||||
@ -314,7 +323,7 @@ AUTHOR
|
||||
|
||||
|
||||
CREDITS
|
||||
Thanks to CODYQX4, crony12, deagles, DougQaid, eIcn, mikmik38, nos‐
|
||||
Thanks to CODYQX4, crony12, deagles, DougQaid, eIcn, mikmik38, nos‐
|
||||
ferati87, qad, Ratiborus, vityan666, ...
|
||||
|
||||
|
||||
@ -323,4 +332,4 @@ SEE ALSO
|
||||
|
||||
|
||||
|
||||
Hotbird64 October 2016 VLMCS(1)
|
||||
Hotbird64 November 2016 VLMCS(1)
|
||||
|
@ -1,5 +1,5 @@
|
||||
<!-- Creator : groff version 1.22.3 -->
|
||||
<!-- CreationDate: Fri Nov 4 17:18:01 2016 -->
|
||||
<!-- CreationDate: Mon Nov 28 01:28:23 2016 -->
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||
"http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
|
Binary file not shown.
@ -1,5 +1,5 @@
|
||||
<!-- Creator : groff version 1.22.3 -->
|
||||
<!-- CreationDate: Fri Nov 4 17:18:01 2016 -->
|
||||
<!-- CreationDate: Mon Nov 28 01:28:23 2016 -->
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||
"http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
|
BIN
man/vlmcsd.7.pdf
BIN
man/vlmcsd.7.pdf
Binary file not shown.
22
man/vlmcsd.8
22
man/vlmcsd.8
@ -1,5 +1,5 @@
|
||||
.mso www.tmac
|
||||
.TH VLMCSD 8 "October 2016" "Hotbird64" "KMS Activation Manual"
|
||||
.TH VLMCSD 8 "November 2016" "Hotbird64" "KMS Activation Manual"
|
||||
.LO 8
|
||||
|
||||
.SH NAME
|
||||
@ -17,7 +17,17 @@ vlmcsd \- a fully Microsoft compatible KMS server
|
||||
.PP
|
||||
Although \fBvlmcsd\fR does neither require an activation key nor a payment to anyone, it is not meant to run illegal copies of Windows. Its purpose is to ensure that owners of legal copies can use their software without restrictions, e.g. if you buy a new computer or motherboard and your key will be refused activation from Microsoft servers due to hardware changes.
|
||||
.PP
|
||||
\fBvlmcsd\fR may be started via an internet superserver like \fBinetd\fR(8) or \fBxinetd\fR(8) as well as an advanced init system like \fBsystemd\fR(8) or \fBlaunchd\fR(8) using socket based activation. If \fBvlmcsd\fR detects that \fBstdin\fR(3) is a socket, it assumes that there is already a connected client on stdin that wants to be activated. All options that control setting up listening sockets will be ignored when in inetd mode.
|
||||
\fBvlmcsd\fR may be started via an internet superserver like \fBinetd\fR(8) or \fBxinetd\fR(8) as well as an advanced init system like \fBsystemd\fR(8) or \fBlaunchd\fR(8) using socket based activation. If \fBvlmcsd\fR detects that \fBstdin\fR(3) is a socket, it assumes that there is already a connected client on stdin that wants to be activated.
|
||||
|
||||
All options that control setting up listening sockets will be ignored when in inetd mode. The sockets will be set up by your internet superserver. You also cannot limit the number of simultanous clients (option \fB-m\fR). You need to configure the limit in your internet superserver.
|
||||
|
||||
The followong features that require that vlmcsd is permanently loaded will not work if started from an internet superserver:
|
||||
|
||||
.IP
|
||||
You cannot maintain a client list (option \fB-M1\fR)
|
||||
|
||||
.IP
|
||||
EPID Randomization Level 1 (option \fB-r1\fR) works like Level 2 (\fB-r2\fR). You may want to use Level 0 (\fB-r0\fR) or custom EPIDs (options \fB-w\fR, \fB-0\fR, \fB-3\fR and \fB-6\fR) instead.
|
||||
|
||||
.SH OPTIONS
|
||||
Since vlmcsd can be configured at compile time, some options may not be available on your system.
|
||||
@ -156,6 +166,11 @@ Use configuration file (aka ini file) \fIfilename\fR. Most configuration paramet
|
||||
|
||||
If vlmcsd has been compiled to use a default configuration file (often /etc/vlmcsd.ini), you may use \fB-i-\fR to ignore the default configuration file.
|
||||
|
||||
.IP "\fB-j\fR \fIfilename\fR"
|
||||
Use KMS data file \fIfilename\fR. By default vlmcsd only contains the minimum product data that is required to perform all operations correctly. You may use a more complete KMS data file that contains all detailed product names. This is especially useful if you are logging KMS requests. If you don't log, there is no need to load an external KMS data file.
|
||||
|
||||
If vlmcsd has been compiled to use a default KMS data file, you may use \fB-j-\fR to ignore the default configuration file.
|
||||
|
||||
.IP "\fB-r0\fR, \fB-r1\fR (default) and \fB-r2\fR"
|
||||
These options determine how ePIDs are generated if
|
||||
|
||||
@ -300,9 +315,6 @@ Installs \fBvlmcsd\fR as a Windows service with low privileges and logs everythi
|
||||
.SH BUGS
|
||||
An ePID specified in an ini file must not contain spaces.
|
||||
|
||||
.SH INTENTIONAL BUGS
|
||||
vlmcsd always reports enough active clients to satisfy the N count policy of the request.
|
||||
|
||||
.SH AUTHOR
|
||||
Written by crony12, Hotbird64 and vityan666.
|
||||
With contributions from DougQaid.
|
||||
|
@ -33,18 +33,33 @@ DESCRIPTION
|
||||
xinetd(8) as well as an advanced init system like systemd(8) or
|
||||
launchd(8) using socket based activation. If vlmcsd detects that
|
||||
stdin(3) is a socket, it assumes that there is already a connected
|
||||
client on stdin that wants to be activated. All options that control
|
||||
setting up listening sockets will be ignored when in inetd mode.
|
||||
client on stdin that wants to be activated.
|
||||
|
||||
All options that control setting up listening sockets will be ignored
|
||||
when in inetd mode. The sockets will be set up by your internet super‐
|
||||
server. You also cannot limit the number of simultanous clients (option
|
||||
-m). You need to configure the limit in your internet superserver.
|
||||
|
||||
The followong features that require that vlmcsd is permanently loaded
|
||||
will not work if started from an internet superserver:
|
||||
|
||||
|
||||
You cannot maintain a client list (option -M1)
|
||||
|
||||
|
||||
EPID Randomization Level 1 (option -r1) works like Level 2
|
||||
(-r2). You may want to use Level 0 (-r0) or custom EPIDs
|
||||
(options -w, -0, -3 and -6) instead.
|
||||
|
||||
|
||||
OPTIONS
|
||||
Since vlmcsd can be configured at compile time, some options may not be
|
||||
available on your system.
|
||||
|
||||
All options that do no require an argument may be combined with a sin‐
|
||||
All options that do no require an argument may be combined with a sin‐
|
||||
gle dash, for instance "vlmcsd -D -e" is identical to "vlmcsd -De". For
|
||||
all options that require an argument a space between the option and the
|
||||
option argument is optional. Thus "vlmcsd -r 2" and "vlmcsd -r2" are
|
||||
option argument is optional. Thus "vlmcsd -r 2" and "vlmcsd -r2" are
|
||||
identical too.
|
||||
|
||||
|
||||
@ -52,154 +67,154 @@ OPTIONS
|
||||
Displays help.
|
||||
|
||||
|
||||
-V Displays extended version information. This includes the com‐
|
||||
piler used to build vlmcsd, the intended platform and flags
|
||||
(compile time options) to build vlmcsd. If you have the source
|
||||
-V Displays extended version information. This includes the com‐
|
||||
piler used to build vlmcsd, the intended platform and flags
|
||||
(compile time options) to build vlmcsd. If you have the source
|
||||
code of vlmcsd, you can type make help (or gmake help on systems
|
||||
that do not use the GNU version of make(1) by default) to see
|
||||
that do not use the GNU version of make(1) by default) to see
|
||||
the meaning of those flags.
|
||||
|
||||
|
||||
-L ipaddress[:port]
|
||||
Instructs vlmcsd to listen on ipaddress with optional port
|
||||
(default 1688). You can use this option more than once. If you
|
||||
Instructs vlmcsd to listen on ipaddress with optional port
|
||||
(default 1688). You can use this option more than once. If you
|
||||
do not specify -L at least once, IP addresses 0.0.0.0 (IPv4) and
|
||||
:: (IPv6) are used. If the IP address contains colons (IPv6) you
|
||||
must enclose the IP address in brackets if you specify the
|
||||
must enclose the IP address in brackets if you specify the
|
||||
optional port, e.g. [2001:db8::dead:beef]:1688.
|
||||
|
||||
If no port is specified, vlmcsd uses the default port according
|
||||
to a preceding -P option. If you specify a port, it can be a
|
||||
number (1-65535) or a name (usually found in /etc/services if
|
||||
If no port is specified, vlmcsd uses the default port according
|
||||
to a preceding -P option. If you specify a port, it can be a
|
||||
number (1-65535) or a name (usually found in /etc/services if
|
||||
not provided via LDAP, NIS+ or another name service).
|
||||
|
||||
If you specify a link local IPv6 address (fe80::/10, usually
|
||||
If you specify a link local IPv6 address (fe80::/10, usually
|
||||
starting with fe80::), it must be followed by a percent sign (%)
|
||||
and a scope id (=network interface name or number) on most
|
||||
unixoid OSses including Linux, Android, MacOS X and iOS, e.g.
|
||||
and a scope id (=network interface name or number) on most
|
||||
unixoid OSses including Linux, Android, MacOS X and iOS, e.g.
|
||||
fe80::1234:56ff:fe78:9abc%eth0 or
|
||||
[fe80::1234:56ff:fe78:9abc%2]:1688. Windows (including cygwin)
|
||||
does not require a scope id unless the same link local address
|
||||
is used on more than one network interface. Windows does not
|
||||
[fe80::1234:56ff:fe78:9abc%2]:1688. Windows (including cygwin)
|
||||
does not require a scope id unless the same link local address
|
||||
is used on more than one network interface. Windows does not
|
||||
accept a name and the scope id must be a number.
|
||||
|
||||
|
||||
-o level
|
||||
Sets the level of protection against activations from public IP
|
||||
Sets the level of protection against activations from public IP
|
||||
addresses. The default is -o0 for no protection.
|
||||
|
||||
-o1 causes vlmcsd not to listen on all IP addresses but on pri‐
|
||||
vate IP addresses only. IPv4 addresses in the 100.64.0.0/10
|
||||
-o1 causes vlmcsd not to listen on all IP addresses but on pri‐
|
||||
vate IP addresses only. IPv4 addresses in the 100.64.0.0/10
|
||||
range (see RFC6598) are not treated as private since they can be
|
||||
reached from other users of your ISP. Private IPv4 addresses are
|
||||
10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 and
|
||||
127.0.0.0/8. vlmcsd treats all IPv6 addresses not within
|
||||
10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 and
|
||||
127.0.0.0/8. vlmcsd treats all IPv6 addresses not within
|
||||
2000::/3 as private addresses.
|
||||
|
||||
If -o1 is combined with -L, it will listen on all private IP
|
||||
addresses plus the ones specified by one or more -L statements.
|
||||
If -o1 is combined with -P, only the last -P statement will be
|
||||
If -o1 is combined with -L, it will listen on all private IP
|
||||
addresses plus the ones specified by one or more -L statements.
|
||||
If -o1 is combined with -P, only the last -P statement will be
|
||||
used.
|
||||
|
||||
Using -o1 does not protect you if you enable NAT port forwarding
|
||||
on your router to your vlmcsd machine. It is identical to using
|
||||
multiple -L statements with all of your private IP addresses.
|
||||
on your router to your vlmcsd machine. It is identical to using
|
||||
multiple -L statements with all of your private IP addresses.
|
||||
What -o1 does for you, is automatically enumerating your private
|
||||
IP addresses.
|
||||
|
||||
-o2 does not affect the interfaces, vlmcsd is listening on. When
|
||||
a clients connects, vlmcsd immediately drops the connection if
|
||||
the client has a public IP address. Unlike -o1 clients will be
|
||||
a clients connects, vlmcsd immediately drops the connection if
|
||||
the client has a public IP address. Unlike -o1 clients will be
|
||||
able to establish a TCP connection but it will be closed without
|
||||
a single byte sent over the connection. This protects against
|
||||
clients with public IP addresses even if NAT port forwarding is
|
||||
used. While -o2 offers a higher level of protection than -o1,
|
||||
a single byte sent over the connection. This protects against
|
||||
clients with public IP addresses even if NAT port forwarding is
|
||||
used. While -o2 offers a higher level of protection than -o1,
|
||||
the client sees that the KMS TCP port (1688 by default) is actu‐
|
||||
ally accepting connections.
|
||||
|
||||
If vlmcsd is compiled to use MS RPC, -o2 can only offer very
|
||||
poor protection. Control is passed from MS RPC to vlmcsd after
|
||||
the KMS protocol has already been negotiated. Thus a client can
|
||||
always verify that the KMS protocol is available even though it
|
||||
If vlmcsd is compiled to use MS RPC, -o2 can only offer very
|
||||
poor protection. Control is passed from MS RPC to vlmcsd after
|
||||
the KMS protocol has already been negotiated. Thus a client can
|
||||
always verify that the KMS protocol is available even though it
|
||||
receives an RPC_S_ACCESS_DENIED error message. vlmcsd will issue
|
||||
a warning if -o2 is used with MS RPC. For adaequate protection
|
||||
a warning if -o2 is used with MS RPC. For adaequate protection
|
||||
do not use a MS RPC build of vlmcsd with -o2.
|
||||
|
||||
-o3 combines -o1 and -o2. vlmcsd listens on private interfaces
|
||||
-o3 combines -o1 and -o2. vlmcsd listens on private interfaces
|
||||
only and if a public client manages to connect anyway due to NAT
|
||||
port forwarding, it will be immediately dropped.
|
||||
|
||||
If you use any form of TCP level port forwarding (e.g. nc(1),
|
||||
netcat(1), ssh(1) port forwarding or similar) to redirect KMS
|
||||
requests to vlmcsd, there will be no protection even if you use
|
||||
-o2 or -o3. This is due to the simple fact that vlmcsd sees the
|
||||
IP address of the redirector and not the IP address of the
|
||||
If you use any form of TCP level port forwarding (e.g. nc(1),
|
||||
netcat(1), ssh(1) port forwarding or similar) to redirect KMS
|
||||
requests to vlmcsd, there will be no protection even if you use
|
||||
-o2 or -o3. This is due to the simple fact that vlmcsd sees the
|
||||
IP address of the redirector and not the IP address of the
|
||||
client.
|
||||
|
||||
-o1 (and thus -o3) is not (yet) available in some scenarios:
|
||||
|
||||
FreeBSD: There is a longtime unfixed bug ⟨https://
|
||||
bugs.freebsd.org/bugzilla/show_bug.cgi?id=178881⟩ in the
|
||||
bugs.freebsd.org/bugzilla/show_bug.cgi?id=178881⟩ in the
|
||||
32-bit ABI of the 64-bit kernel. If you have a 64-bit Free‐
|
||||
BSD kernel, you must run the 64-bit version of vlmcsd if
|
||||
you use -o1 or -o3. The 32-bit version causes undefined
|
||||
behavior up to crashing vlmcsd. Other BSDs (NetBSD, Open‐
|
||||
BSD kernel, you must run the 64-bit version of vlmcsd if
|
||||
you use -o1 or -o3. The 32-bit version causes undefined
|
||||
behavior up to crashing vlmcsd. Other BSDs (NetBSD, Open‐
|
||||
BSD, Dragonfly and Mac OS X) work correctly.
|
||||
|
||||
If vlmcsd was started by an internet superserver or was
|
||||
compiled to use Microsoft RPC (Windows only) or simple
|
||||
If vlmcsd was started by an internet superserver or was
|
||||
compiled to use Microsoft RPC (Windows only) or simple
|
||||
sockets, -o1 and -o3 are not available by design.
|
||||
|
||||
|
||||
-P port
|
||||
Use TCP port for all subsequent -L statements that do not
|
||||
Use TCP port for all subsequent -L statements that do not
|
||||
include an optional port. If you use -P and -L, -P must be spec‐
|
||||
ified before -L.
|
||||
|
||||
|
||||
-F0 and -F1
|
||||
Allow (-F1) or disallow (-F0) binding to IP addresses that are
|
||||
Allow (-F1) or disallow (-F0) binding to IP addresses that are
|
||||
currently not configured on your system. The default is -F0. -F1
|
||||
allows you to bind to an IP address that may be configured after
|
||||
you started vlmcsd. vlmcsd will listen on that address as soon
|
||||
as it becomes available. This feature is only available under
|
||||
Linux (IPv4 and IPv6) and FreeBSD (IPv4 only). FreeBSD allows
|
||||
this feature only for the root user (more correctly: processes
|
||||
that have the PRIV_NETINET_BINDANY privilege). Linux does not
|
||||
you started vlmcsd. vlmcsd will listen on that address as soon
|
||||
as it becomes available. This feature is only available under
|
||||
Linux (IPv4 and IPv6) and FreeBSD (IPv4 only). FreeBSD allows
|
||||
this feature only for the root user (more correctly: processes
|
||||
that have the PRIV_NETINET_BINDANY privilege). Linux does not
|
||||
require a capability for this.
|
||||
|
||||
|
||||
-t seconds
|
||||
Timeout the TCP connection with the client after seconds sec‐
|
||||
onds. After sending an activation request. RPC keeps the TCP
|
||||
Timeout the TCP connection with the client after seconds sec‐
|
||||
onds. After sending an activation request. RPC keeps the TCP
|
||||
connection for a while. The default is 30 seconds. You may spec‐
|
||||
ify a shorter period to free ressources on your device faster.
|
||||
This is useful for devices with limited main memory or if you
|
||||
ify a shorter period to free ressources on your device faster.
|
||||
This is useful for devices with limited main memory or if you
|
||||
used -m to limit the concurrent clients that may request activa‐
|
||||
tion. Microsoft RPC clients disconnect after 30 seconds by
|
||||
default. Setting seconds to a greater value does not make much
|
||||
tion. Microsoft RPC clients disconnect after 30 seconds by
|
||||
default. Setting seconds to a greater value does not make much
|
||||
sense.
|
||||
|
||||
|
||||
-m concurrent-clients
|
||||
Limit the number of clients that will be handled concurrently.
|
||||
Limit the number of clients that will be handled concurrently.
|
||||
This is useful for devices with limited ressources or if you are
|
||||
experiencing DoS attacks that spawn thousands of threads or
|
||||
forked processes. If additional clients connect to vlmcsd, they
|
||||
need to wait until another client disconnects. If you set con‐
|
||||
experiencing DoS attacks that spawn thousands of threads or
|
||||
forked processes. If additional clients connect to vlmcsd, they
|
||||
need to wait until another client disconnects. If you set con‐
|
||||
current-clients to a small value ( <10 ), you should also select
|
||||
a reasonable timeout of 2 or 3 seconds with -t. The default is
|
||||
a reasonable timeout of 2 or 3 seconds with -t. The default is
|
||||
no limit.
|
||||
|
||||
|
||||
-d Disconnect each client after processing one activation request.
|
||||
This is a direct violation of DCE RPC but may help if you
|
||||
receive malicous fake RPC requests that block your threads or
|
||||
forked processes. Some other KMS emulators (e.g. py-kms) behave
|
||||
-d Disconnect each client after processing one activation request.
|
||||
This is a direct violation of DCE RPC but may help if you
|
||||
receive malicous fake RPC requests that block your threads or
|
||||
forked processes. Some other KMS emulators (e.g. py-kms) behave
|
||||
this way.
|
||||
|
||||
|
||||
-k Do not disconnect clients after processing an activation
|
||||
-k Do not disconnect clients after processing an activation
|
||||
request. This selects the default behavior. -k is useful only if
|
||||
you used an ini file (see vlmcsd.ini(5) and -i). If the ini file
|
||||
contains the line "DisconnectClientsImmediately = true", you can
|
||||
@ -207,135 +222,135 @@ OPTIONS
|
||||
|
||||
|
||||
-N0 and -N1
|
||||
Disables (-N0) or enables (-N1) the use of the NDR64 transfer
|
||||
syntax in the RPC protocol. Unlike Microsoft vlmcsd supports
|
||||
Disables (-N0) or enables (-N1) the use of the NDR64 transfer
|
||||
syntax in the RPC protocol. Unlike Microsoft vlmcsd supports
|
||||
NDR64 on 32-bit operating systems. Microsoft introduced NDR64 in
|
||||
Windows Vista but their KMS servers started using it with Win‐
|
||||
dows 8. Thus if you choose random ePIDs, vlmcsd will select
|
||||
ePIDs with build numbers 9200 and 9600 if you enable NDR64 and
|
||||
Windows Vista but their KMS servers started using it with Win‐
|
||||
dows 8. Thus if you choose random ePIDs, vlmcsd will select
|
||||
ePIDs with build numbers 9200 and 9600 if you enable NDR64 and
|
||||
build numbers 6002 and 7601 if you disable NDR64. The default is
|
||||
to enable NDR64.
|
||||
|
||||
|
||||
-B0 and -B1
|
||||
Disables (-B0) or enables (-B1) bind time feature negotiation
|
||||
Disables (-B0) or enables (-B1) bind time feature negotiation
|
||||
(BTFN) in the RPC protocol. All Windows operating systems start‐
|
||||
ing with Vista support BTFN and try to negotiate it when initi‐
|
||||
ing with Vista support BTFN and try to negotiate it when initi‐
|
||||
ating an RPC connection. Thus consider turning it off as a debug
|
||||
/ troubleshooting feature only. Some older firewalls that selec‐
|
||||
tively block or redirect RPC traffic may get confused when they
|
||||
tively block or redirect RPC traffic may get confused when they
|
||||
detect NDR64 or BTFN.
|
||||
|
||||
|
||||
-l filename
|
||||
Use filename as a log file. The log file records all activations
|
||||
with IP address, Windows workstation name (no reverse DNS
|
||||
lookup), activated product, KMS protocol, time and date. If you
|
||||
with IP address, Windows workstation name (no reverse DNS
|
||||
lookup), activated product, KMS protocol, time and date. If you
|
||||
do not specify a log file, no log is created. For a live view of
|
||||
the log file type tail -f file.
|
||||
|
||||
If you use the special filename "syslog", vlmcsd uses syslog(3)
|
||||
for logging. If your system has no syslog service (/dev/log)
|
||||
installed, logging output will go to /dev/console. Syslog log‐
|
||||
ging is not available in the native Windows version. The Cygwin
|
||||
If you use the special filename "syslog", vlmcsd uses syslog(3)
|
||||
for logging. If your system has no syslog service (/dev/log)
|
||||
installed, logging output will go to /dev/console. Syslog log‐
|
||||
ging is not available in the native Windows version. The Cygwin
|
||||
version does support syslog logging.
|
||||
|
||||
|
||||
-T0 and -T1
|
||||
Disable (-T0) or enable (-T1) the inclusion of date and time in
|
||||
each line of the log. The default is -T1. -T0 is useful if you
|
||||
log to stdout(3) which is redirected to another logging mecha‐
|
||||
nism that already includes date and time in its output, for
|
||||
instance systemd-journald(8). If you log to syslog(3), -T1 is
|
||||
ignored and date and time will never be included in the output
|
||||
Disable (-T0) or enable (-T1) the inclusion of date and time in
|
||||
each line of the log. The default is -T1. -T0 is useful if you
|
||||
log to stdout(3) which is redirected to another logging mecha‐
|
||||
nism that already includes date and time in its output, for
|
||||
instance systemd-journald(8). If you log to syslog(3), -T1 is
|
||||
ignored and date and time will never be included in the output
|
||||
sent to syslog(3).
|
||||
|
||||
|
||||
-D Normally vlmcsd daemonizes and runs in background (except the
|
||||
native Windows version). If -D is specified, vlmcsd does not
|
||||
-D Normally vlmcsd daemonizes and runs in background (except the
|
||||
native Windows version). If -D is specified, vlmcsd does not
|
||||
daemonize and runs in foreground. This is useful for testing and
|
||||
allows you to simply press <Ctrl-C> to exit vlmcsd.
|
||||
|
||||
The native Windows version never daemonizes and always behaves
|
||||
The native Windows version never daemonizes and always behaves
|
||||
as if -D had been specified. You may want to install vlmcsd as a
|
||||
service instead. See -s.
|
||||
|
||||
|
||||
-e If specified, vlmcsd ignores -l and writes all logging output to
|
||||
stdout(3). This is mainly useful for testing and debugging and
|
||||
stdout(3). This is mainly useful for testing and debugging and
|
||||
often combined with -D.
|
||||
|
||||
|
||||
-v Use verbose logging. Logs every parameter of the base request
|
||||
and the base response. It also logs the HWID of the KMS server
|
||||
if KMS protocol version 6 is used. This option is mainly for
|
||||
debugging purposes. It only has an effect if some form of log‐
|
||||
ging is used. Thus -v does not make sense if not used with -l,
|
||||
-v Use verbose logging. Logs every parameter of the base request
|
||||
and the base response. It also logs the HWID of the KMS server
|
||||
if KMS protocol version 6 is used. This option is mainly for
|
||||
debugging purposes. It only has an effect if some form of log‐
|
||||
ging is used. Thus -v does not make sense if not used with -l,
|
||||
-e or -f.
|
||||
|
||||
|
||||
-q Do not use verbose logging. This is actually the default behav‐
|
||||
-q Do not use verbose logging. This is actually the default behav‐
|
||||
ior. It only makes sense if you use vlmcsd with an ini file (see
|
||||
-i and vlmcsd.ini(5)). If the ini file contains the line
|
||||
-i and vlmcsd.ini(5)). If the ini file contains the line
|
||||
"LogVerbose = true" you can use -q to restore the default behav‐
|
||||
ior.
|
||||
|
||||
|
||||
-p filename
|
||||
Create pid file filename. This has nothing to do with KMS ePIDs.
|
||||
A pid file is a file where vlmcsd writes its own process id.
|
||||
This is used by standard init scripts (typically found in
|
||||
A pid file is a file where vlmcsd writes its own process id.
|
||||
This is used by standard init scripts (typically found in
|
||||
/etc/init.d). The default is not to write a pid file.
|
||||
|
||||
|
||||
-u user and -g group
|
||||
Causes vlmcsd to run in the specified user and group security
|
||||
context. The main purpose for this is to drop root privileges
|
||||
after it has been started from the root account. To use this
|
||||
feature from cygwin you must run cyglsa-config and the account
|
||||
from which vlmcsd is started must have the rights "Act as part
|
||||
of the operating system" and "Replace a process level token".
|
||||
Causes vlmcsd to run in the specified user and group security
|
||||
context. The main purpose for this is to drop root privileges
|
||||
after it has been started from the root account. To use this
|
||||
feature from cygwin you must run cyglsa-config and the account
|
||||
from which vlmcsd is started must have the rights "Act as part
|
||||
of the operating system" and "Replace a process level token".
|
||||
The native Windows version does not support these options.
|
||||
|
||||
The actual security context switch is performed after the TCP
|
||||
sockets have been created. This allows you to use privileged
|
||||
The actual security context switch is performed after the TCP
|
||||
sockets have been created. This allows you to use privileged
|
||||
ports (< 1024) when you start vlmcsd from the root account.
|
||||
|
||||
However if you use an ini, pid or log file, you must ensure that
|
||||
the unprivileged user has access to these files. You can always
|
||||
log to syslog(3) from an unprivileged account on most platforms
|
||||
the unprivileged user has access to these files. You can always
|
||||
log to syslog(3) from an unprivileged account on most platforms
|
||||
(see -l).
|
||||
|
||||
|
||||
-w ePID
|
||||
Use ePID as Windows ePID. If specified, -r is disregarded for
|
||||
Use ePID as Windows ePID. If specified, -r is disregarded for
|
||||
Windows.
|
||||
|
||||
|
||||
-0 ePID
|
||||
Use ePID as Office 2010 ePID (including Project and Visio). If
|
||||
Use ePID as Office 2010 ePID (including Project and Visio). If
|
||||
specified, -r is disregarded for Office 2010.
|
||||
|
||||
|
||||
-3 ePID
|
||||
Use ePID as Office 2013 ePID (including Project and Visio). If
|
||||
Use ePID as Office 2013 ePID (including Project and Visio). If
|
||||
specified, -r is disregarded for Office 2013.
|
||||
|
||||
|
||||
-6 ePID
|
||||
Use ePID as Office 2016 ePID (including Project and Visio). If
|
||||
Use ePID as Office 2016 ePID (including Project and Visio). If
|
||||
specified, -r is disregarded for Office 2016.
|
||||
|
||||
|
||||
-H HwId
|
||||
Use HwId for all products. All HWIDs in the ini file (see -i)
|
||||
Use HwId for all products. All HWIDs in the ini file (see -i)
|
||||
will not be used. In an ini file you can specify a seperate HWID
|
||||
for each application-guid. This is not possible when entering a
|
||||
for each application-guid. This is not possible when entering a
|
||||
HWID from the command line.
|
||||
|
||||
HwId must be specified as 16 hex digits that are interpreted as
|
||||
a series of 8 bytes (big endian). Any character that is not a
|
||||
hex digit will be ignored. This is for better readability. The
|
||||
HwId must be specified as 16 hex digits that are interpreted as
|
||||
a series of 8 bytes (big endian). Any character that is not a
|
||||
hex digit will be ignored. This is for better readability. The
|
||||
following commands are identical:
|
||||
|
||||
vlmcsd -H 0123456789ABCDEF
|
||||
@ -344,129 +359,141 @@ OPTIONS
|
||||
|
||||
|
||||
-i filename
|
||||
Use configuration file (aka ini file) filename. Most configura‐
|
||||
Use configuration file (aka ini file) filename. Most configura‐
|
||||
tion parameters can be set either via the command line or an ini
|
||||
file. The command line always has precedence over configuration
|
||||
items in the ini file. See vlmcsd.ini(5) for the format of the
|
||||
file. The command line always has precedence over configuration
|
||||
items in the ini file. See vlmcsd.ini(5) for the format of the
|
||||
configuration file.
|
||||
|
||||
If vlmcsd has been compiled to use a default configuration file
|
||||
(often /etc/vlmcsd.ini), you may use -i- to ignore the default
|
||||
If vlmcsd has been compiled to use a default configuration file
|
||||
(often /etc/vlmcsd.ini), you may use -i- to ignore the default
|
||||
configuration file.
|
||||
|
||||
|
||||
-j filename
|
||||
Use KMS data file filename. By default vlmcsd only contains the
|
||||
minimum product data that is required to perform all operations
|
||||
correctly. You may use a more complete KMS data file that con‐
|
||||
tains all detailed product names. This is especially useful if
|
||||
you are logging KMS requests. If you don't log, there is no need
|
||||
to load an external KMS data file.
|
||||
|
||||
If vlmcsd has been compiled to use a default KMS data file, you
|
||||
may use -j- to ignore the default configuration file.
|
||||
|
||||
|
||||
-r0, -r1 (default) and -r2
|
||||
These options determine how ePIDs are generated if
|
||||
|
||||
- you did not sprecify an ePID in the command line and
|
||||
- you haven't used -i or
|
||||
- the file specified by -i cannot be opened or
|
||||
- the file specified by -i does not contain an ePID for the KMS
|
||||
- the file specified by -i does not contain an ePID for the KMS
|
||||
request
|
||||
|
||||
-r0 means there are no random ePIDs. vlmcsd simply issues
|
||||
default ePIDs that are built into the binary at compile time.
|
||||
Pro: behaves like real KMS server that also always issues the
|
||||
same ePID. Con: Microsoft may start blacklisting again and the
|
||||
-r0 means there are no random ePIDs. vlmcsd simply issues
|
||||
default ePIDs that are built into the binary at compile time.
|
||||
Pro: behaves like real KMS server that also always issues the
|
||||
same ePID. Con: Microsoft may start blacklisting again and the
|
||||
default ePID may not work any longer.
|
||||
|
||||
-r1 instructs vlmcsd to generate random ePIDs when the program
|
||||
-r1 instructs vlmcsd to generate random ePIDs when the program
|
||||
starts or receives a SIGHUP signal and uses these ePIDs until it
|
||||
is stopped or receives another SIGHUP. Most other KMS emulators
|
||||
generate a new ePID on every KMS request. This is easily
|
||||
is stopped or receives another SIGHUP. Most other KMS emulators
|
||||
generate a new ePID on every KMS request. This is easily
|
||||
detectable. Microsoft could just modify sppsvc.exe in a way that
|
||||
it always sends two identical KMS requests in two RPC requests
|
||||
but over the same TCP connection. If both KMS responses contain
|
||||
the different ePIDs, the KMS server is not genuine. -r1 is the
|
||||
default mode. -r1 also ensures that all three ePIDs (Windows,
|
||||
Office 2010 and Office 2013) use the same OS build number and
|
||||
it always sends two identical KMS requests in two RPC requests
|
||||
but over the same TCP connection. If both KMS responses contain
|
||||
the different ePIDs, the KMS server is not genuine. -r1 is the
|
||||
default mode. -r1 also ensures that all three ePIDs (Windows,
|
||||
Office 2010 and Office 2013) use the same OS build number and
|
||||
LCID (language id).
|
||||
|
||||
If vlmcsd has been started by an internet superserver, -r1 works
|
||||
almost identically to -r2. The only exception occurs if you send
|
||||
more than one activation request over the same TCP connection.
|
||||
This is simply due to the fact that vlmcsd is started upon a
|
||||
more than one activation request over the same TCP connection.
|
||||
This is simply due to the fact that vlmcsd is started upon a
|
||||
connection request and does not stay in memory after servicing a
|
||||
KMS request. Consider using -r0 or -w, -0, -3 and -6 when start‐
|
||||
ing vlmcsd by an internet superserver.
|
||||
|
||||
-r2 behaves like most other KMS server emulators with random
|
||||
support and generates a new random ePID on every request. -r2
|
||||
should be treated as debugging option only because it allows
|
||||
-r2 behaves like most other KMS server emulators with random
|
||||
support and generates a new random ePID on every request. -r2
|
||||
should be treated as debugging option only because it allows
|
||||
very easy emulator detection.
|
||||
|
||||
|
||||
-C LCID
|
||||
Do not randomize the locale id part of the ePID and use LCID
|
||||
instead. The LCID must be specified as a decimal number, e.g.
|
||||
1049 for "Russian - Russia". This option has no effect if the
|
||||
ePID is not randomized at all, e.g. if it is selected from the
|
||||
Do not randomize the locale id part of the ePID and use LCID
|
||||
instead. The LCID must be specified as a decimal number, e.g.
|
||||
1049 for "Russian - Russia". This option has no effect if the
|
||||
ePID is not randomized at all, e.g. if it is selected from the
|
||||
command line or an ini file.
|
||||
|
||||
By default vlmcsd generates a valid locale id that is recognized
|
||||
by .NET Framework 4.0. This may lead to a locale id which is
|
||||
by .NET Framework 4.0. This may lead to a locale id which is
|
||||
unlikely to occur in your country, for instance 2155 for "Quecha
|
||||
- Ecuador". You may want to select the locale id of your country
|
||||
instead. See MSDN ⟨http://msdn.microsoft.com/en-us/goglobal/
|
||||
bb964664.aspx⟩ for a list of valid LCIDs. Please note that some
|
||||
bb964664.aspx⟩ for a list of valid LCIDs. Please note that some
|
||||
of them are not recognized by .NET Framework 4.0.
|
||||
|
||||
Most other KMS emulators use a fixed LCID of 1033 (English -
|
||||
Most other KMS emulators use a fixed LCID of 1033 (English -
|
||||
US). To achive the same behavior in vlmcsd use -C 1033.
|
||||
|
||||
|
||||
-K0, -K1, -K2 and -K3
|
||||
Sets the whitelisting level to determine which products vlmcsd
|
||||
Sets the whitelisting level to determine which products vlmcsd
|
||||
activates or refuses. The default is -K0.
|
||||
|
||||
-K0: activate all products with an unknown, retail or
|
||||
-K0: activate all products with an unknown, retail or
|
||||
beta/preview KMS ID.
|
||||
-K1: activate products with a retail or beta/preview KMS ID
|
||||
but refuse to activate products with an unknown KMS ID.
|
||||
-K2: activate products with an unknown KMS ID but refuse
|
||||
-K2: activate products with an unknown KMS ID but refuse
|
||||
products with a retail or beta/preview KMS ID.
|
||||
-K3: activate only products with a known volume license RTM
|
||||
KMS ID and refuse all others.
|
||||
|
||||
|
||||
The SKU ID is not checked. Like a genuine KMS server vlmcsd
|
||||
activates a product that has a random or unknown SKU ID. If you
|
||||
select -K1 or -K3, vlmcsd also checks the Application ID for
|
||||
correctness. If Microsoft introduces a new KMS ID for a new
|
||||
product, you cannot activate it if you used -K1 or -K3 until a
|
||||
The SKU ID is not checked. Like a genuine KMS server vlmcsd
|
||||
activates a product that has a random or unknown SKU ID. If you
|
||||
select -K1 or -K3, vlmcsd also checks the Application ID for
|
||||
correctness. If Microsoft introduces a new KMS ID for a new
|
||||
product, you cannot activate it if you used -K1 or -K3 until a
|
||||
new version of vlmcsd is available.
|
||||
|
||||
|
||||
-c0 and -c1
|
||||
-c1 causes vlmcsd to check if the client time differs no more
|
||||
-c1 causes vlmcsd to check if the client time differs no more
|
||||
than four hours from the system time. -c0 (the default) disables
|
||||
this check. -c1 is useful to prevent emulator detection. A
|
||||
client that tries to detect an emulator could simply send two
|
||||
subsequent request with two time stamps that differ more than
|
||||
this check. -c1 is useful to prevent emulator detection. A
|
||||
client that tries to detect an emulator could simply send two
|
||||
subsequent request with two time stamps that differ more than
|
||||
four hours from each other. If both requests succeed, the server
|
||||
is an emulator. If you specify -c1 on a system with no reliable
|
||||
time source, activations will fail. It is ok to set the correct
|
||||
is an emulator. If you specify -c1 on a system with no reliable
|
||||
time source, activations will fail. It is ok to set the correct
|
||||
system time after you started vlmcsd.
|
||||
|
||||
|
||||
-M0 and -M1
|
||||
Disables (-M0) or enables (-M1) maintaining a list of client
|
||||
machine IDs (CMIDs). The default is -M0. -M1 is useful to pre‐
|
||||
vent emulator detection. By maintaing a CMID list, vlmcsd
|
||||
Disables (-M0) or enables (-M1) maintaining a list of client
|
||||
machine IDs (CMIDs). The default is -M0. -M1 is useful to pre‐
|
||||
vent emulator detection. By maintaing a CMID list, vlmcsd
|
||||
reports current active clients exactly like a genuine KMS emula‐
|
||||
tor. This includes bug compatibility to the extent that you can
|
||||
permanently kill a genuine KMS emulator by sending an "over‐
|
||||
charge request" with a required client count of 376 or more and
|
||||
then request activation for 671 clients. vlmcsd can be reset
|
||||
from this condition by restarting it. If -M0 is used, vlmcsd
|
||||
tor. This includes bug compatibility to the extent that you can
|
||||
permanently kill a genuine KMS emulator by sending an "over‐
|
||||
charge request" with a required client count of 376 or more and
|
||||
then request activation for 671 clients. vlmcsd can be reset
|
||||
from this condition by restarting it. If -M0 is used, vlmcsd
|
||||
reports current active clients as good as possible. If no client
|
||||
sends an "overcharge request", it is not possible to detect vlm‐
|
||||
csd as an emulator with -M0. -M1 requires the allocation of a
|
||||
buffer that is about 50 kB in size. On hardware with few memory
|
||||
csd as an emulator with -M0. -M1 requires the allocation of a
|
||||
buffer that is about 50 kB in size. On hardware with few memory
|
||||
resources use it only if you really need it.
|
||||
|
||||
If you start vlmcsd from an internet superserver, -M1 cannot be
|
||||
used. Since vlmcsd exits after each activation, it cannot main‐
|
||||
If you start vlmcsd from an internet superserver, -M1 cannot be
|
||||
used. Since vlmcsd exits after each activation, it cannot main‐
|
||||
tain any state in memory.
|
||||
|
||||
|
||||
@ -474,82 +501,82 @@ OPTIONS
|
||||
These options are ignored if you do not also specify -M1. If you
|
||||
use -E0 (the default), vlmcsd starts up as a fully "charged" KMS
|
||||
server. Clients activate immediately. -E1 lets you start up vlm‐
|
||||
csd with an empty CMID list. Activation will start when the
|
||||
required minimum clients (25 for Windows Client OSses, 5 for
|
||||
Windows Server OSses and Office) have registered with the KMS
|
||||
server. As long as the minimum client count has not been
|
||||
csd with an empty CMID list. Activation will start when the
|
||||
required minimum clients (25 for Windows Client OSses, 5 for
|
||||
Windows Server OSses and Office) have registered with the KMS
|
||||
server. As long as the minimum client count has not been
|
||||
reached, clients end up in HRESULT 0xC004F038 "The count
|
||||
reported by your Key Management Service (KMS) is insufficient.
|
||||
Please contact your system administrator". You may use vlmcs(1)
|
||||
or another KMS client emulator to "charge" vlmcsd. -E1 does not
|
||||
improve emulator detection prevention. It's primary purpose is
|
||||
to help developers of KMS clients to test "charging" a KMS
|
||||
reported by your Key Management Service (KMS) is insufficient.
|
||||
Please contact your system administrator". You may use vlmcs(1)
|
||||
or another KMS client emulator to "charge" vlmcsd. -E1 does not
|
||||
improve emulator detection prevention. It's primary purpose is
|
||||
to help developers of KMS clients to test "charging" a KMS
|
||||
server.
|
||||
|
||||
|
||||
-R renewal-interval
|
||||
Instructs clients to renew activation every renewal-interval.
|
||||
Instructs clients to renew activation every renewal-interval.
|
||||
The renewal-interval is a number optionally immediately followed
|
||||
by a letter indicating the unit. Valid unit letters are s (sec‐
|
||||
by a letter indicating the unit. Valid unit letters are s (sec‐
|
||||
onds), m (minutes), h (hours), d (days) and w (weeks). If you do
|
||||
not specify a letter, minutes is assumed.
|
||||
|
||||
-R3d for instance instructs clients to renew activation every 3
|
||||
-R3d for instance instructs clients to renew activation every 3
|
||||
days. The default renewal-interval is 10080 (identical to 7d and
|
||||
1w).
|
||||
|
||||
Due to poor implementation of Microsofts KMS Client it cannot be
|
||||
guaranteed that activation is renewed on time as specfied by the
|
||||
-R option. Don't care about that. Renewal will happen well
|
||||
-R option. Don't care about that. Renewal will happen well
|
||||
before your activation expires (usually 180 days).
|
||||
|
||||
Even though you can specify seconds, the granularity of this
|
||||
option is 1 minute. Seconds are rounded down to the next multi‐
|
||||
Even though you can specify seconds, the granularity of this
|
||||
option is 1 minute. Seconds are rounded down to the next multi‐
|
||||
ple of 60.
|
||||
|
||||
|
||||
-A activation-interval
|
||||
Instructs clients to retry activation every activation-interval
|
||||
if it was unsuccessful, e.g. because it could not reach the
|
||||
server. The default is 120 (identical to 2h). activation-inter‐
|
||||
val follows the same syntax as renewal-interval in the -R
|
||||
Instructs clients to retry activation every activation-interval
|
||||
if it was unsuccessful, e.g. because it could not reach the
|
||||
server. The default is 120 (identical to 2h). activation-inter‐
|
||||
val follows the same syntax as renewal-interval in the -R
|
||||
option.
|
||||
|
||||
|
||||
-s Installs vlmcsd as a Windows service. This option only works
|
||||
with the native Windows version and Cygwin. Combine -s with
|
||||
other command line options. These will be in effect when you
|
||||
start the service. The service automatically starts when you
|
||||
reboot your machine. To start it manually, type "net start vlm‐
|
||||
-s Installs vlmcsd as a Windows service. This option only works
|
||||
with the native Windows version and Cygwin. Combine -s with
|
||||
other command line options. These will be in effect when you
|
||||
start the service. The service automatically starts when you
|
||||
reboot your machine. To start it manually, type "net start vlm‐
|
||||
csd".
|
||||
|
||||
If you use Cygwin, you must include your Cygwin system DLL
|
||||
directory (usually C:\Cygwin\bin or C:\Cygwin64\bin) into the
|
||||
If you use Cygwin, you must include your Cygwin system DLL
|
||||
directory (usually C:\Cygwin\bin or C:\Cygwin64\bin) into the
|
||||
PATH environment variable or the service will not start.
|
||||
|
||||
You can reinstall the service anytime using vlmcsd -s again,
|
||||
e.g. with a different command line. If the service is running,
|
||||
You can reinstall the service anytime using vlmcsd -s again,
|
||||
e.g. with a different command line. If the service is running,
|
||||
it will be restarted with the new command line.
|
||||
|
||||
When using -s the command line is checked for basic syntax
|
||||
When using -s the command line is checked for basic syntax
|
||||
errors only. For example "vlmcsd -s -L 1.2.3.4" reports no error
|
||||
but the service will not start if 1.2.3.4 is not an IP address
|
||||
but the service will not start if 1.2.3.4 is not an IP address
|
||||
on your system.
|
||||
|
||||
|
||||
-S Uninstalls the vlmcsd service. Works only with the native Win‐
|
||||
dows version and Cygwin. All other options will be ignored if
|
||||
-S Uninstalls the vlmcsd service. Works only with the native Win‐
|
||||
dows version and Cygwin. All other options will be ignored if
|
||||
you include -S in the command line.
|
||||
|
||||
|
||||
-U [domain\]username
|
||||
Can only be used together with -s. Starts the service as a dif‐
|
||||
ferent user than the local SYSTEM account. This is used to run
|
||||
the service under an account with low privileges. If you omit
|
||||
Can only be used together with -s. Starts the service as a dif‐
|
||||
ferent user than the local SYSTEM account. This is used to run
|
||||
the service under an account with low privileges. If you omit
|
||||
the domain, an account from the local computer will be used.
|
||||
|
||||
You may use "NT AUTHORITY\NetworkService". This is a pseudo user
|
||||
with low privileges. You may also use "NT AUTHORITY\LocalSer‐
|
||||
with low privileges. You may also use "NT AUTHORITY\LocalSer‐
|
||||
vice" which has more privileges but these are of no use for run‐
|
||||
ning vlmcsd.
|
||||
|
||||
@ -557,20 +584,20 @@ OPTIONS
|
||||
sion for your executable. "NT AUTHORITY\NetworkService" normally
|
||||
has no permission to run binaries from your home directory.
|
||||
|
||||
For your convenience you can use the special username "/l" as a
|
||||
For your convenience you can use the special username "/l" as a
|
||||
shortcut for "NT AUTHORITY\LocalService" and "/n" for "NT
|
||||
AUTHORITY\NetworkService". "vlmcsd -s -U /n" installs the ser‐
|
||||
AUTHORITY\NetworkService". "vlmcsd -s -U /n" installs the ser‐
|
||||
vice to run as "NT AUTHORITY\NetworkService".
|
||||
|
||||
|
||||
-W password
|
||||
Can only be used together with -s. Specifies a password for the
|
||||
corresponding username you use with -U. SYSTEM, "NT AUTHOR‐
|
||||
ITY\NetworkService", "NT AUTHORITY\LocalService" do not require
|
||||
Can only be used together with -s. Specifies a password for the
|
||||
corresponding username you use with -U. SYSTEM, "NT AUTHOR‐
|
||||
ITY\NetworkService", "NT AUTHORITY\LocalService" do not require
|
||||
a password.
|
||||
|
||||
If you specify a user with even lower privileges than "NT
|
||||
AUTHORITY\NetworkService", you must specify its password. You
|
||||
If you specify a user with even lower privileges than "NT
|
||||
AUTHORITY\NetworkService", you must specify its password. You
|
||||
also have to grant the "Log on as a service" right to that user.
|
||||
|
||||
|
||||
@ -579,53 +606,53 @@ SIGNALS
|
||||
|
||||
|
||||
SIGTERM, SIGINT
|
||||
These signals cause vlmcsd to exit gracefully. All global sema‐
|
||||
phores and shared memory pages will be released, the pid file
|
||||
will be unlinked (deleted) and a shutdown message will be
|
||||
These signals cause vlmcsd to exit gracefully. All global sema‐
|
||||
phores and shared memory pages will be released, the pid file
|
||||
will be unlinked (deleted) and a shutdown message will be
|
||||
logged.
|
||||
|
||||
|
||||
SIGHUP Causes vlmcsd to be restarted completely. This is useful if you
|
||||
started vlmcsd with an ini file. You can modify the ini file
|
||||
while vlmcsd is running and then sending SIGHUP, e.g. by typing
|
||||
"killall -SIGHUP vlmcsd" or "kill -SIGHUP `cat /var/run/vlm‐
|
||||
SIGHUP Causes vlmcsd to be restarted completely. This is useful if you
|
||||
started vlmcsd with an ini file. You can modify the ini file
|
||||
while vlmcsd is running and then sending SIGHUP, e.g. by typing
|
||||
"killall -SIGHUP vlmcsd" or "kill -SIGHUP `cat /var/run/vlm‐
|
||||
csd.pid`".
|
||||
|
||||
The SIGHUP handler has been implemented relatively simple. It is
|
||||
virtually the same as stopping vlmcsd and starting it again
|
||||
virtually the same as stopping vlmcsd and starting it again
|
||||
immediately with the following exceptions:
|
||||
|
||||
|
||||
— The new process does not get a new process id.
|
||||
|
||||
— If you used a pid file, it is not deleted and recreated
|
||||
— If you used a pid file, it is not deleted and recreated
|
||||
because the process id stays the same.
|
||||
|
||||
— If you used the 'user' and/or 'group' directive in an ini
|
||||
file these are ignored. This is because once you switched to
|
||||
— If you used the 'user' and/or 'group' directive in an ini
|
||||
file these are ignored. This is because once you switched to
|
||||
lower privileged users and groups, there is no way back. Any‐
|
||||
thing else would be a severe security flaw in the OS.
|
||||
|
||||
Signaling is not available in the native Windows version and in the
|
||||
Signaling is not available in the native Windows version and in the
|
||||
Cygwin version when it runs as Windows service.
|
||||
|
||||
|
||||
SUPPORTED OPERATING SYSTEMS
|
||||
vlmcsd compiles and runs on Linux, Windows (no Cygwin required but
|
||||
explicitly supported), Mac OS X, FreeBSD, NetBSD, OpenBSD, Dragonfly
|
||||
BSD, Minix, Solaris, OpenIndiana, Android and iOS. Other POSIX or
|
||||
unixoid OSses may work with unmodified sources or may require minor
|
||||
vlmcsd compiles and runs on Linux, Windows (no Cygwin required but
|
||||
explicitly supported), Mac OS X, FreeBSD, NetBSD, OpenBSD, Dragonfly
|
||||
BSD, Minix, Solaris, OpenIndiana, Android and iOS. Other POSIX or
|
||||
unixoid OSses may work with unmodified sources or may require minor
|
||||
porting efforts.
|
||||
|
||||
|
||||
SUPPORTED PRODUCTS
|
||||
vlmcsd can answer activation requests for the following products: Win‐
|
||||
vlmcsd can answer activation requests for the following products: Win‐
|
||||
dows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10 (up to 1607),
|
||||
Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Win‐
|
||||
dows Server 2012 R2, Windows Server 2016, Office 2010, Project 2010,
|
||||
Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Win‐
|
||||
dows Server 2012 R2, Windows Server 2016, Office 2010, Project 2010,
|
||||
Visio 2010, Office 2013, Project 2013, Visio 2013, Office 2016, Project
|
||||
2016, Visio 2016. Newer version may work as long as the KMS protocol
|
||||
does not change. A complete list of fully supported products can be
|
||||
2016, Visio 2016. Newer version may work as long as the KMS protocol
|
||||
does not change. A complete list of fully supported products can be
|
||||
obtained using the -x option of vlmcs(1).
|
||||
|
||||
Office, Project and Visio must be volume license versions.
|
||||
@ -637,24 +664,24 @@ FILES
|
||||
|
||||
EXAMPLES
|
||||
vlmcsd -De
|
||||
Starts vlmcsd in foreground. Useful if you use it for the first
|
||||
time and want to see what's happening when a client requests
|
||||
Starts vlmcsd in foreground. Useful if you use it for the first
|
||||
time and want to see what's happening when a client requests
|
||||
activation.
|
||||
|
||||
|
||||
vlmcsd -l /var/log/vlmcsd.log
|
||||
Starts vlmcsd as a daemon and logs everything to /var/log/vlm‐
|
||||
Starts vlmcsd as a daemon and logs everything to /var/log/vlm‐
|
||||
csd.log.
|
||||
|
||||
|
||||
vlmcsd -L 192.168.1.17
|
||||
Starts vlmcsd as a daemon and listens on IP address 192.168.1.17
|
||||
only. This is useful for routers that have a public and a pri‐
|
||||
only. This is useful for routers that have a public and a pri‐
|
||||
vate IP address to prevent your KMS server from becoming public.
|
||||
|
||||
|
||||
vlmcsd -s -U /n -l C:\logs\vlmcsd.log
|
||||
Installs vlmcsd as a Windows service with low privileges and
|
||||
Installs vlmcsd as a Windows service with low privileges and
|
||||
logs everything to C:\logs\vlmcsd.log when the service is
|
||||
started with "net start vlmcsd".
|
||||
|
||||
@ -663,11 +690,6 @@ BUGS
|
||||
An ePID specified in an ini file must not contain spaces.
|
||||
|
||||
|
||||
INTENTIONAL BUGS
|
||||
vlmcsd always reports enough active clients to satisfy the N count pol‐
|
||||
icy of the request.
|
||||
|
||||
|
||||
AUTHOR
|
||||
Written by crony12, Hotbird64 and vityan666. With contributions from
|
||||
DougQaid.
|
||||
@ -683,4 +705,4 @@ SEE ALSO
|
||||
|
||||
|
||||
|
||||
Hotbird64 October 2016 VLMCSD(8)
|
||||
Hotbird64 November 2016 VLMCSD(8)
|
||||
|
@ -1,5 +1,5 @@
|
||||
<!-- Creator : groff version 1.22.3 -->
|
||||
<!-- CreationDate: Fri Nov 4 17:18:01 2016 -->
|
||||
<!-- CreationDate: Mon Nov 28 01:28:23 2016 -->
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||
"http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
@ -30,7 +30,6 @@
|
||||
<a href="#FILES">FILES</a><br>
|
||||
<a href="#EXAMPLES">EXAMPLES</a><br>
|
||||
<a href="#BUGS">BUGS</a><br>
|
||||
<a href="#INTENTIONAL BUGS">INTENTIONAL BUGS</a><br>
|
||||
<a href="#AUTHOR">AUTHOR</a><br>
|
||||
<a href="#CREDITS">CREDITS</a><br>
|
||||
<a href="#SEE ALSO">SEE ALSO</a><br>
|
||||
@ -90,8 +89,27 @@ init system like <b>systemd</b>(8) or <b>launchd</b>(8)
|
||||
using socket based activation. If <b>vlmcsd</b> detects that
|
||||
<b>stdin</b>(3) is a socket, it assumes that there is
|
||||
already a connected client on stdin that wants to be
|
||||
activated. All options that control setting up listening
|
||||
sockets will be ignored when in inetd mode.</p>
|
||||
activated.</p>
|
||||
|
||||
<p style="margin-left:11%; margin-top: 1em">All options
|
||||
that control setting up listening sockets will be ignored
|
||||
when in inetd mode. The sockets will be set up by your
|
||||
internet superserver. You also cannot limit the number of
|
||||
simultanous clients (option <b>-m</b>). You need to
|
||||
configure the limit in your internet superserver.</p>
|
||||
|
||||
<p style="margin-left:11%; margin-top: 1em">The followong
|
||||
features that require that vlmcsd is permanently loaded will
|
||||
not work if started from an internet superserver:</p>
|
||||
|
||||
<p style="margin-left:22%; margin-top: 1em">You cannot
|
||||
maintain a client list (option <b>-M1</b>)</p>
|
||||
|
||||
<p style="margin-left:22%; margin-top: 1em">EPID
|
||||
Randomization Level 1 (option <b>-r1</b>) works like Level 2
|
||||
(<b>-r2</b>). You may want to use Level 0 (<b>-r0</b>) or
|
||||
custom EPIDs (options <b>-w</b>, <b>-0</b>, <b>-3</b> and
|
||||
<b>-6</b>) instead.</p>
|
||||
|
||||
<h2>OPTIONS
|
||||
<a name="OPTIONS"></a>
|
||||
@ -545,6 +563,20 @@ been compiled to use a default configuration file (often
|
||||
/etc/vlmcsd.ini), you may use <b>-i-</b> to ignore the
|
||||
default configuration file.</p>
|
||||
|
||||
<p style="margin-left:11%;"><b>-j</b> <i>filename</i></p>
|
||||
|
||||
<p style="margin-left:22%;">Use KMS data file
|
||||
<i>filename</i>. By default vlmcsd only contains the minimum
|
||||
product data that is required to perform all operations
|
||||
correctly. You may use a more complete KMS data file that
|
||||
contains all detailed product names. This is especially
|
||||
useful if you are logging KMS requests. If you don’t
|
||||
log, there is no need to load an external KMS data file.</p>
|
||||
|
||||
<p style="margin-left:22%; margin-top: 1em">If vlmcsd has
|
||||
been compiled to use a default KMS data file, you may use
|
||||
<b>-j-</b> to ignore the default configuration file.</p>
|
||||
|
||||
<p style="margin-left:11%;"><b>-r0</b>, <b>-r1</b>
|
||||
(default) and <b>-r2</b></p>
|
||||
|
||||
@ -1016,15 +1048,6 @@ C:\logs\vlmcsd.log when the service is started with
|
||||
<p style="margin-left:11%; margin-top: 1em">An ePID
|
||||
specified in an ini file must not contain spaces.</p>
|
||||
|
||||
<h2>INTENTIONAL BUGS
|
||||
<a name="INTENTIONAL BUGS"></a>
|
||||
</h2>
|
||||
|
||||
|
||||
<p style="margin-left:11%; margin-top: 1em">vlmcsd always
|
||||
reports enough active clients to satisfy the N count policy
|
||||
of the request.</p>
|
||||
|
||||
<h2>AUTHOR
|
||||
<a name="AUTHOR"></a>
|
||||
</h2>
|
||||
|
BIN
man/vlmcsd.8.pdf
BIN
man/vlmcsd.8.pdf
Binary file not shown.
@ -33,18 +33,33 @@ DESCRIPTION
|
||||
xinetd(8) as well as an advanced init system like systemd(8) or
|
||||
launchd(8) using socket based activation. If vlmcsd detects that
|
||||
stdin(3) is a socket, it assumes that there is already a connected
|
||||
client on stdin that wants to be activated. All options that control
|
||||
setting up listening sockets will be ignored when in inetd mode.
|
||||
client on stdin that wants to be activated.
|
||||
|
||||
All options that control setting up listening sockets will be ignored
|
||||
when in inetd mode. The sockets will be set up by your internet super‐
|
||||
server. You also cannot limit the number of simultanous clients (option
|
||||
-m). You need to configure the limit in your internet superserver.
|
||||
|
||||
The followong features that require that vlmcsd is permanently loaded
|
||||
will not work if started from an internet superserver:
|
||||
|
||||
|
||||
You cannot maintain a client list (option -M1)
|
||||
|
||||
|
||||
EPID Randomization Level 1 (option -r1) works like Level 2
|
||||
(-r2). You may want to use Level 0 (-r0) or custom EPIDs
|
||||
(options -w, -0, -3 and -6) instead.
|
||||
|
||||
|
||||
OPTIONS
|
||||
Since vlmcsd can be configured at compile time, some options may not be
|
||||
available on your system.
|
||||
|
||||
All options that do no require an argument may be combined with a sin‐
|
||||
All options that do no require an argument may be combined with a sin‐
|
||||
gle dash, for instance "vlmcsd -D -e" is identical to "vlmcsd -De". For
|
||||
all options that require an argument a space between the option and the
|
||||
option argument is optional. Thus "vlmcsd -r 2" and "vlmcsd -r2" are
|
||||
option argument is optional. Thus "vlmcsd -r 2" and "vlmcsd -r2" are
|
||||
identical too.
|
||||
|
||||
|
||||
@ -52,154 +67,154 @@ OPTIONS
|
||||
Displays help.
|
||||
|
||||
|
||||
-V Displays extended version information. This includes the com‐
|
||||
piler used to build vlmcsd, the intended platform and flags
|
||||
(compile time options) to build vlmcsd. If you have the source
|
||||
-V Displays extended version information. This includes the com‐
|
||||
piler used to build vlmcsd, the intended platform and flags
|
||||
(compile time options) to build vlmcsd. If you have the source
|
||||
code of vlmcsd, you can type make help (or gmake help on systems
|
||||
that do not use the GNU version of make(1) by default) to see
|
||||
that do not use the GNU version of make(1) by default) to see
|
||||
the meaning of those flags.
|
||||
|
||||
|
||||
-L ipaddress[:port]
|
||||
Instructs vlmcsd to listen on ipaddress with optional port
|
||||
(default 1688). You can use this option more than once. If you
|
||||
Instructs vlmcsd to listen on ipaddress with optional port
|
||||
(default 1688). You can use this option more than once. If you
|
||||
do not specify -L at least once, IP addresses 0.0.0.0 (IPv4) and
|
||||
:: (IPv6) are used. If the IP address contains colons (IPv6) you
|
||||
must enclose the IP address in brackets if you specify the
|
||||
must enclose the IP address in brackets if you specify the
|
||||
optional port, e.g. [2001:db8::dead:beef]:1688.
|
||||
|
||||
If no port is specified, vlmcsd uses the default port according
|
||||
to a preceding -P option. If you specify a port, it can be a
|
||||
number (1-65535) or a name (usually found in /etc/services if
|
||||
If no port is specified, vlmcsd uses the default port according
|
||||
to a preceding -P option. If you specify a port, it can be a
|
||||
number (1-65535) or a name (usually found in /etc/services if
|
||||
not provided via LDAP, NIS+ or another name service).
|
||||
|
||||
If you specify a link local IPv6 address (fe80::/10, usually
|
||||
If you specify a link local IPv6 address (fe80::/10, usually
|
||||
starting with fe80::), it must be followed by a percent sign (%)
|
||||
and a scope id (=network interface name or number) on most
|
||||
unixoid OSses including Linux, Android, MacOS X and iOS, e.g.
|
||||
and a scope id (=network interface name or number) on most
|
||||
unixoid OSses including Linux, Android, MacOS X and iOS, e.g.
|
||||
fe80::1234:56ff:fe78:9abc%eth0 or
|
||||
[fe80::1234:56ff:fe78:9abc%2]:1688. Windows (including cygwin)
|
||||
does not require a scope id unless the same link local address
|
||||
is used on more than one network interface. Windows does not
|
||||
[fe80::1234:56ff:fe78:9abc%2]:1688. Windows (including cygwin)
|
||||
does not require a scope id unless the same link local address
|
||||
is used on more than one network interface. Windows does not
|
||||
accept a name and the scope id must be a number.
|
||||
|
||||
|
||||
-o level
|
||||
Sets the level of protection against activations from public IP
|
||||
Sets the level of protection against activations from public IP
|
||||
addresses. The default is -o0 for no protection.
|
||||
|
||||
-o1 causes vlmcsd not to listen on all IP addresses but on pri‐
|
||||
vate IP addresses only. IPv4 addresses in the 100.64.0.0/10
|
||||
-o1 causes vlmcsd not to listen on all IP addresses but on pri‐
|
||||
vate IP addresses only. IPv4 addresses in the 100.64.0.0/10
|
||||
range (see RFC6598) are not treated as private since they can be
|
||||
reached from other users of your ISP. Private IPv4 addresses are
|
||||
10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 and
|
||||
127.0.0.0/8. vlmcsd treats all IPv6 addresses not within
|
||||
10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 and
|
||||
127.0.0.0/8. vlmcsd treats all IPv6 addresses not within
|
||||
2000::/3 as private addresses.
|
||||
|
||||
If -o1 is combined with -L, it will listen on all private IP
|
||||
addresses plus the ones specified by one or more -L statements.
|
||||
If -o1 is combined with -P, only the last -P statement will be
|
||||
If -o1 is combined with -L, it will listen on all private IP
|
||||
addresses plus the ones specified by one or more -L statements.
|
||||
If -o1 is combined with -P, only the last -P statement will be
|
||||
used.
|
||||
|
||||
Using -o1 does not protect you if you enable NAT port forwarding
|
||||
on your router to your vlmcsd machine. It is identical to using
|
||||
multiple -L statements with all of your private IP addresses.
|
||||
on your router to your vlmcsd machine. It is identical to using
|
||||
multiple -L statements with all of your private IP addresses.
|
||||
What -o1 does for you, is automatically enumerating your private
|
||||
IP addresses.
|
||||
|
||||
-o2 does not affect the interfaces, vlmcsd is listening on. When
|
||||
a clients connects, vlmcsd immediately drops the connection if
|
||||
the client has a public IP address. Unlike -o1 clients will be
|
||||
a clients connects, vlmcsd immediately drops the connection if
|
||||
the client has a public IP address. Unlike -o1 clients will be
|
||||
able to establish a TCP connection but it will be closed without
|
||||
a single byte sent over the connection. This protects against
|
||||
clients with public IP addresses even if NAT port forwarding is
|
||||
used. While -o2 offers a higher level of protection than -o1,
|
||||
a single byte sent over the connection. This protects against
|
||||
clients with public IP addresses even if NAT port forwarding is
|
||||
used. While -o2 offers a higher level of protection than -o1,
|
||||
the client sees that the KMS TCP port (1688 by default) is actu‐
|
||||
ally accepting connections.
|
||||
|
||||
If vlmcsd is compiled to use MS RPC, -o2 can only offer very
|
||||
poor protection. Control is passed from MS RPC to vlmcsd after
|
||||
the KMS protocol has already been negotiated. Thus a client can
|
||||
always verify that the KMS protocol is available even though it
|
||||
If vlmcsd is compiled to use MS RPC, -o2 can only offer very
|
||||
poor protection. Control is passed from MS RPC to vlmcsd after
|
||||
the KMS protocol has already been negotiated. Thus a client can
|
||||
always verify that the KMS protocol is available even though it
|
||||
receives an RPC_S_ACCESS_DENIED error message. vlmcsd will issue
|
||||
a warning if -o2 is used with MS RPC. For adaequate protection
|
||||
a warning if -o2 is used with MS RPC. For adaequate protection
|
||||
do not use a MS RPC build of vlmcsd with -o2.
|
||||
|
||||
-o3 combines -o1 and -o2. vlmcsd listens on private interfaces
|
||||
-o3 combines -o1 and -o2. vlmcsd listens on private interfaces
|
||||
only and if a public client manages to connect anyway due to NAT
|
||||
port forwarding, it will be immediately dropped.
|
||||
|
||||
If you use any form of TCP level port forwarding (e.g. nc(1),
|
||||
netcat(1), ssh(1) port forwarding or similar) to redirect KMS
|
||||
requests to vlmcsd, there will be no protection even if you use
|
||||
-o2 or -o3. This is due to the simple fact that vlmcsd sees the
|
||||
IP address of the redirector and not the IP address of the
|
||||
If you use any form of TCP level port forwarding (e.g. nc(1),
|
||||
netcat(1), ssh(1) port forwarding or similar) to redirect KMS
|
||||
requests to vlmcsd, there will be no protection even if you use
|
||||
-o2 or -o3. This is due to the simple fact that vlmcsd sees the
|
||||
IP address of the redirector and not the IP address of the
|
||||
client.
|
||||
|
||||
-o1 (and thus -o3) is not (yet) available in some scenarios:
|
||||
|
||||
FreeBSD: There is a longtime unfixed bug ⟨https://
|
||||
bugs.freebsd.org/bugzilla/show_bug.cgi?id=178881⟩ in the
|
||||
bugs.freebsd.org/bugzilla/show_bug.cgi?id=178881⟩ in the
|
||||
32-bit ABI of the 64-bit kernel. If you have a 64-bit Free‐
|
||||
BSD kernel, you must run the 64-bit version of vlmcsd if
|
||||
you use -o1 or -o3. The 32-bit version causes undefined
|
||||
behavior up to crashing vlmcsd. Other BSDs (NetBSD, Open‐
|
||||
BSD kernel, you must run the 64-bit version of vlmcsd if
|
||||
you use -o1 or -o3. The 32-bit version causes undefined
|
||||
behavior up to crashing vlmcsd. Other BSDs (NetBSD, Open‐
|
||||
BSD, Dragonfly and Mac OS X) work correctly.
|
||||
|
||||
If vlmcsd was started by an internet superserver or was
|
||||
compiled to use Microsoft RPC (Windows only) or simple
|
||||
If vlmcsd was started by an internet superserver or was
|
||||
compiled to use Microsoft RPC (Windows only) or simple
|
||||
sockets, -o1 and -o3 are not available by design.
|
||||
|
||||
|
||||
-P port
|
||||
Use TCP port for all subsequent -L statements that do not
|
||||
Use TCP port for all subsequent -L statements that do not
|
||||
include an optional port. If you use -P and -L, -P must be spec‐
|
||||
ified before -L.
|
||||
|
||||
|
||||
-F0 and -F1
|
||||
Allow (-F1) or disallow (-F0) binding to IP addresses that are
|
||||
Allow (-F1) or disallow (-F0) binding to IP addresses that are
|
||||
currently not configured on your system. The default is -F0. -F1
|
||||
allows you to bind to an IP address that may be configured after
|
||||
you started vlmcsd. vlmcsd will listen on that address as soon
|
||||
as it becomes available. This feature is only available under
|
||||
Linux (IPv4 and IPv6) and FreeBSD (IPv4 only). FreeBSD allows
|
||||
this feature only for the root user (more correctly: processes
|
||||
that have the PRIV_NETINET_BINDANY privilege). Linux does not
|
||||
you started vlmcsd. vlmcsd will listen on that address as soon
|
||||
as it becomes available. This feature is only available under
|
||||
Linux (IPv4 and IPv6) and FreeBSD (IPv4 only). FreeBSD allows
|
||||
this feature only for the root user (more correctly: processes
|
||||
that have the PRIV_NETINET_BINDANY privilege). Linux does not
|
||||
require a capability for this.
|
||||
|
||||
|
||||
-t seconds
|
||||
Timeout the TCP connection with the client after seconds sec‐
|
||||
onds. After sending an activation request. RPC keeps the TCP
|
||||
Timeout the TCP connection with the client after seconds sec‐
|
||||
onds. After sending an activation request. RPC keeps the TCP
|
||||
connection for a while. The default is 30 seconds. You may spec‐
|
||||
ify a shorter period to free ressources on your device faster.
|
||||
This is useful for devices with limited main memory or if you
|
||||
ify a shorter period to free ressources on your device faster.
|
||||
This is useful for devices with limited main memory or if you
|
||||
used -m to limit the concurrent clients that may request activa‐
|
||||
tion. Microsoft RPC clients disconnect after 30 seconds by
|
||||
default. Setting seconds to a greater value does not make much
|
||||
tion. Microsoft RPC clients disconnect after 30 seconds by
|
||||
default. Setting seconds to a greater value does not make much
|
||||
sense.
|
||||
|
||||
|
||||
-m concurrent-clients
|
||||
Limit the number of clients that will be handled concurrently.
|
||||
Limit the number of clients that will be handled concurrently.
|
||||
This is useful for devices with limited ressources or if you are
|
||||
experiencing DoS attacks that spawn thousands of threads or
|
||||
forked processes. If additional clients connect to vlmcsd, they
|
||||
need to wait until another client disconnects. If you set con‐
|
||||
experiencing DoS attacks that spawn thousands of threads or
|
||||
forked processes. If additional clients connect to vlmcsd, they
|
||||
need to wait until another client disconnects. If you set con‐
|
||||
current-clients to a small value ( <10 ), you should also select
|
||||
a reasonable timeout of 2 or 3 seconds with -t. The default is
|
||||
a reasonable timeout of 2 or 3 seconds with -t. The default is
|
||||
no limit.
|
||||
|
||||
|
||||
-d Disconnect each client after processing one activation request.
|
||||
This is a direct violation of DCE RPC but may help if you
|
||||
receive malicous fake RPC requests that block your threads or
|
||||
forked processes. Some other KMS emulators (e.g. py-kms) behave
|
||||
-d Disconnect each client after processing one activation request.
|
||||
This is a direct violation of DCE RPC but may help if you
|
||||
receive malicous fake RPC requests that block your threads or
|
||||
forked processes. Some other KMS emulators (e.g. py-kms) behave
|
||||
this way.
|
||||
|
||||
|
||||
-k Do not disconnect clients after processing an activation
|
||||
-k Do not disconnect clients after processing an activation
|
||||
request. This selects the default behavior. -k is useful only if
|
||||
you used an ini file (see vlmcsd.ini(5) and -i). If the ini file
|
||||
contains the line "DisconnectClientsImmediately = true", you can
|
||||
@ -207,135 +222,135 @@ OPTIONS
|
||||
|
||||
|
||||
-N0 and -N1
|
||||
Disables (-N0) or enables (-N1) the use of the NDR64 transfer
|
||||
syntax in the RPC protocol. Unlike Microsoft vlmcsd supports
|
||||
Disables (-N0) or enables (-N1) the use of the NDR64 transfer
|
||||
syntax in the RPC protocol. Unlike Microsoft vlmcsd supports
|
||||
NDR64 on 32-bit operating systems. Microsoft introduced NDR64 in
|
||||
Windows Vista but their KMS servers started using it with Win‐
|
||||
dows 8. Thus if you choose random ePIDs, vlmcsd will select
|
||||
ePIDs with build numbers 9200 and 9600 if you enable NDR64 and
|
||||
Windows Vista but their KMS servers started using it with Win‐
|
||||
dows 8. Thus if you choose random ePIDs, vlmcsd will select
|
||||
ePIDs with build numbers 9200 and 9600 if you enable NDR64 and
|
||||
build numbers 6002 and 7601 if you disable NDR64. The default is
|
||||
to enable NDR64.
|
||||
|
||||
|
||||
-B0 and -B1
|
||||
Disables (-B0) or enables (-B1) bind time feature negotiation
|
||||
Disables (-B0) or enables (-B1) bind time feature negotiation
|
||||
(BTFN) in the RPC protocol. All Windows operating systems start‐
|
||||
ing with Vista support BTFN and try to negotiate it when initi‐
|
||||
ing with Vista support BTFN and try to negotiate it when initi‐
|
||||
ating an RPC connection. Thus consider turning it off as a debug
|
||||
/ troubleshooting feature only. Some older firewalls that selec‐
|
||||
tively block or redirect RPC traffic may get confused when they
|
||||
tively block or redirect RPC traffic may get confused when they
|
||||
detect NDR64 or BTFN.
|
||||
|
||||
|
||||
-l filename
|
||||
Use filename as a log file. The log file records all activations
|
||||
with IP address, Windows workstation name (no reverse DNS
|
||||
lookup), activated product, KMS protocol, time and date. If you
|
||||
with IP address, Windows workstation name (no reverse DNS
|
||||
lookup), activated product, KMS protocol, time and date. If you
|
||||
do not specify a log file, no log is created. For a live view of
|
||||
the log file type tail -f file.
|
||||
|
||||
If you use the special filename "syslog", vlmcsd uses syslog(3)
|
||||
for logging. If your system has no syslog service (/dev/log)
|
||||
installed, logging output will go to /dev/console. Syslog log‐
|
||||
ging is not available in the native Windows version. The Cygwin
|
||||
If you use the special filename "syslog", vlmcsd uses syslog(3)
|
||||
for logging. If your system has no syslog service (/dev/log)
|
||||
installed, logging output will go to /dev/console. Syslog log‐
|
||||
ging is not available in the native Windows version. The Cygwin
|
||||
version does support syslog logging.
|
||||
|
||||
|
||||
-T0 and -T1
|
||||
Disable (-T0) or enable (-T1) the inclusion of date and time in
|
||||
each line of the log. The default is -T1. -T0 is useful if you
|
||||
log to stdout(3) which is redirected to another logging mecha‐
|
||||
nism that already includes date and time in its output, for
|
||||
instance systemd-journald(8). If you log to syslog(3), -T1 is
|
||||
ignored and date and time will never be included in the output
|
||||
Disable (-T0) or enable (-T1) the inclusion of date and time in
|
||||
each line of the log. The default is -T1. -T0 is useful if you
|
||||
log to stdout(3) which is redirected to another logging mecha‐
|
||||
nism that already includes date and time in its output, for
|
||||
instance systemd-journald(8). If you log to syslog(3), -T1 is
|
||||
ignored and date and time will never be included in the output
|
||||
sent to syslog(3).
|
||||
|
||||
|
||||
-D Normally vlmcsd daemonizes and runs in background (except the
|
||||
native Windows version). If -D is specified, vlmcsd does not
|
||||
-D Normally vlmcsd daemonizes and runs in background (except the
|
||||
native Windows version). If -D is specified, vlmcsd does not
|
||||
daemonize and runs in foreground. This is useful for testing and
|
||||
allows you to simply press <Ctrl-C> to exit vlmcsd.
|
||||
|
||||
The native Windows version never daemonizes and always behaves
|
||||
The native Windows version never daemonizes and always behaves
|
||||
as if -D had been specified. You may want to install vlmcsd as a
|
||||
service instead. See -s.
|
||||
|
||||
|
||||
-e If specified, vlmcsd ignores -l and writes all logging output to
|
||||
stdout(3). This is mainly useful for testing and debugging and
|
||||
stdout(3). This is mainly useful for testing and debugging and
|
||||
often combined with -D.
|
||||
|
||||
|
||||
-v Use verbose logging. Logs every parameter of the base request
|
||||
and the base response. It also logs the HWID of the KMS server
|
||||
if KMS protocol version 6 is used. This option is mainly for
|
||||
debugging purposes. It only has an effect if some form of log‐
|
||||
ging is used. Thus -v does not make sense if not used with -l,
|
||||
-v Use verbose logging. Logs every parameter of the base request
|
||||
and the base response. It also logs the HWID of the KMS server
|
||||
if KMS protocol version 6 is used. This option is mainly for
|
||||
debugging purposes. It only has an effect if some form of log‐
|
||||
ging is used. Thus -v does not make sense if not used with -l,
|
||||
-e or -f.
|
||||
|
||||
|
||||
-q Do not use verbose logging. This is actually the default behav‐
|
||||
-q Do not use verbose logging. This is actually the default behav‐
|
||||
ior. It only makes sense if you use vlmcsd with an ini file (see
|
||||
-i and vlmcsd.ini(5)). If the ini file contains the line
|
||||
-i and vlmcsd.ini(5)). If the ini file contains the line
|
||||
"LogVerbose = true" you can use -q to restore the default behav‐
|
||||
ior.
|
||||
|
||||
|
||||
-p filename
|
||||
Create pid file filename. This has nothing to do with KMS ePIDs.
|
||||
A pid file is a file where vlmcsd writes its own process id.
|
||||
This is used by standard init scripts (typically found in
|
||||
A pid file is a file where vlmcsd writes its own process id.
|
||||
This is used by standard init scripts (typically found in
|
||||
/etc/init.d). The default is not to write a pid file.
|
||||
|
||||
|
||||
-u user and -g group
|
||||
Causes vlmcsd to run in the specified user and group security
|
||||
context. The main purpose for this is to drop root privileges
|
||||
after it has been started from the root account. To use this
|
||||
feature from cygwin you must run cyglsa-config and the account
|
||||
from which vlmcsd is started must have the rights "Act as part
|
||||
of the operating system" and "Replace a process level token".
|
||||
Causes vlmcsd to run in the specified user and group security
|
||||
context. The main purpose for this is to drop root privileges
|
||||
after it has been started from the root account. To use this
|
||||
feature from cygwin you must run cyglsa-config and the account
|
||||
from which vlmcsd is started must have the rights "Act as part
|
||||
of the operating system" and "Replace a process level token".
|
||||
The native Windows version does not support these options.
|
||||
|
||||
The actual security context switch is performed after the TCP
|
||||
sockets have been created. This allows you to use privileged
|
||||
The actual security context switch is performed after the TCP
|
||||
sockets have been created. This allows you to use privileged
|
||||
ports (< 1024) when you start vlmcsd from the root account.
|
||||
|
||||
However if you use an ini, pid or log file, you must ensure that
|
||||
the unprivileged user has access to these files. You can always
|
||||
log to syslog(3) from an unprivileged account on most platforms
|
||||
the unprivileged user has access to these files. You can always
|
||||
log to syslog(3) from an unprivileged account on most platforms
|
||||
(see -l).
|
||||
|
||||
|
||||
-w ePID
|
||||
Use ePID as Windows ePID. If specified, -r is disregarded for
|
||||
Use ePID as Windows ePID. If specified, -r is disregarded for
|
||||
Windows.
|
||||
|
||||
|
||||
-0 ePID
|
||||
Use ePID as Office 2010 ePID (including Project and Visio). If
|
||||
Use ePID as Office 2010 ePID (including Project and Visio). If
|
||||
specified, -r is disregarded for Office 2010.
|
||||
|
||||
|
||||
-3 ePID
|
||||
Use ePID as Office 2013 ePID (including Project and Visio). If
|
||||
Use ePID as Office 2013 ePID (including Project and Visio). If
|
||||
specified, -r is disregarded for Office 2013.
|
||||
|
||||
|
||||
-6 ePID
|
||||
Use ePID as Office 2016 ePID (including Project and Visio). If
|
||||
Use ePID as Office 2016 ePID (including Project and Visio). If
|
||||
specified, -r is disregarded for Office 2016.
|
||||
|
||||
|
||||
-H HwId
|
||||
Use HwId for all products. All HWIDs in the ini file (see -i)
|
||||
Use HwId for all products. All HWIDs in the ini file (see -i)
|
||||
will not be used. In an ini file you can specify a seperate HWID
|
||||
for each application-guid. This is not possible when entering a
|
||||
for each application-guid. This is not possible when entering a
|
||||
HWID from the command line.
|
||||
|
||||
HwId must be specified as 16 hex digits that are interpreted as
|
||||
a series of 8 bytes (big endian). Any character that is not a
|
||||
hex digit will be ignored. This is for better readability. The
|
||||
HwId must be specified as 16 hex digits that are interpreted as
|
||||
a series of 8 bytes (big endian). Any character that is not a
|
||||
hex digit will be ignored. This is for better readability. The
|
||||
following commands are identical:
|
||||
|
||||
vlmcsd -H 0123456789ABCDEF
|
||||
@ -344,129 +359,141 @@ OPTIONS
|
||||
|
||||
|
||||
-i filename
|
||||
Use configuration file (aka ini file) filename. Most configura‐
|
||||
Use configuration file (aka ini file) filename. Most configura‐
|
||||
tion parameters can be set either via the command line or an ini
|
||||
file. The command line always has precedence over configuration
|
||||
items in the ini file. See vlmcsd.ini(5) for the format of the
|
||||
file. The command line always has precedence over configuration
|
||||
items in the ini file. See vlmcsd.ini(5) for the format of the
|
||||
configuration file.
|
||||
|
||||
If vlmcsd has been compiled to use a default configuration file
|
||||
(often /etc/vlmcsd.ini), you may use -i- to ignore the default
|
||||
If vlmcsd has been compiled to use a default configuration file
|
||||
(often /etc/vlmcsd.ini), you may use -i- to ignore the default
|
||||
configuration file.
|
||||
|
||||
|
||||
-j filename
|
||||
Use KMS data file filename. By default vlmcsd only contains the
|
||||
minimum product data that is required to perform all operations
|
||||
correctly. You may use a more complete KMS data file that con‐
|
||||
tains all detailed product names. This is especially useful if
|
||||
you are logging KMS requests. If you don't log, there is no need
|
||||
to load an external KMS data file.
|
||||
|
||||
If vlmcsd has been compiled to use a default KMS data file, you
|
||||
may use -j- to ignore the default configuration file.
|
||||
|
||||
|
||||
-r0, -r1 (default) and -r2
|
||||
These options determine how ePIDs are generated if
|
||||
|
||||
- you did not sprecify an ePID in the command line and
|
||||
- you haven't used -i or
|
||||
- the file specified by -i cannot be opened or
|
||||
- the file specified by -i does not contain an ePID for the KMS
|
||||
- the file specified by -i does not contain an ePID for the KMS
|
||||
request
|
||||
|
||||
-r0 means there are no random ePIDs. vlmcsd simply issues
|
||||
default ePIDs that are built into the binary at compile time.
|
||||
Pro: behaves like real KMS server that also always issues the
|
||||
same ePID. Con: Microsoft may start blacklisting again and the
|
||||
-r0 means there are no random ePIDs. vlmcsd simply issues
|
||||
default ePIDs that are built into the binary at compile time.
|
||||
Pro: behaves like real KMS server that also always issues the
|
||||
same ePID. Con: Microsoft may start blacklisting again and the
|
||||
default ePID may not work any longer.
|
||||
|
||||
-r1 instructs vlmcsd to generate random ePIDs when the program
|
||||
-r1 instructs vlmcsd to generate random ePIDs when the program
|
||||
starts or receives a SIGHUP signal and uses these ePIDs until it
|
||||
is stopped or receives another SIGHUP. Most other KMS emulators
|
||||
generate a new ePID on every KMS request. This is easily
|
||||
is stopped or receives another SIGHUP. Most other KMS emulators
|
||||
generate a new ePID on every KMS request. This is easily
|
||||
detectable. Microsoft could just modify sppsvc.exe in a way that
|
||||
it always sends two identical KMS requests in two RPC requests
|
||||
but over the same TCP connection. If both KMS responses contain
|
||||
the different ePIDs, the KMS server is not genuine. -r1 is the
|
||||
default mode. -r1 also ensures that all three ePIDs (Windows,
|
||||
Office 2010 and Office 2013) use the same OS build number and
|
||||
it always sends two identical KMS requests in two RPC requests
|
||||
but over the same TCP connection. If both KMS responses contain
|
||||
the different ePIDs, the KMS server is not genuine. -r1 is the
|
||||
default mode. -r1 also ensures that all three ePIDs (Windows,
|
||||
Office 2010 and Office 2013) use the same OS build number and
|
||||
LCID (language id).
|
||||
|
||||
If vlmcsd has been started by an internet superserver, -r1 works
|
||||
almost identically to -r2. The only exception occurs if you send
|
||||
more than one activation request over the same TCP connection.
|
||||
This is simply due to the fact that vlmcsd is started upon a
|
||||
more than one activation request over the same TCP connection.
|
||||
This is simply due to the fact that vlmcsd is started upon a
|
||||
connection request and does not stay in memory after servicing a
|
||||
KMS request. Consider using -r0 or -w, -0, -3 and -6 when start‐
|
||||
ing vlmcsd by an internet superserver.
|
||||
|
||||
-r2 behaves like most other KMS server emulators with random
|
||||
support and generates a new random ePID on every request. -r2
|
||||
should be treated as debugging option only because it allows
|
||||
-r2 behaves like most other KMS server emulators with random
|
||||
support and generates a new random ePID on every request. -r2
|
||||
should be treated as debugging option only because it allows
|
||||
very easy emulator detection.
|
||||
|
||||
|
||||
-C LCID
|
||||
Do not randomize the locale id part of the ePID and use LCID
|
||||
instead. The LCID must be specified as a decimal number, e.g.
|
||||
1049 for "Russian - Russia". This option has no effect if the
|
||||
ePID is not randomized at all, e.g. if it is selected from the
|
||||
Do not randomize the locale id part of the ePID and use LCID
|
||||
instead. The LCID must be specified as a decimal number, e.g.
|
||||
1049 for "Russian - Russia". This option has no effect if the
|
||||
ePID is not randomized at all, e.g. if it is selected from the
|
||||
command line or an ini file.
|
||||
|
||||
By default vlmcsd generates a valid locale id that is recognized
|
||||
by .NET Framework 4.0. This may lead to a locale id which is
|
||||
by .NET Framework 4.0. This may lead to a locale id which is
|
||||
unlikely to occur in your country, for instance 2155 for "Quecha
|
||||
- Ecuador". You may want to select the locale id of your country
|
||||
instead. See MSDN ⟨http://msdn.microsoft.com/en-us/goglobal/
|
||||
bb964664.aspx⟩ for a list of valid LCIDs. Please note that some
|
||||
bb964664.aspx⟩ for a list of valid LCIDs. Please note that some
|
||||
of them are not recognized by .NET Framework 4.0.
|
||||
|
||||
Most other KMS emulators use a fixed LCID of 1033 (English -
|
||||
Most other KMS emulators use a fixed LCID of 1033 (English -
|
||||
US). To achive the same behavior in vlmcsd use -C 1033.
|
||||
|
||||
|
||||
-K0, -K1, -K2 and -K3
|
||||
Sets the whitelisting level to determine which products vlmcsd
|
||||
Sets the whitelisting level to determine which products vlmcsd
|
||||
activates or refuses. The default is -K0.
|
||||
|
||||
-K0: activate all products with an unknown, retail or
|
||||
-K0: activate all products with an unknown, retail or
|
||||
beta/preview KMS ID.
|
||||
-K1: activate products with a retail or beta/preview KMS ID
|
||||
but refuse to activate products with an unknown KMS ID.
|
||||
-K2: activate products with an unknown KMS ID but refuse
|
||||
-K2: activate products with an unknown KMS ID but refuse
|
||||
products with a retail or beta/preview KMS ID.
|
||||
-K3: activate only products with a known volume license RTM
|
||||
KMS ID and refuse all others.
|
||||
|
||||
|
||||
The SKU ID is not checked. Like a genuine KMS server vlmcsd
|
||||
activates a product that has a random or unknown SKU ID. If you
|
||||
select -K1 or -K3, vlmcsd also checks the Application ID for
|
||||
correctness. If Microsoft introduces a new KMS ID for a new
|
||||
product, you cannot activate it if you used -K1 or -K3 until a
|
||||
The SKU ID is not checked. Like a genuine KMS server vlmcsd
|
||||
activates a product that has a random or unknown SKU ID. If you
|
||||
select -K1 or -K3, vlmcsd also checks the Application ID for
|
||||
correctness. If Microsoft introduces a new KMS ID for a new
|
||||
product, you cannot activate it if you used -K1 or -K3 until a
|
||||
new version of vlmcsd is available.
|
||||
|
||||
|
||||
-c0 and -c1
|
||||
-c1 causes vlmcsd to check if the client time differs no more
|
||||
-c1 causes vlmcsd to check if the client time differs no more
|
||||
than four hours from the system time. -c0 (the default) disables
|
||||
this check. -c1 is useful to prevent emulator detection. A
|
||||
client that tries to detect an emulator could simply send two
|
||||
subsequent request with two time stamps that differ more than
|
||||
this check. -c1 is useful to prevent emulator detection. A
|
||||
client that tries to detect an emulator could simply send two
|
||||
subsequent request with two time stamps that differ more than
|
||||
four hours from each other. If both requests succeed, the server
|
||||
is an emulator. If you specify -c1 on a system with no reliable
|
||||
time source, activations will fail. It is ok to set the correct
|
||||
is an emulator. If you specify -c1 on a system with no reliable
|
||||
time source, activations will fail. It is ok to set the correct
|
||||
system time after you started vlmcsd.
|
||||
|
||||
|
||||
-M0 and -M1
|
||||
Disables (-M0) or enables (-M1) maintaining a list of client
|
||||
machine IDs (CMIDs). The default is -M0. -M1 is useful to pre‐
|
||||
vent emulator detection. By maintaing a CMID list, vlmcsd
|
||||
Disables (-M0) or enables (-M1) maintaining a list of client
|
||||
machine IDs (CMIDs). The default is -M0. -M1 is useful to pre‐
|
||||
vent emulator detection. By maintaing a CMID list, vlmcsd
|
||||
reports current active clients exactly like a genuine KMS emula‐
|
||||
tor. This includes bug compatibility to the extent that you can
|
||||
permanently kill a genuine KMS emulator by sending an "over‐
|
||||
charge request" with a required client count of 376 or more and
|
||||
then request activation for 671 clients. vlmcsd can be reset
|
||||
from this condition by restarting it. If -M0 is used, vlmcsd
|
||||
tor. This includes bug compatibility to the extent that you can
|
||||
permanently kill a genuine KMS emulator by sending an "over‐
|
||||
charge request" with a required client count of 376 or more and
|
||||
then request activation for 671 clients. vlmcsd can be reset
|
||||
from this condition by restarting it. If -M0 is used, vlmcsd
|
||||
reports current active clients as good as possible. If no client
|
||||
sends an "overcharge request", it is not possible to detect vlm‐
|
||||
csd as an emulator with -M0. -M1 requires the allocation of a
|
||||
buffer that is about 50 kB in size. On hardware with few memory
|
||||
csd as an emulator with -M0. -M1 requires the allocation of a
|
||||
buffer that is about 50 kB in size. On hardware with few memory
|
||||
resources use it only if you really need it.
|
||||
|
||||
If you start vlmcsd from an internet superserver, -M1 cannot be
|
||||
used. Since vlmcsd exits after each activation, it cannot main‐
|
||||
If you start vlmcsd from an internet superserver, -M1 cannot be
|
||||
used. Since vlmcsd exits after each activation, it cannot main‐
|
||||
tain any state in memory.
|
||||
|
||||
|
||||
@ -474,82 +501,82 @@ OPTIONS
|
||||
These options are ignored if you do not also specify -M1. If you
|
||||
use -E0 (the default), vlmcsd starts up as a fully "charged" KMS
|
||||
server. Clients activate immediately. -E1 lets you start up vlm‐
|
||||
csd with an empty CMID list. Activation will start when the
|
||||
required minimum clients (25 for Windows Client OSses, 5 for
|
||||
Windows Server OSses and Office) have registered with the KMS
|
||||
server. As long as the minimum client count has not been
|
||||
csd with an empty CMID list. Activation will start when the
|
||||
required minimum clients (25 for Windows Client OSses, 5 for
|
||||
Windows Server OSses and Office) have registered with the KMS
|
||||
server. As long as the minimum client count has not been
|
||||
reached, clients end up in HRESULT 0xC004F038 "The count
|
||||
reported by your Key Management Service (KMS) is insufficient.
|
||||
Please contact your system administrator". You may use vlmcs(1)
|
||||
or another KMS client emulator to "charge" vlmcsd. -E1 does not
|
||||
improve emulator detection prevention. It's primary purpose is
|
||||
to help developers of KMS clients to test "charging" a KMS
|
||||
reported by your Key Management Service (KMS) is insufficient.
|
||||
Please contact your system administrator". You may use vlmcs(1)
|
||||
or another KMS client emulator to "charge" vlmcsd. -E1 does not
|
||||
improve emulator detection prevention. It's primary purpose is
|
||||
to help developers of KMS clients to test "charging" a KMS
|
||||
server.
|
||||
|
||||
|
||||
-R renewal-interval
|
||||
Instructs clients to renew activation every renewal-interval.
|
||||
Instructs clients to renew activation every renewal-interval.
|
||||
The renewal-interval is a number optionally immediately followed
|
||||
by a letter indicating the unit. Valid unit letters are s (sec‐
|
||||
by a letter indicating the unit. Valid unit letters are s (sec‐
|
||||
onds), m (minutes), h (hours), d (days) and w (weeks). If you do
|
||||
not specify a letter, minutes is assumed.
|
||||
|
||||
-R3d for instance instructs clients to renew activation every 3
|
||||
-R3d for instance instructs clients to renew activation every 3
|
||||
days. The default renewal-interval is 10080 (identical to 7d and
|
||||
1w).
|
||||
|
||||
Due to poor implementation of Microsofts KMS Client it cannot be
|
||||
guaranteed that activation is renewed on time as specfied by the
|
||||
-R option. Don't care about that. Renewal will happen well
|
||||
-R option. Don't care about that. Renewal will happen well
|
||||
before your activation expires (usually 180 days).
|
||||
|
||||
Even though you can specify seconds, the granularity of this
|
||||
option is 1 minute. Seconds are rounded down to the next multi‐
|
||||
Even though you can specify seconds, the granularity of this
|
||||
option is 1 minute. Seconds are rounded down to the next multi‐
|
||||
ple of 60.
|
||||
|
||||
|
||||
-A activation-interval
|
||||
Instructs clients to retry activation every activation-interval
|
||||
if it was unsuccessful, e.g. because it could not reach the
|
||||
server. The default is 120 (identical to 2h). activation-inter‐
|
||||
val follows the same syntax as renewal-interval in the -R
|
||||
Instructs clients to retry activation every activation-interval
|
||||
if it was unsuccessful, e.g. because it could not reach the
|
||||
server. The default is 120 (identical to 2h). activation-inter‐
|
||||
val follows the same syntax as renewal-interval in the -R
|
||||
option.
|
||||
|
||||
|
||||
-s Installs vlmcsd as a Windows service. This option only works
|
||||
with the native Windows version and Cygwin. Combine -s with
|
||||
other command line options. These will be in effect when you
|
||||
start the service. The service automatically starts when you
|
||||
reboot your machine. To start it manually, type "net start vlm‐
|
||||
-s Installs vlmcsd as a Windows service. This option only works
|
||||
with the native Windows version and Cygwin. Combine -s with
|
||||
other command line options. These will be in effect when you
|
||||
start the service. The service automatically starts when you
|
||||
reboot your machine. To start it manually, type "net start vlm‐
|
||||
csd".
|
||||
|
||||
If you use Cygwin, you must include your Cygwin system DLL
|
||||
directory (usually C:\Cygwin\bin or C:\Cygwin64\bin) into the
|
||||
If you use Cygwin, you must include your Cygwin system DLL
|
||||
directory (usually C:\Cygwin\bin or C:\Cygwin64\bin) into the
|
||||
PATH environment variable or the service will not start.
|
||||
|
||||
You can reinstall the service anytime using vlmcsd -s again,
|
||||
e.g. with a different command line. If the service is running,
|
||||
You can reinstall the service anytime using vlmcsd -s again,
|
||||
e.g. with a different command line. If the service is running,
|
||||
it will be restarted with the new command line.
|
||||
|
||||
When using -s the command line is checked for basic syntax
|
||||
When using -s the command line is checked for basic syntax
|
||||
errors only. For example "vlmcsd -s -L 1.2.3.4" reports no error
|
||||
but the service will not start if 1.2.3.4 is not an IP address
|
||||
but the service will not start if 1.2.3.4 is not an IP address
|
||||
on your system.
|
||||
|
||||
|
||||
-S Uninstalls the vlmcsd service. Works only with the native Win‐
|
||||
dows version and Cygwin. All other options will be ignored if
|
||||
-S Uninstalls the vlmcsd service. Works only with the native Win‐
|
||||
dows version and Cygwin. All other options will be ignored if
|
||||
you include -S in the command line.
|
||||
|
||||
|
||||
-U [domain\]username
|
||||
Can only be used together with -s. Starts the service as a dif‐
|
||||
ferent user than the local SYSTEM account. This is used to run
|
||||
the service under an account with low privileges. If you omit
|
||||
Can only be used together with -s. Starts the service as a dif‐
|
||||
ferent user than the local SYSTEM account. This is used to run
|
||||
the service under an account with low privileges. If you omit
|
||||
the domain, an account from the local computer will be used.
|
||||
|
||||
You may use "NT AUTHORITY\NetworkService". This is a pseudo user
|
||||
with low privileges. You may also use "NT AUTHORITY\LocalSer‐
|
||||
with low privileges. You may also use "NT AUTHORITY\LocalSer‐
|
||||
vice" which has more privileges but these are of no use for run‐
|
||||
ning vlmcsd.
|
||||
|
||||
@ -557,20 +584,20 @@ OPTIONS
|
||||
sion for your executable. "NT AUTHORITY\NetworkService" normally
|
||||
has no permission to run binaries from your home directory.
|
||||
|
||||
For your convenience you can use the special username "/l" as a
|
||||
For your convenience you can use the special username "/l" as a
|
||||
shortcut for "NT AUTHORITY\LocalService" and "/n" for "NT
|
||||
AUTHORITY\NetworkService". "vlmcsd -s -U /n" installs the ser‐
|
||||
AUTHORITY\NetworkService". "vlmcsd -s -U /n" installs the ser‐
|
||||
vice to run as "NT AUTHORITY\NetworkService".
|
||||
|
||||
|
||||
-W password
|
||||
Can only be used together with -s. Specifies a password for the
|
||||
corresponding username you use with -U. SYSTEM, "NT AUTHOR‐
|
||||
ITY\NetworkService", "NT AUTHORITY\LocalService" do not require
|
||||
Can only be used together with -s. Specifies a password for the
|
||||
corresponding username you use with -U. SYSTEM, "NT AUTHOR‐
|
||||
ITY\NetworkService", "NT AUTHORITY\LocalService" do not require
|
||||
a password.
|
||||
|
||||
If you specify a user with even lower privileges than "NT
|
||||
AUTHORITY\NetworkService", you must specify its password. You
|
||||
If you specify a user with even lower privileges than "NT
|
||||
AUTHORITY\NetworkService", you must specify its password. You
|
||||
also have to grant the "Log on as a service" right to that user.
|
||||
|
||||
|
||||
@ -579,53 +606,53 @@ SIGNALS
|
||||
|
||||
|
||||
SIGTERM, SIGINT
|
||||
These signals cause vlmcsd to exit gracefully. All global sema‐
|
||||
phores and shared memory pages will be released, the pid file
|
||||
will be unlinked (deleted) and a shutdown message will be
|
||||
These signals cause vlmcsd to exit gracefully. All global sema‐
|
||||
phores and shared memory pages will be released, the pid file
|
||||
will be unlinked (deleted) and a shutdown message will be
|
||||
logged.
|
||||
|
||||
|
||||
SIGHUP Causes vlmcsd to be restarted completely. This is useful if you
|
||||
started vlmcsd with an ini file. You can modify the ini file
|
||||
while vlmcsd is running and then sending SIGHUP, e.g. by typing
|
||||
"killall -SIGHUP vlmcsd" or "kill -SIGHUP `cat /var/run/vlm‐
|
||||
SIGHUP Causes vlmcsd to be restarted completely. This is useful if you
|
||||
started vlmcsd with an ini file. You can modify the ini file
|
||||
while vlmcsd is running and then sending SIGHUP, e.g. by typing
|
||||
"killall -SIGHUP vlmcsd" or "kill -SIGHUP `cat /var/run/vlm‐
|
||||
csd.pid`".
|
||||
|
||||
The SIGHUP handler has been implemented relatively simple. It is
|
||||
virtually the same as stopping vlmcsd and starting it again
|
||||
virtually the same as stopping vlmcsd and starting it again
|
||||
immediately with the following exceptions:
|
||||
|
||||
|
||||
— The new process does not get a new process id.
|
||||
|
||||
— If you used a pid file, it is not deleted and recreated
|
||||
— If you used a pid file, it is not deleted and recreated
|
||||
because the process id stays the same.
|
||||
|
||||
— If you used the 'user' and/or 'group' directive in an ini
|
||||
file these are ignored. This is because once you switched to
|
||||
— If you used the 'user' and/or 'group' directive in an ini
|
||||
file these are ignored. This is because once you switched to
|
||||
lower privileged users and groups, there is no way back. Any‐
|
||||
thing else would be a severe security flaw in the OS.
|
||||
|
||||
Signaling is not available in the native Windows version and in the
|
||||
Signaling is not available in the native Windows version and in the
|
||||
Cygwin version when it runs as Windows service.
|
||||
|
||||
|
||||
SUPPORTED OPERATING SYSTEMS
|
||||
vlmcsd compiles and runs on Linux, Windows (no Cygwin required but
|
||||
explicitly supported), Mac OS X, FreeBSD, NetBSD, OpenBSD, Dragonfly
|
||||
BSD, Minix, Solaris, OpenIndiana, Android and iOS. Other POSIX or
|
||||
unixoid OSses may work with unmodified sources or may require minor
|
||||
vlmcsd compiles and runs on Linux, Windows (no Cygwin required but
|
||||
explicitly supported), Mac OS X, FreeBSD, NetBSD, OpenBSD, Dragonfly
|
||||
BSD, Minix, Solaris, OpenIndiana, Android and iOS. Other POSIX or
|
||||
unixoid OSses may work with unmodified sources or may require minor
|
||||
porting efforts.
|
||||
|
||||
|
||||
SUPPORTED PRODUCTS
|
||||
vlmcsd can answer activation requests for the following products: Win‐
|
||||
vlmcsd can answer activation requests for the following products: Win‐
|
||||
dows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10 (up to 1607),
|
||||
Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Win‐
|
||||
dows Server 2012 R2, Windows Server 2016, Office 2010, Project 2010,
|
||||
Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Win‐
|
||||
dows Server 2012 R2, Windows Server 2016, Office 2010, Project 2010,
|
||||
Visio 2010, Office 2013, Project 2013, Visio 2013, Office 2016, Project
|
||||
2016, Visio 2016. Newer version may work as long as the KMS protocol
|
||||
does not change. A complete list of fully supported products can be
|
||||
2016, Visio 2016. Newer version may work as long as the KMS protocol
|
||||
does not change. A complete list of fully supported products can be
|
||||
obtained using the -x option of vlmcs(1).
|
||||
|
||||
Office, Project and Visio must be volume license versions.
|
||||
@ -637,24 +664,24 @@ FILES
|
||||
|
||||
EXAMPLES
|
||||
vlmcsd -De
|
||||
Starts vlmcsd in foreground. Useful if you use it for the first
|
||||
time and want to see what's happening when a client requests
|
||||
Starts vlmcsd in foreground. Useful if you use it for the first
|
||||
time and want to see what's happening when a client requests
|
||||
activation.
|
||||
|
||||
|
||||
vlmcsd -l /var/log/vlmcsd.log
|
||||
Starts vlmcsd as a daemon and logs everything to /var/log/vlm‐
|
||||
Starts vlmcsd as a daemon and logs everything to /var/log/vlm‐
|
||||
csd.log.
|
||||
|
||||
|
||||
vlmcsd -L 192.168.1.17
|
||||
Starts vlmcsd as a daemon and listens on IP address 192.168.1.17
|
||||
only. This is useful for routers that have a public and a pri‐
|
||||
only. This is useful for routers that have a public and a pri‐
|
||||
vate IP address to prevent your KMS server from becoming public.
|
||||
|
||||
|
||||
vlmcsd -s -U /n -l C:\logs\vlmcsd.log
|
||||
Installs vlmcsd as a Windows service with low privileges and
|
||||
Installs vlmcsd as a Windows service with low privileges and
|
||||
logs everything to C:\logs\vlmcsd.log when the service is
|
||||
started with "net start vlmcsd".
|
||||
|
||||
@ -663,11 +690,6 @@ BUGS
|
||||
An ePID specified in an ini file must not contain spaces.
|
||||
|
||||
|
||||
INTENTIONAL BUGS
|
||||
vlmcsd always reports enough active clients to satisfy the N count pol‐
|
||||
icy of the request.
|
||||
|
||||
|
||||
AUTHOR
|
||||
Written by crony12, Hotbird64 and vityan666. With contributions from
|
||||
DougQaid.
|
||||
@ -683,4 +705,4 @@ SEE ALSO
|
||||
|
||||
|
||||
|
||||
Hotbird64 October 2016 VLMCSD(8)
|
||||
Hotbird64 November 2016 VLMCSD(8)
|
||||
|
@ -1,4 +1,4 @@
|
||||
.TH VLMCSD.INI 5 "October 2016" "Hotbird64" "KMS Activation Manual"
|
||||
.TH VLMCSD.INI 5 "November 2016" "Hotbird64" "KMS Activation Manual"
|
||||
.LO 8
|
||||
|
||||
.SH NAME
|
||||
@ -93,6 +93,11 @@ Write a pid file. The \fIargument\fR is the full pathname of a pid file. The pid
|
||||
.IP "\fBLogFile\fR"
|
||||
Write a log file. The \fIargument\fR is the full pathname of a log file. On a unixoid OS and with Cygwin you can use the special filename 'syslog' to log to the syslog facility. This is the same as specifying \fB-l\fR on the command line.
|
||||
|
||||
.IP "\fBKmsData\fR"
|
||||
Use a KMS data file. The \fIargument\fR is the full pathname of a KMS data file. By default vlmcsd only contains the minimum product data that is required to perform all operations correctly. You may use a more complete KMS data file that contains all detailed product names. This is especially useful if you are logging KMS requests. If you don't log, there is no need to load an external KMS data file.
|
||||
|
||||
You may use \fBKmsData\ =\ \-\fR to prevent the default KMS data file to be loaded.
|
||||
|
||||
.IP "\fBLogDateAndTime\fR"
|
||||
Can be TRUE or FALSE. The default is TRUE. If set to FALSE, logging output does not include date and time. This is useful if you log to \fBstdout\fR(3) which is redirected to another logging mechanism that already includes date and time in its output, for instance \fBsystemd-journald\fR(8). If you log to \fBsyslog\fR(3), \fBLogDateAndTime\fR is ignored and date and time will never be included in the output sent to \fBsyslog\fR(3). Using the command line you control this setting with options \fB-T0\fR and \fB-T1\fR.
|
||||
|
||||
|
@ -189,182 +189,195 @@ KEYWORDS
|
||||
same as specifying -l on the command line.
|
||||
|
||||
|
||||
KmsData
|
||||
Use a KMS data file. The argument is the full pathname of a KMS
|
||||
data file. By default vlmcsd only contains the minimum product
|
||||
data that is required to perform all operations correctly. You
|
||||
may use a more complete KMS data file that contains all detailed
|
||||
product names. This is especially useful if you are logging KMS
|
||||
requests. If you don't log, there is no need to load an external
|
||||
KMS data file.
|
||||
|
||||
You may use KmsData = - to prevent the default KMS data file to
|
||||
be loaded.
|
||||
|
||||
|
||||
LogDateAndTime
|
||||
Can be TRUE or FALSE. The default is TRUE. If set to FALSE, log‐
|
||||
ging output does not include date and time. This is useful if
|
||||
you log to stdout(3) which is redirected to another logging
|
||||
ging output does not include date and time. This is useful if
|
||||
you log to stdout(3) which is redirected to another logging
|
||||
mechanism that already includes date and time in its output, for
|
||||
instance systemd-journald(8). If you log to syslog(3), LogDate‐
|
||||
AndTime is ignored and date and time will never be included in
|
||||
instance systemd-journald(8). If you log to syslog(3), LogDate‐
|
||||
AndTime is ignored and date and time will never be included in
|
||||
the output sent to syslog(3). Using the command line you control
|
||||
this setting with options -T0 and -T1.
|
||||
|
||||
|
||||
LogVerbose
|
||||
Set this to either TRUE or FALSE. The default is FALSE. If set
|
||||
Set this to either TRUE or FALSE. The default is FALSE. If set
|
||||
to TRUE, more details of each activation will be logged. You use
|
||||
-v and -q in the command line to control this setting. LogVer‐
|
||||
bose has an effect only if you specify a log file or redirect
|
||||
-v and -q in the command line to control this setting. LogVer‐
|
||||
bose has an effect only if you specify a log file or redirect
|
||||
logging to stdout(3).
|
||||
|
||||
|
||||
WhitelistingLevel
|
||||
Can be 0, 1, 2 or 3. The default is 0. Sets the whitelisting
|
||||
Can be 0, 1, 2 or 3. The default is 0. Sets the whitelisting
|
||||
level to determine which products vlmcsd activates or refuses.
|
||||
|
||||
0: activate all products with an unknown, retail or
|
||||
beta/preview KMS ID.
|
||||
1: activate products with a retail or beta/preview KMS ID
|
||||
1: activate products with a retail or beta/preview KMS ID
|
||||
but refuse to activate products with an unknown KMS ID.
|
||||
2: activate products with an unknown KMS ID but refuse
|
||||
2: activate products with an unknown KMS ID but refuse
|
||||
products with a retail or beta/preview KMS ID.
|
||||
3: activate only products with a known volume license RTM
|
||||
3: activate only products with a known volume license RTM
|
||||
KMS ID and refuse all others.
|
||||
|
||||
|
||||
The SKU ID is not checked. Like a genuine KMS server vlmcsd
|
||||
activates a product that has a random or unknown SKU ID. If you
|
||||
select 1 or 3, vlmcsd also checks the Application ID for cor‐
|
||||
rectness. If Microsoft introduces a new KMS ID for a new prod‐
|
||||
uct, you cannot activate it if you used 1 or 3 until a new ver‐
|
||||
The SKU ID is not checked. Like a genuine KMS server vlmcsd
|
||||
activates a product that has a random or unknown SKU ID. If you
|
||||
select 1 or 3, vlmcsd also checks the Application ID for cor‐
|
||||
rectness. If Microsoft introduces a new KMS ID for a new prod‐
|
||||
uct, you cannot activate it if you used 1 or 3 until a new ver‐
|
||||
sion of vlmcsd is available.
|
||||
|
||||
|
||||
CheckClientTime
|
||||
Can be TRUE or FALSE. The default is FALSE. If you set this to
|
||||
TRUE vlmcsd(8) checks if the client time differs no more than
|
||||
four hours from the system time. This is useful to prevent emu‐
|
||||
Can be TRUE or FALSE. The default is FALSE. If you set this to
|
||||
TRUE vlmcsd(8) checks if the client time differs no more than
|
||||
four hours from the system time. This is useful to prevent emu‐
|
||||
lator detection. A client that tries to detect an emulator could
|
||||
simply send two subsequent request with two time stamps that
|
||||
differ more than four hours from each other. If both requests
|
||||
simply send two subsequent request with two time stamps that
|
||||
differ more than four hours from each other. If both requests
|
||||
succeed, the server is an emulator. If you set this to TRUE on a
|
||||
system with no reliable time source, activations will fail. It
|
||||
is ok to set the correct system time after you started vlm‐
|
||||
system with no reliable time source, activations will fail. It
|
||||
is ok to set the correct system time after you started vlm‐
|
||||
csd(8).
|
||||
|
||||
|
||||
MaintainClients
|
||||
Can be TRUE or FALSE (the default). Disables (FALSE) or enables
|
||||
Can be TRUE or FALSE (the default). Disables (FALSE) or enables
|
||||
(TRUE) maintaining a list of client machine IDs (CMIDs). TRUE is
|
||||
useful to prevent emulator detection. By maintaing a CMID list,
|
||||
vlmcsd(8) reports current active clients exactly like a genuine
|
||||
useful to prevent emulator detection. By maintaing a CMID list,
|
||||
vlmcsd(8) reports current active clients exactly like a genuine
|
||||
KMS emulator. This includes bug compatibility to the extent that
|
||||
you can permanently kill a genuine KMS emulator by sending an
|
||||
you can permanently kill a genuine KMS emulator by sending an
|
||||
"overcharge request" with a required client count of 376 or more
|
||||
and then request activation for 671 clients. vlmcsd(8) can be
|
||||
reset from this condition by restarting it. If FALSE is used,
|
||||
and then request activation for 671 clients. vlmcsd(8) can be
|
||||
reset from this condition by restarting it. If FALSE is used,
|
||||
vlmcsd(8) reports current active clients as good as possible. If
|
||||
no client sends an "overcharge request", it is not possible to
|
||||
detect vlmcsd(8) as an emulator with MaintainClients = FALSE.
|
||||
Maintaining clients requires the allocation of a buffer that is
|
||||
about 50 kB in size. On hardware with few memory resources use
|
||||
no client sends an "overcharge request", it is not possible to
|
||||
detect vlmcsd(8) as an emulator with MaintainClients = FALSE.
|
||||
Maintaining clients requires the allocation of a buffer that is
|
||||
about 50 kB in size. On hardware with few memory resources use
|
||||
it only if you really need it.
|
||||
|
||||
If you start vlmcsd(8) from an internet superserver, this set‐
|
||||
ting cannot be used. Since vlmcsd(8) exits after each activa‐
|
||||
If you start vlmcsd(8) from an internet superserver, this set‐
|
||||
ting cannot be used. Since vlmcsd(8) exits after each activa‐
|
||||
tion, it cannot maintain any state in memory.
|
||||
|
||||
|
||||
StartEmpty
|
||||
This setting is ignored if you do not also specify Maintain‐
|
||||
Clients = TRUE. If you specify FALSE (the default), vlmcsd(8)
|
||||
starts up as a fully "charged" KMS server. Clients activate
|
||||
immediately. StartEmpty = TRUE lets you start up vlmcsd(8) with
|
||||
This setting is ignored if you do not also specify Maintain‐
|
||||
Clients = TRUE. If you specify FALSE (the default), vlmcsd(8)
|
||||
starts up as a fully "charged" KMS server. Clients activate
|
||||
immediately. StartEmpty = TRUE lets you start up vlmcsd(8) with
|
||||
an empty CMID list. Activation will start when the required min‐
|
||||
imum clients (25 for Windows Client OSses, 5 for Windows Server
|
||||
OSses and Office) have registered with the KMS server. As long
|
||||
imum clients (25 for Windows Client OSses, 5 for Windows Server
|
||||
OSses and Office) have registered with the KMS server. As long
|
||||
as the minimum client count has not been reached, clients end up
|
||||
in HRESULT 0xC004F038 "The count reported by your Key Management
|
||||
Service (KMS) is insufficient. Please contact your system admin‐
|
||||
istrator". You may use vlmcs(1) or another KMS client emulator
|
||||
to "charge" vlmcsd(8). Setting this parameter to TRUE does not
|
||||
improve emulator detection prevention. It's primary purpose is
|
||||
to help developers of KMS clients to test "charging" a KMS
|
||||
istrator". You may use vlmcs(1) or another KMS client emulator
|
||||
to "charge" vlmcsd(8). Setting this parameter to TRUE does not
|
||||
improve emulator detection prevention. It's primary purpose is
|
||||
to help developers of KMS clients to test "charging" a KMS
|
||||
server.
|
||||
|
||||
|
||||
ActivationInterval
|
||||
This is the same as specifying -A on the command line. See vlm‐
|
||||
This is the same as specifying -A on the command line. See vlm‐
|
||||
csd(8) for details. The default is 2 hours. Example: Activation‐
|
||||
Interval = 1h
|
||||
|
||||
|
||||
RenewalInterval
|
||||
This is the same as specifying -R on the command line. See vlm‐
|
||||
csd(8) for details. The default is 7 days. Example: RenewalIn‐
|
||||
This is the same as specifying -R on the command line. See vlm‐
|
||||
csd(8) for details. The default is 7 days. Example: RenewalIn‐
|
||||
terval = 3d. Please note that the KMS client decides itself when
|
||||
to renew activation. Even though vlmcsd sends the renewal inter‐
|
||||
val you specify, it is no more than some kind of recommendation
|
||||
to the client. Older KMS clients did follow the recommendation
|
||||
val you specify, it is no more than some kind of recommendation
|
||||
to the client. Older KMS clients did follow the recommendation
|
||||
from a KMS server or emulator. Newer clients do not.
|
||||
|
||||
|
||||
User Run vlmcsd as another, preferrably less privileged, user. The
|
||||
argument can be a user name or a numeric user id. You must have
|
||||
the required privileges (capabilities on Linux) to change the
|
||||
security context of a process without providing any credentials
|
||||
(a password in most cases). On most unixoid OSses 'root' is the
|
||||
User Run vlmcsd as another, preferrably less privileged, user. The
|
||||
argument can be a user name or a numeric user id. You must have
|
||||
the required privileges (capabilities on Linux) to change the
|
||||
security context of a process without providing any credentials
|
||||
(a password in most cases). On most unixoid OSses 'root' is the
|
||||
only user who has these privileges in the default configuration.
|
||||
This setting is not available in the native Windows version of
|
||||
vlmcsd. See -u in vlmcsd(8). This setting cannot be changed on
|
||||
This setting is not available in the native Windows version of
|
||||
vlmcsd. See -u in vlmcsd(8). This setting cannot be changed on
|
||||
the fly by sending SIGHUP to vlmcsd.
|
||||
|
||||
|
||||
Group Run vlmcsd as another, preferrably less privileged, group. The
|
||||
argument can be a group name or a numeric group id. You must
|
||||
have the required privileges (capabilities on Linux) to change
|
||||
the security context of a process without providing any creden‐
|
||||
tials (a password in most cases). On most unixoid OSses 'root'
|
||||
Group Run vlmcsd as another, preferrably less privileged, group. The
|
||||
argument can be a group name or a numeric group id. You must
|
||||
have the required privileges (capabilities on Linux) to change
|
||||
the security context of a process without providing any creden‐
|
||||
tials (a password in most cases). On most unixoid OSses 'root'
|
||||
is the only user who has these privileges in the default config‐
|
||||
uration. This setting is not available in the native Windows
|
||||
version of vlmcsd. See -g in vlmcsd(8). This setting cannot be
|
||||
uration. This setting is not available in the native Windows
|
||||
version of vlmcsd. See -g in vlmcsd(8). This setting cannot be
|
||||
changed on the fly by sending SIGHUP to vlmcsd.
|
||||
|
||||
|
||||
Windows
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Windows activations. If specified, RandomizationLevel
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Windows activations. If specified, RandomizationLevel
|
||||
for Windows activitations will be ignored.
|
||||
|
||||
|
||||
Office2010
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2010 activations. If specified, Randomization‐
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2010 activations. If specified, Randomization‐
|
||||
Level for Office 2010 activitations will be ignored.
|
||||
|
||||
|
||||
Office2013
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2013 activations. If specified, Randomization‐
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2013 activations. If specified, Randomization‐
|
||||
Level for Office 2013 activitations will be ignored.
|
||||
|
||||
|
||||
Office2016
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2016 activations. If specified, Randomization‐
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2016 activations. If specified, Randomization‐
|
||||
Level for Office 2016 activitations will be ignored.
|
||||
|
||||
|
||||
VALID EPIDS
|
||||
The ePID is currently a comment only. You can specify any string up to
|
||||
63 bytes. In Windows 7 Microsoft has blacklisted few ( < 10 ) ePIDs
|
||||
that were used in KMSv5 versions of the "Ratiborus Virtual Machine".
|
||||
Microsoft has given up on blacklisting when KMS emulators appeared in
|
||||
The ePID is currently a comment only. You can specify any string up to
|
||||
63 bytes. In Windows 7 Microsoft has blacklisted few ( < 10 ) ePIDs
|
||||
that were used in KMSv5 versions of the "Ratiborus Virtual Machine".
|
||||
Microsoft has given up on blacklisting when KMS emulators appeared in
|
||||
the wild.
|
||||
|
||||
Even if you can use "Activated by cool hacker guys" as an ePID, you may
|
||||
wish to use ePIDs that cannot be detected as non-MS ePIDs. If you don't
|
||||
know how these "valid" ePIDs look like exactly, do not use GUIDS in
|
||||
vlmcsd.ini. vlmcsd provides internal mechanisms to generate valid
|
||||
know how these "valid" ePIDs look like exactly, do not use GUIDS in
|
||||
vlmcsd.ini. vlmcsd provides internal mechanisms to generate valid
|
||||
ePIDs.
|
||||
|
||||
If you use non-ASCII characters in your ePID (you shouldn't do anyway),
|
||||
these must be in UTF-8 format. This is especially important when you
|
||||
these must be in UTF-8 format. This is especially important when you
|
||||
run vlmcsd on Windows or cygwin because UTF-8 is not the default encod‐
|
||||
ing for most editors.
|
||||
|
||||
If you are specifying an optional HWID it follows the same syntax as in
|
||||
the -H option in vlmcsd(8) ecxept that you must not enclose a HWID in
|
||||
the -H option in vlmcsd(8) ecxept that you must not enclose a HWID in
|
||||
quotes even if it contains spaces.
|
||||
|
||||
|
||||
@ -378,7 +391,7 @@ AUTHOR
|
||||
|
||||
|
||||
CREDITS
|
||||
Thanks to CODYQX4, deagles, eIcn, mikmik38, nosferati87, qad, Rati‐
|
||||
Thanks to CODYQX4, deagles, eIcn, mikmik38, nosferati87, qad, Rati‐
|
||||
borus, ...
|
||||
|
||||
|
||||
@ -387,4 +400,4 @@ SEE ALSO
|
||||
|
||||
|
||||
|
||||
Hotbird64 October 2016 VLMCSD.INI(5)
|
||||
Hotbird64 November 2016 VLMCSD.INI(5)
|
||||
|
@ -1,5 +1,5 @@
|
||||
<!-- Creator : groff version 1.22.3 -->
|
||||
<!-- CreationDate: Fri Nov 4 17:18:01 2016 -->
|
||||
<!-- CreationDate: Mon Nov 28 01:28:23 2016 -->
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||
"http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
@ -317,6 +317,21 @@ unixoid OS and with Cygwin you can use the special filename
|
||||
’syslog’ to log to the syslog facility. This is
|
||||
the same as specifying <b>-l</b> on the command line.</p>
|
||||
|
||||
<p style="margin-left:11%;"><b>KmsData</b></p>
|
||||
|
||||
<p style="margin-left:22%;">Use a KMS data file. The
|
||||
<i>argument</i> is the full pathname of a KMS data file. By
|
||||
default vlmcsd only contains the minimum product data that
|
||||
is required to perform all operations correctly. You may use
|
||||
a more complete KMS data file that contains all detailed
|
||||
product names. This is especially useful if you are logging
|
||||
KMS requests. If you don’t log, there is no need to
|
||||
load an external KMS data file.</p>
|
||||
|
||||
<p style="margin-left:22%; margin-top: 1em">You may use
|
||||
<b>KmsData = -</b> to prevent the default KMS data
|
||||
file to be loaded.</p>
|
||||
|
||||
<p style="margin-left:11%;"><b>LogDateAndTime</b></p>
|
||||
|
||||
<p style="margin-left:22%;">Can be TRUE or FALSE. The
|
||||
|
Binary file not shown.
@ -189,182 +189,195 @@ KEYWORDS
|
||||
same as specifying -l on the command line.
|
||||
|
||||
|
||||
KmsData
|
||||
Use a KMS data file. The argument is the full pathname of a KMS
|
||||
data file. By default vlmcsd only contains the minimum product
|
||||
data that is required to perform all operations correctly. You
|
||||
may use a more complete KMS data file that contains all detailed
|
||||
product names. This is especially useful if you are logging KMS
|
||||
requests. If you don't log, there is no need to load an external
|
||||
KMS data file.
|
||||
|
||||
You may use KmsData = - to prevent the default KMS data file to
|
||||
be loaded.
|
||||
|
||||
|
||||
LogDateAndTime
|
||||
Can be TRUE or FALSE. The default is TRUE. If set to FALSE, log‐
|
||||
ging output does not include date and time. This is useful if
|
||||
you log to stdout(3) which is redirected to another logging
|
||||
ging output does not include date and time. This is useful if
|
||||
you log to stdout(3) which is redirected to another logging
|
||||
mechanism that already includes date and time in its output, for
|
||||
instance systemd-journald(8). If you log to syslog(3), LogDate‐
|
||||
AndTime is ignored and date and time will never be included in
|
||||
instance systemd-journald(8). If you log to syslog(3), LogDate‐
|
||||
AndTime is ignored and date and time will never be included in
|
||||
the output sent to syslog(3). Using the command line you control
|
||||
this setting with options -T0 and -T1.
|
||||
|
||||
|
||||
LogVerbose
|
||||
Set this to either TRUE or FALSE. The default is FALSE. If set
|
||||
Set this to either TRUE or FALSE. The default is FALSE. If set
|
||||
to TRUE, more details of each activation will be logged. You use
|
||||
-v and -q in the command line to control this setting. LogVer‐
|
||||
bose has an effect only if you specify a log file or redirect
|
||||
-v and -q in the command line to control this setting. LogVer‐
|
||||
bose has an effect only if you specify a log file or redirect
|
||||
logging to stdout(3).
|
||||
|
||||
|
||||
WhitelistingLevel
|
||||
Can be 0, 1, 2 or 3. The default is 0. Sets the whitelisting
|
||||
Can be 0, 1, 2 or 3. The default is 0. Sets the whitelisting
|
||||
level to determine which products vlmcsd activates or refuses.
|
||||
|
||||
0: activate all products with an unknown, retail or
|
||||
beta/preview KMS ID.
|
||||
1: activate products with a retail or beta/preview KMS ID
|
||||
1: activate products with a retail or beta/preview KMS ID
|
||||
but refuse to activate products with an unknown KMS ID.
|
||||
2: activate products with an unknown KMS ID but refuse
|
||||
2: activate products with an unknown KMS ID but refuse
|
||||
products with a retail or beta/preview KMS ID.
|
||||
3: activate only products with a known volume license RTM
|
||||
3: activate only products with a known volume license RTM
|
||||
KMS ID and refuse all others.
|
||||
|
||||
|
||||
The SKU ID is not checked. Like a genuine KMS server vlmcsd
|
||||
activates a product that has a random or unknown SKU ID. If you
|
||||
select 1 or 3, vlmcsd also checks the Application ID for cor‐
|
||||
rectness. If Microsoft introduces a new KMS ID for a new prod‐
|
||||
uct, you cannot activate it if you used 1 or 3 until a new ver‐
|
||||
The SKU ID is not checked. Like a genuine KMS server vlmcsd
|
||||
activates a product that has a random or unknown SKU ID. If you
|
||||
select 1 or 3, vlmcsd also checks the Application ID for cor‐
|
||||
rectness. If Microsoft introduces a new KMS ID for a new prod‐
|
||||
uct, you cannot activate it if you used 1 or 3 until a new ver‐
|
||||
sion of vlmcsd is available.
|
||||
|
||||
|
||||
CheckClientTime
|
||||
Can be TRUE or FALSE. The default is FALSE. If you set this to
|
||||
TRUE vlmcsd(8) checks if the client time differs no more than
|
||||
four hours from the system time. This is useful to prevent emu‐
|
||||
Can be TRUE or FALSE. The default is FALSE. If you set this to
|
||||
TRUE vlmcsd(8) checks if the client time differs no more than
|
||||
four hours from the system time. This is useful to prevent emu‐
|
||||
lator detection. A client that tries to detect an emulator could
|
||||
simply send two subsequent request with two time stamps that
|
||||
differ more than four hours from each other. If both requests
|
||||
simply send two subsequent request with two time stamps that
|
||||
differ more than four hours from each other. If both requests
|
||||
succeed, the server is an emulator. If you set this to TRUE on a
|
||||
system with no reliable time source, activations will fail. It
|
||||
is ok to set the correct system time after you started vlm‐
|
||||
system with no reliable time source, activations will fail. It
|
||||
is ok to set the correct system time after you started vlm‐
|
||||
csd(8).
|
||||
|
||||
|
||||
MaintainClients
|
||||
Can be TRUE or FALSE (the default). Disables (FALSE) or enables
|
||||
Can be TRUE or FALSE (the default). Disables (FALSE) or enables
|
||||
(TRUE) maintaining a list of client machine IDs (CMIDs). TRUE is
|
||||
useful to prevent emulator detection. By maintaing a CMID list,
|
||||
vlmcsd(8) reports current active clients exactly like a genuine
|
||||
useful to prevent emulator detection. By maintaing a CMID list,
|
||||
vlmcsd(8) reports current active clients exactly like a genuine
|
||||
KMS emulator. This includes bug compatibility to the extent that
|
||||
you can permanently kill a genuine KMS emulator by sending an
|
||||
you can permanently kill a genuine KMS emulator by sending an
|
||||
"overcharge request" with a required client count of 376 or more
|
||||
and then request activation for 671 clients. vlmcsd(8) can be
|
||||
reset from this condition by restarting it. If FALSE is used,
|
||||
and then request activation for 671 clients. vlmcsd(8) can be
|
||||
reset from this condition by restarting it. If FALSE is used,
|
||||
vlmcsd(8) reports current active clients as good as possible. If
|
||||
no client sends an "overcharge request", it is not possible to
|
||||
detect vlmcsd(8) as an emulator with MaintainClients = FALSE.
|
||||
Maintaining clients requires the allocation of a buffer that is
|
||||
about 50 kB in size. On hardware with few memory resources use
|
||||
no client sends an "overcharge request", it is not possible to
|
||||
detect vlmcsd(8) as an emulator with MaintainClients = FALSE.
|
||||
Maintaining clients requires the allocation of a buffer that is
|
||||
about 50 kB in size. On hardware with few memory resources use
|
||||
it only if you really need it.
|
||||
|
||||
If you start vlmcsd(8) from an internet superserver, this set‐
|
||||
ting cannot be used. Since vlmcsd(8) exits after each activa‐
|
||||
If you start vlmcsd(8) from an internet superserver, this set‐
|
||||
ting cannot be used. Since vlmcsd(8) exits after each activa‐
|
||||
tion, it cannot maintain any state in memory.
|
||||
|
||||
|
||||
StartEmpty
|
||||
This setting is ignored if you do not also specify Maintain‐
|
||||
Clients = TRUE. If you specify FALSE (the default), vlmcsd(8)
|
||||
starts up as a fully "charged" KMS server. Clients activate
|
||||
immediately. StartEmpty = TRUE lets you start up vlmcsd(8) with
|
||||
This setting is ignored if you do not also specify Maintain‐
|
||||
Clients = TRUE. If you specify FALSE (the default), vlmcsd(8)
|
||||
starts up as a fully "charged" KMS server. Clients activate
|
||||
immediately. StartEmpty = TRUE lets you start up vlmcsd(8) with
|
||||
an empty CMID list. Activation will start when the required min‐
|
||||
imum clients (25 for Windows Client OSses, 5 for Windows Server
|
||||
OSses and Office) have registered with the KMS server. As long
|
||||
imum clients (25 for Windows Client OSses, 5 for Windows Server
|
||||
OSses and Office) have registered with the KMS server. As long
|
||||
as the minimum client count has not been reached, clients end up
|
||||
in HRESULT 0xC004F038 "The count reported by your Key Management
|
||||
Service (KMS) is insufficient. Please contact your system admin‐
|
||||
istrator". You may use vlmcs(1) or another KMS client emulator
|
||||
to "charge" vlmcsd(8). Setting this parameter to TRUE does not
|
||||
improve emulator detection prevention. It's primary purpose is
|
||||
to help developers of KMS clients to test "charging" a KMS
|
||||
istrator". You may use vlmcs(1) or another KMS client emulator
|
||||
to "charge" vlmcsd(8). Setting this parameter to TRUE does not
|
||||
improve emulator detection prevention. It's primary purpose is
|
||||
to help developers of KMS clients to test "charging" a KMS
|
||||
server.
|
||||
|
||||
|
||||
ActivationInterval
|
||||
This is the same as specifying -A on the command line. See vlm‐
|
||||
This is the same as specifying -A on the command line. See vlm‐
|
||||
csd(8) for details. The default is 2 hours. Example: Activation‐
|
||||
Interval = 1h
|
||||
|
||||
|
||||
RenewalInterval
|
||||
This is the same as specifying -R on the command line. See vlm‐
|
||||
csd(8) for details. The default is 7 days. Example: RenewalIn‐
|
||||
This is the same as specifying -R on the command line. See vlm‐
|
||||
csd(8) for details. The default is 7 days. Example: RenewalIn‐
|
||||
terval = 3d. Please note that the KMS client decides itself when
|
||||
to renew activation. Even though vlmcsd sends the renewal inter‐
|
||||
val you specify, it is no more than some kind of recommendation
|
||||
to the client. Older KMS clients did follow the recommendation
|
||||
val you specify, it is no more than some kind of recommendation
|
||||
to the client. Older KMS clients did follow the recommendation
|
||||
from a KMS server or emulator. Newer clients do not.
|
||||
|
||||
|
||||
User Run vlmcsd as another, preferrably less privileged, user. The
|
||||
argument can be a user name or a numeric user id. You must have
|
||||
the required privileges (capabilities on Linux) to change the
|
||||
security context of a process without providing any credentials
|
||||
(a password in most cases). On most unixoid OSses 'root' is the
|
||||
User Run vlmcsd as another, preferrably less privileged, user. The
|
||||
argument can be a user name or a numeric user id. You must have
|
||||
the required privileges (capabilities on Linux) to change the
|
||||
security context of a process without providing any credentials
|
||||
(a password in most cases). On most unixoid OSses 'root' is the
|
||||
only user who has these privileges in the default configuration.
|
||||
This setting is not available in the native Windows version of
|
||||
vlmcsd. See -u in vlmcsd(8). This setting cannot be changed on
|
||||
This setting is not available in the native Windows version of
|
||||
vlmcsd. See -u in vlmcsd(8). This setting cannot be changed on
|
||||
the fly by sending SIGHUP to vlmcsd.
|
||||
|
||||
|
||||
Group Run vlmcsd as another, preferrably less privileged, group. The
|
||||
argument can be a group name or a numeric group id. You must
|
||||
have the required privileges (capabilities on Linux) to change
|
||||
the security context of a process without providing any creden‐
|
||||
tials (a password in most cases). On most unixoid OSses 'root'
|
||||
Group Run vlmcsd as another, preferrably less privileged, group. The
|
||||
argument can be a group name or a numeric group id. You must
|
||||
have the required privileges (capabilities on Linux) to change
|
||||
the security context of a process without providing any creden‐
|
||||
tials (a password in most cases). On most unixoid OSses 'root'
|
||||
is the only user who has these privileges in the default config‐
|
||||
uration. This setting is not available in the native Windows
|
||||
version of vlmcsd. See -g in vlmcsd(8). This setting cannot be
|
||||
uration. This setting is not available in the native Windows
|
||||
version of vlmcsd. See -g in vlmcsd(8). This setting cannot be
|
||||
changed on the fly by sending SIGHUP to vlmcsd.
|
||||
|
||||
|
||||
Windows
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Windows activations. If specified, RandomizationLevel
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Windows activations. If specified, RandomizationLevel
|
||||
for Windows activitations will be ignored.
|
||||
|
||||
|
||||
Office2010
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2010 activations. If specified, Randomization‐
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2010 activations. If specified, Randomization‐
|
||||
Level for Office 2010 activitations will be ignored.
|
||||
|
||||
|
||||
Office2013
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2013 activations. If specified, Randomization‐
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2013 activations. If specified, Randomization‐
|
||||
Level for Office 2013 activitations will be ignored.
|
||||
|
||||
|
||||
Office2016
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2016 activations. If specified, Randomization‐
|
||||
The argument has the form ePID [ / HwId ]. Always use ePID and
|
||||
HwId for Office 2016 activations. If specified, Randomization‐
|
||||
Level for Office 2016 activitations will be ignored.
|
||||
|
||||
|
||||
VALID EPIDS
|
||||
The ePID is currently a comment only. You can specify any string up to
|
||||
63 bytes. In Windows 7 Microsoft has blacklisted few ( < 10 ) ePIDs
|
||||
that were used in KMSv5 versions of the "Ratiborus Virtual Machine".
|
||||
Microsoft has given up on blacklisting when KMS emulators appeared in
|
||||
The ePID is currently a comment only. You can specify any string up to
|
||||
63 bytes. In Windows 7 Microsoft has blacklisted few ( < 10 ) ePIDs
|
||||
that were used in KMSv5 versions of the "Ratiborus Virtual Machine".
|
||||
Microsoft has given up on blacklisting when KMS emulators appeared in
|
||||
the wild.
|
||||
|
||||
Even if you can use "Activated by cool hacker guys" as an ePID, you may
|
||||
wish to use ePIDs that cannot be detected as non-MS ePIDs. If you don't
|
||||
know how these "valid" ePIDs look like exactly, do not use GUIDS in
|
||||
vlmcsd.ini. vlmcsd provides internal mechanisms to generate valid
|
||||
know how these "valid" ePIDs look like exactly, do not use GUIDS in
|
||||
vlmcsd.ini. vlmcsd provides internal mechanisms to generate valid
|
||||
ePIDs.
|
||||
|
||||
If you use non-ASCII characters in your ePID (you shouldn't do anyway),
|
||||
these must be in UTF-8 format. This is especially important when you
|
||||
these must be in UTF-8 format. This is especially important when you
|
||||
run vlmcsd on Windows or cygwin because UTF-8 is not the default encod‐
|
||||
ing for most editors.
|
||||
|
||||
If you are specifying an optional HWID it follows the same syntax as in
|
||||
the -H option in vlmcsd(8) ecxept that you must not enclose a HWID in
|
||||
the -H option in vlmcsd(8) ecxept that you must not enclose a HWID in
|
||||
quotes even if it contains spaces.
|
||||
|
||||
|
||||
@ -378,7 +391,7 @@ AUTHOR
|
||||
|
||||
|
||||
CREDITS
|
||||
Thanks to CODYQX4, deagles, eIcn, mikmik38, nosferati87, qad, Rati‐
|
||||
Thanks to CODYQX4, deagles, eIcn, mikmik38, nosferati87, qad, Rati‐
|
||||
borus, ...
|
||||
|
||||
|
||||
@ -387,4 +400,4 @@ SEE ALSO
|
||||
|
||||
|
||||
|
||||
Hotbird64 October 2016 VLMCSD.INI(5)
|
||||
Hotbird64 November 2016 VLMCSD.INI(5)
|
||||
|
@ -1,5 +1,5 @@
|
||||
<!-- Creator : groff version 1.22.3 -->
|
||||
<!-- CreationDate: Fri Nov 4 17:18:01 2016 -->
|
||||
<!-- CreationDate: Mon Nov 28 01:28:23 2016 -->
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||
"http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
|
Binary file not shown.
Reference in New Issue
Block a user