Repository/VLMCSD
0
Fork 0
Code Actions Releases 1 Activity

Inital Commit
All checks were successful
VLMCSD / VLMCSD [arm64] (push) Successful in 12s
Details
VLMCSD / VLMCSD [amd64] (push) Successful in 18s
Details

Browse Source
This commit is contained in:
Cantibra
2025-10-26 21:11:06 +01:00
commit 5de27443af
99 changed files with 25806 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
sources/man/GNUmakefile Normal file
View File

@@ -0,0 +1,44 @@
################################################################################
.PHONY: clean
PDFDOCS = vlmcs.1.pdf vlmcsd.7.pdf vlmcsd.8.pdf vlmcsdmulti.1.pdf vlmcsd.ini.5.pdf vlmcsd-floppy.7.pdf
HTMLDOCS = $(PDFDOCS:.pdf=.html)
UNIXDOCS = $(PDFDOCS:.pdf=.unix.txt)
DOSDOCS = $(PDFDOCS:.pdf=.dos.txt)
%.pdf : %
ifeq ($(shell uname), Darwin)
groff -Tps -mandoc -c $< | pstopdf -i -o $@
else
groff -Tpdf -mandoc -c $< > $@
endif
%.html : %
groff -Thtml -mandoc -c $< > $@
%.unix.txt : %
groff -P -c -Tascii -mandoc -c $< | col -bx > $@
%.dos.txt : %.unix.txt
# unix2dos -n $< $@
# sed -e 's/$$/\r/' $< > $@
awk 'sub("$$", "\r")' $< > $@
alldocs : $(UNIXDOCS) $(HTMLDOCS) $(PDFDOCS) $(DOSDOCS)
pdfdocs : $(PDFDOCS)
dosdocs : $(DOSDOCS)
unixdocs : $(UNIXDOCS)
htmldocs : $(HTMLDOCS)
clean:
rm -f $(PDFDOCS) $(DOSDOCS) $(UNIXDOCS) $(HTMLDOCS)
help:
@echo "Help is available by typing 'make help' in directory $(shell realpath `pwd`/..). Use 'cd ..' to get there."

263
sources/man/vlmcs.1 Normal file
View File

@@ -0,0 +1,263 @@
.mso www.tmac
.TH VLMCS 1 "November 2016" "Hotbird64" "KMS Activation Manual"
.LO 1
.SH NAME
vlmcs \- a client for testing and/or charging KMS servers
.SH SYNOPSIS
\fBvlmcs\fR [ \fIoptions\fR ] [ \fItarget\fR ] [ \fIoptions\fR ]
.PP
\fItarget\fR can be one of the following:
.RS
.PP
\fIhostname\fR|\fIipaddress\fR[:\fItcp-port\fR] to query a specific KMS server (example: vlmcs kms.example.com:1688).
.br
\fR.\fIdomain\fR to automatically detect KMS servers via DNS for \fIdomain\fR (example: vlmcs .example.com). Please note the dot before \fIdomain\fR.
.br
\fI-\fR (a single dash) to detect KMS servers in your own domain.
.RE
If you use \fIipaddress\fR:\fIport\fR as the \fItarget\fR, the \fIipaddress\fR must be enclosed in brackets
if it contains colons, e.g. [2001:db8:dead:beef::1]:1688. If you use a link-local IPv6 address on Unix systems, you must append a percent sign and the
interface identifier of the source interface, for example fe80::dead:beef%eth0.
.PP
If you omit the \fItarget\fR, 127.0.0.1:1688 will be used except if you use \fB-i6\fR. In this case the default target is [::1]:1688.
.SH DESCRIPTION
\fBvlmcs\fR is a program that can be used to test a KMS server that provides activation for
several Microsoft products. The KMS server may also be an emulator. It supports
KMS protocol versions 4, 5 and 6.
.PP
.B vlmcs
generates one or more activation requests for a Microsoft KMS product and sends
it to a KMS server. It then analyzes and displays the responses of the KMS server.
.PP
.B vlcms
checks both the DCE-RPC protocol and the activation message for correctness and
reports any errors that it finds.
.PP
.B vlmcs
can also be used to "charge" a KMS server. A Microsoft KMS server sends correct activation messages only if it detects a certain minimum of clients (25 for Windows client OSses, 5 otherwise) on the network. This is Microsoft's futile attempt to prevent running a KMS server in a home environment.
.SH OPTIONS
.IP "\fB-h\fR or \fB-?"
Show help.
.IP "\fB-V\fR"
Displays extended version information. This includes the compiler used to build vlmcs, the intended platform and flags (compile time options) to build vlmcs. If you have the source code of vlmcsd, you can type \fBmake help\fR (or \fBgmake help\fR on systems that do not use the GNU version of \fBmake\fR(1) by default) to see the meaning of those flags.
.IP \fB-x
Show valid
.IR application s
that can be used with
.BR "-l" "."
.IP \fB-e
Show some examples how to use vlmcs correctly.
.IP \fB-v
Be verbose. Instead of just displaying the returned ePID and the HwId
(protocol v6 only) vlmcsd shows all details of the query and the response.
.IP "\fB-l\fR \fIapplication"
Request activation for a specific
.IR "application" "."
Valid applications can be displayed by using
.BR "-x" "."
The default
.IR application " is"
.IR "Windows Vista Business" "."
The list of available applications is not complete. You may
supply GUIDs with
.BR "-a" ", " "-k" " and " "-s"
to specify applications that are not listed with \fB-x\fR. The
.B -l
option is used as a shortcut for the most common applications.
.IP "\fB-K\fR \fIprotocol-version\fR"
Force a specific version of the KMS protocol. Valid versions are 4.0, 5.0 and 6.0. The default is to select a suitable version according to the \fIapplication\fR selected. You may use \fB-K\fR to send an incorrect protocol version to the KMS server and see how it behaves. Genuine KMS servers return HRESULT 0x8007000D if the KMS protocol is not 4.0, 5.0 or 6.0. Emulators should do the same. When sending a request with an incorrect protocol number, vlmcs ignores the minor protocol number (e.g. sends a v4 request for version 4.1). If the major version number is less then 4, it sends a v4 request. If the major version is greater then 6, it sends a v6 request. In any case the \fIprotocol-version\fR as specified by \fB-K\fR is put in the version fields of the request.
.IP "\fB-4\fR, \fB-5\fR and \fB-6"
Force version 4, 5 or 6 of the KMS protocol. These options are actually shortcuts of \fB-K 4.0\fR, \fB-K 5.0\fR and \fB-K 6.0\fR.
.IP "\fB-j\fR \fIfilename\fR"
Use KMS data file \fIfilename\fR. By default vlmcs contains product data that is recent when vlmcs was compiled. You may use a more recent KMS data file that contains additional products.
If vlmcsd has been compiled to use a default KMS data file, you may use \fB-j-\fR to ignore the default configuration file.
.IP "\fB-m"
Let the client pretend to be a virtual machine. Early versions of Microsoft's
KMS server did not increase the client count if the request came from a virtual
machine. Newer versions ignore this flag.
.IP "\fB-d"
Use NetBIOS names instead of DNS names. By default vlmcsd generates some random
DNS names for each request. If you prefer NetBIOS names, you may use
.IR "\fB-d" "."
A real Microsoft activation client uses DNS names or NetBIOS depending on the
client name configuration. KMS servers treat the workstation name as a comment
that affects logging only. Clients will be identified by a GUID that can
be specified using \fB-c\fR. \fB-d\fR has no effect if you also specify \fB-w\fR.
.IP "\fB-a\fR \fIapplication-guid"
Send requests with a specific
.IR "application-guid" "."
There are currently only three known valid
.IR "application-guid" "s:"
.IP
55c92734-d682-4d71-983e-d6ec3f16059f (Windows)
.br
59a52881-a989-479d-af46-f275c6370663 (Office 2010)
.br
0ff1ce15-a989-479d-af46-f275c6370663 (Office 2013)
.IP
A Microsoft KMS server uses these GUIDs to have seperate counters for the
already activated clients. A client that does not contact the KMS server
within 30 days will be deleted from the database. Emulated KMS servers
are always fully charged.
.IP "\fB-k\fR \fIkms-guid\fR"
Send requests with a specific
.IR "kms-guid" "."
A Microsoft KMS server uses these GUIDs as a product id to decide whether to
grant activation or not. A list of current \fIkms-guid\fRs can be found in
kms.c (table KmsIdList). Emulated KMS servers grant activation unconditionally
and do not check the \fIkms-guid\fR.
.IP "\fB-s\fR \fIactivation-guid\fR"
The \fIactivation-guid\fR defines the actual product, e.g. "Windows 8.1 Professional WMC KMSCLIENT edition". A \fIactivation-guid\fR maps 1:1 to a product key.
However, neither a Microsoft KMS server nor emulated servers check this id.
The \fIactivation-guid\fR is useful in logging to get a specific product description like
"Windows 8.1 Professional WMC". A list of current \fIactivation-guid\fRs can be found in
kms.c (table ExtendedProductList).
.IP "\fB-n\fR \fIrequests"
Send
.I requests
requests to the server. The default is to send at least one request and enough
subsequent requests that the server is fully charged afterwards for
the \fIapplication\-guid\fR you selected (explicitly with
.BR "-a" " or implicitly by using " "-l" ")."
.IP "\fB-T"
Causes to use a new TCP connection for each request if multiple requests
are sent with vlmcsd. This is useful when you want to test an emulated KMS
server whether it suffers from memory leaks. To test for memory leaks use
.B -n
with a large number of requests (> 100000) and then test twice (with and
without
.BR "-T" ")."
This option may become neccessary for future versions of Microsoft's KMS
server because multiple requests with different
.IR clients-guid s
for the same
.I kms-id-guid
are impossible in a real KMS szenario over the same TCP connection.
.IP "\fB-c\fR \fIclient-machine-guid\fR"
Normally vlmcs generates a random \fIclient-machine-guid\fR for each request. By using this option you can specify a fixed \fIclient-machine-guid\fR
This causes a Microsoft KMS not to increment its client count because it
receives multiple requests for the same client. Thus do not use
.BR "-c"
if you want to charge a real KMS server.
.IP "\fB-o\fR \fIprevious-client-machine-guid\fR"
If the \fIclient-machine-guid\fR changes for some reason, the real KMS client stores a \fIprevious-client-machine-guid\fR which is sent
to the KMS server. This happens rarely and usually 00000000-0000-0000-0000-000000000000 is used. You can use \fB-o\fR to specify a different
\fIprevious-client-machine-guid\fR.
.IP "\fB-G\fR \fIfilename\fR"
Grabs ePIDs and HWIDs from a KMS server and writes the information to \fIfilename\fR
in format suitable to be used as a configuration file (aka ini file) for \fBvlmcsd\fR(8).
This is especially useful if you have access to a genuine KMS server and want to use
the same data with \fBvlmcsd\fR(8).
If \fIfilename\fR does not exist, it will be created.
If you specify an existing \fIfilename\fR, it will be updated to use the information
received from the remote KMS server and a backup \fIfilename\fR~ will be created.
\fB-G\fR cannot be used with \fB-l\fR, \fB-4\fR, \fB-5\fR, \fB-6\fR, \fB-a\fR, \fB-s\fR, \fB-k\fR, \fB-r\fR and \fB-n\fR
.IP "\fB-w\fR \fIworkstation-name"
Send requests with a specific
.IR "workstation-name" "."
This disables the random generator for the workstation name. Since it is
a comment only, this option does not have much effect.
.IP "\fB-r\fR \fIrequired-client-count"
Also known as the "N count policy". Tells the KMS server that successful activation requires
\fIrequired-client-count\fR clients. The default is the
\fIrequired-client-count\fR that the product would need if the request
was a real activation. A Microsoft KMS server counts clients
up to the double amount what was specified with \fB-r\fR. This option
can be used to "overcharge" a Microsoft KMS server.
.IP "\fB\-t\ \fIstatus\fR"
Reports a specific license status to the KMS server. \fIstatus\fR is a number
that can be from 0 to 6. 0=unlicensed, 1=licensed, 2=OOB grace, 3=OOT grace,
4=Non-genuinue grace, 5=notification, 6=extended grace. Refer to
.URL "http://technet.microsoft.com/en-us/library/ff686879.aspx#_Toc257201371" "TechNet" ""
for more information. A Microsoft KMS server collects this information for
statistics only.
.IP "\fB-g\fR \fIbinding-expiration\fR"
This tells the KMS server how long a client will stay in its current license
status. This can be the remaining OOB time (the grace peroid that is granted between installation of a product and when activation is actuall required) or
the remaining time when KMS activation must be renewed.
\fIbinding-expiration\fR is specified in minutes. A Microsoft KMS server
apparantly does not use this information.
.IP "\fB-i \fIprotocol-version\fR"
Force the use of Internet protocol \fIprotocol-version\fR. Allowed values are 4 (IPv4) and 6 (IPv6). This option is useful only if you specfiy a \fIhostname\fR and not an
\fIip-address\fR on the command line.
.IP "\fB-p\fR"
Do not set the RPC_PF_MULTIPLEX flag in the RPC bind request. This can be used to test if the KMS server uses the same setting of this flag in the RPC bind respone. Some KMS
emulators don't set this correctly.
.IP "\fB-N0\fR and \fB-N1\fR"
Disables (\fB-N0\fR) or enables (\fB-N1\fR) the NDR64 transfer syntax in the RPC protocol. Disable NDR64 only in case of problems. If NDR64 is not used, vlmcs cannot detect many RPC protocol errors in KMS emulators. If you want to test whether a KMS emulator fully supports NDR64, you must use the \fB-n\fR option to send at least two requests. This is because Microsoft's client always sends the first request using NDR32 syntax and subsequent requests using NDR64 syntax.
.IP "\fB-B0\fR and \fB-B1\fR"
Disables (\fB-B0\fR) or enables (\fB-B1\fR) bind time feature negotiation (BTFN) in the RPC protocol. Disable BTFN only in case of problems. If BTFN is not used, vlmcs cannot detect many RPC protocol errors in KMS emulators.
.PP
Options that do not require an argument can be specified together with a single
dash, e.g. vlmcs -6mvT. If you specify an option more than once, the last occurence
will be in effect.
.SH FILES
.IP "\fBvlmcsd.ini\fR(5)"
.SH EXAMPLES
.IP "\fBvlmcs kms.example.com"
Request activation for Windows Vista using v4 protocol from kms.example.com.
Repeat activation requests until server is charged for all Windows products.
.IP "\fBvlmcs -"
Request activation for Windows Vista using v4 protocol from a KMS server that is published via DNS for the current domain.
.IP "\fBvlmcs .example.com"
Request activation for Windows Vista using v4 protocol from a KMS server that is published via DNS for domain example.com.
.IP "\fBvlmcs -6 -l Office2013 -v -n 1"
Request exactly one activation for Office2013 using v6 protocol from
localhost. Display verbose results.
.IP "\fBvlmcs kms.bigcompany.com -G /etc/vlmcsd.ini"
Get ePIDs and HWIDs from kms.bigcompany.com and create/update /etc/vlmcsd.ini accordingly.
.SH BUGS
Some platforms (e.g. Solaris) may have a \fBman\fR(7) system that does not handle URLs. URLs may be omitted in the documentation on those platforms. Cygwin, Linux, FreeBSD and Mac OS X are known to work correctly.
.SH AUTHOR
Written by Hotbird64
.SH CREDITS
Thanks to CODYQX4, crony12, deagles, DougQaid, eIcn, mikmik38, nosferati87, qad, Ratiborus, vityan666, ...
.SH SEE ALSO
\fBvlmcsd\fR(7), \fBvlmcsd\fR(8), \fBvlmcsdmulti\fR(1)

304
sources/man/vlmcsd-floppy.7 Normal file
View File

@@ -0,0 +1,304 @@
.mso www.tmac
.TH "VLMCSD-FLOPPY" 7 "February 2019" "Hotbird64" "KMS Activation Manual"
.LO 8
.SH NAME
floppy144.vfd \- a bootable floppy disk with Linux and \fBvlmcsd\fR(8)
.SH DESCRIPTION
\fBfloppy144.vfd\fR is an image of a bootable floppy that contains a minimal version of Linux and \fBvlmcsd\fR(8). It requires only 16 MB of RAM. Its primary purpose is to run \fBvlmcsd\fR(8) in a small virtual machine which makes it easy to use \fBvlmcsd\fR(8) to activate the virtual machine's host computer which is not possible in Windows 8.1 and up. The floppy image is a standard 3,5" floppy with 1.44 MB storage. It is formatted with a FAT12 filesystem. The floppy can be mounted to apply several customizations.
.SH SUPPORTED HYPERVISORS
The floppy image has been tested with the following hypervisors:
.IP
VMWare, VirtualBox, Hyper-V and QEMU
.RE
Others are likely to work.
.SH SETUP
Create a new virtual machine. Assign 16 MB of RAM. Add a floppy drive and attach \fBfloppy144.vfd\fR to this drive. Do not create a virtual hard disk. Setup the virtual machine to boot from a floppy drive (VirtualBox has floppy boot disabled by default). If possible, setup a virtual machine with plain old BIOS (not UEFI). If you created an UEFI virtual machine, enable the compatibility support mode (CSM) to allow a BIOS compatible boot. Set number of CPUs to 1. The Linux kernel is not capable of SMP. Remove IDE, SATA, SCSI and USB support if possible. The Linux kernel can't handle this and ignores any devices connected to these buses.
Setup an ethernet card. The following models are supported:
.IP
Intel PRO/1000
.br
AMD PCNET III
.br
AMD PCNET32
.br
VMWare vmxnet3 (paravirtualized driver used by VMWare)
.br
virtio (paravirtualized driver used by VirtualBox, QEMU, KVM and lguest)
.RE
Most hypervisors emulate an Intel PRO/1000 or AMD PCNET32 by default. Selecting a paravirtualized driver slightly improves performance. In VirtualBox you can simply select virtio in the network configuration dialog. VMWare requires that you add or change the VMX file. Use 'ethernet0.virtualDev\ =\ "vmxnet3"' in your VMWare config file.
If you are using QEMU, you must also setup a TAP adapter. Port redirection does not work to activate your own computer.
.SH CONFIGURATION
\fBfloppy144.vfd\fR can be customized to fit your needs. This is done by editing the file syslinux.cfg on the floppy image. The floppy image must be mounted. Under Linux you can simply attach \fBfloppy144.vfd\fR to a loop device which is mountable like any other block device. For Windows you must use some software that allows mounting a floppy image, e.g.
.URL http://www.osforensics.com/tools/mount-disk-images.html OSFMount ""
OSFMount works under all Windows versions beginning with Windows XP up to Windows 10 (32- and 64-bit).
The default syslinux.cfg file looks like this:
.IP
.br
.SM
prompt 0
.br
.SM
TIMEOUT 50
.br
.SM
default dhcp
.br
.SM
LABEL dhcp
.br
.SM
\0\0KERNEL bzImage
.br
.SM
\0\0APPEND vga=773 quiet initrd=initrd KBD=us LISTEN=[::]:1688,0.0.0.0:1688 TZ=UTC0 IPV4_CONFIG=DHCP NTP_SERVER=pool.ntp.org HOST_NAME=vlmcsd ROOT_PASSWORD=vlmcsd USER_NAME=user USER_PASSWORD=vlmcsd GUEST_PASSWORD=vlmcsd INETD=Y WINDOWS=06401-00206-271-395032-03-1033-9600.0000-1652016 OFFICE2010=06401-00096-199-204970-03-1033-9600.0000-1652016 OFFICE2013=06401-00206-234-921934-03-1033-9600.0000-1652016 HWID=36:4F:46:3A:88:63:D3:5F
.SM
LABEL static
.br
.SM
\0\0KERNEL bzImage
.br
.SM
\0\0APPEND vga=773 quiet initrd=initrd KBD=fr LISTEN=[::]:1688,0.0.0.0:1688 TZ=CET-1CEST,M3.5.0,M10.5.0/3 IPV4_CONFIG=STATIC IPV4_ADDRESS=192.168.20.123/24 IPV4_GATEWAY=192.168.20.2 IPV4_DNS1=192.168.20.2 IPV4_DNS2=NONE NTP_SERVER=pool.ntp.org HOST_NAME=vlmcsd ROOT_PASSWORD=vlmcsd USER_NAME=user USER_PASSWORD=vlmcsd GUEST_PASSWORD=vlmcsd INETD=Y
.PP
There are two configurations in this files: \fIdhcp\fR (for configuring the IPv4 network via DHCP) and \fIstatic\fR (for a static IPv4 configuration). The kernel always boots the \fIdhcp\fR configuration without asking (lines 'prompt 0' and 'default dhcp'). You can simply change the default configuration to \fIstatic\fR and then customize the APPEND line in the \fIstatic\fR configuration. For more details how to customize the syslinux.cfg file see \fBsyslinux\fR(1).
Each APPPEND line contains one or more items seperated by spaces. \fBAll items are case-sensitive\fR. The following parameters can be customized:
.IP \fBvga=\fIvesa-video-mode\fR
Sets the VESA display mode for the virtual machine. The parameter is not optional. If you ommit it, you will not see anything on the screen. 773 means 1024x768 with 256 colors. See
.URL https://en.wikipedia.org/wiki/VESA_BIOS_Extensions#Linux_video_mode_numbers Wikipedia ""
for more video modes. Note that all 16 color (4-bit) modes will not work. Use 8-bit (256 colors), 16-bit (65536 colors), 24-bit and 32-bit (> 16 Million colors) only. All modes above 1280x1024 are non-VESA-standard and vary for all (virtual) graphic cards.
.IP \fBquiet\fR
This causes the kernel not display the its log during boot. You may omit \fBquiet\fR but it doesn't make much sense. The boot log is actually very verbose and scrolls away from screen quickly. If any errors occur during boot, they will be displayed even if \fBquiet\fR is present in the APPEND line. You may evaluate the complete boot log later by using the dmesg command or the menu on /dev/tty8.
.IP "\fBinitrd=\fIinitial-ram-disk-file\fR"
This defines the initial ram disk that the kernel will read. There is only one initial ram disk on the floppy thus leave \fIinitrd=initrd\fR as it is.
.IP "\fBKBD=\fIkeyboard-layout-name\fR"
This allows you to select the keyboard layout. \fIkeyboard-layout-name\fR is usually the ISO 3166-1 (top level domain) code for a country. A list of valid \fIkeyboard-layout-name\fRs can be accessed via the menu system on /dev/tty8 (press ALT-F8). Note, that this is a keyboard driver only. There is no Unicode font support in \fBfloppy144.vfd\fR (due to the fact that the kernel uses a generic VESA framebuffer device only). Characters beyond ASCII work for Western European languages only but not Eastern European, Greek, Cyrillic, Arabic, Hebrew, CJK and other languages. There is no need in \fBfloppy144.vfd\fR to enter any characters outside ASCII. The purpose of the keyboard maps are that you will find characters like dash, backslash, brackets, braces, etc. at the usual place on your keyboard.
.IP "\fBLISTEN=\fRPRIVATE[:\fItcp-port\fR] | \fIip-address\fR[:\fItcp-port\fR][,\fIip-address\fR[:\fItcp-port\fR]][,...]"
One or more combinations of IP addresses and optional TCP port seperated by commas that \fBvlmcsd\fR(8) should listen on or PRIVATE to listen on all private IP addresses only. The default port is 1688. If you use an explicit port number, append it to the IP address seperated by a colon. If you use a port number and the IP address contains colons, you must enclose the IP address in brackets. For example \fI192.168.0.2,[fd00::dead:beef]:5678\fR causes \fBvlmcsd\fR(8) to listen on 192.168.0.2 port 1688 and fd00::dead:beef port 5678.
.IP "\fBWINDOWS=\fIepid\fR"
Defines the ePID that is used for Windows activations. If you ommit this parameter, vlmcsd generates a random ePID when it is started.
.IP "\fBOFFICE2010=\fIepid\fR"
Defines the ePID that is used for Office 2010 activations. If you ommit this parameter, \fBvlmcsd\fR(8) generates a random ePID when it is started.
.IP "\fBOFFICE2013=\fIepid\fR"
Defines the ePID that is used for Office 2016 activations. If you ommit this parameter, \fBvlmcsd\fR(8) generates a random ePID when it is started.
.IP "\fBOFFICE2016=\fIepid\fR"
Defines the ePID that is used for Office 2016 activations. If you ommit this parameter, \fBvlmcsd\fR(8) generates a random ePID when it is started.
.IP "\fBOFFICE2019=\fIepid\fR"
Defines the ePID that is used for Office 2019 activations. If you ommit this parameter, \fBvlmcsd\fR(8) generates a random ePID when it is started.
.IP "\fBWINCHINAGOV=\fIepid\fR"
Defines the ePID that is used for Windows China Government Edition activations (Enterprise G/GN). If you ommit this parameter, \fBvlmcsd\fR(8) generates a random ePID when it is started.
.IP "\fBHWID=\fIhwid\fR"
Defines the HwId that is sent to clients. \fIhwid\fR must be specified as 16 hex digits that are interpreted as a series of 8 bytes (big endian). Any character that is not a hex digit will be ignored. This is for better readability.
.IP "\fBTZ=\fIposix-time-zone-string\fR"
Set the time zone to \fIposix-time-zone-string\fR. It must conform to the
.URL http://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html POSIX
specification. Simplified time zone strings like "Europe/London" or "America/Detroit" are not allowed. This has the very simple reason that there is no space on the floppy to store the time zone database.
The string \fICET-1CEST,M3.5.0,M10.5.0/3\fR (most countries in Europe) reads as follows:
.RS 7
.IP \fICET\fR 10
The standard (winter) time zone has the name CET.
.IP \fI-1\fR 10
The standard time zone is one hour east of UTC. Negative numbers are east of UTC. Positive numbers are west of UTC.
.IP \fICEST\fR 10
The daylight saving (summer) time zone has the name CEST.
.IP \fIM3.5.0\fR 10
Daylight saving time starts in the 3rd month (March) on the 5th (=last) occurence of weekday 0 (Sunday) at 2 o'clock (2 o'clock is a default value).
.IP \fIM10.5.0/3\fR 10
Daylight saving time ends in the 10th month (October) on the 5th (=last) occurence of weekday 0 (Sunday) at 3 o'clock.
.RE
.IP
If you don't have daylight saving time, things are easier. For Chinese Standard Time for example, just use \fICST-8\fR as the time zone string.
On a Linux desktop system, you can use a command like \fBstrings\ /usr/share/zoneinfo/America/New_York\ |\ tail\ -n1\fR. This should return \fIEST5EDT,M3.2.0,M11.1.0\fR. You can use the returned string for the \fBTZ=\fIposix-time-zone-string\fR parameter.
.IP "\fBIPV4_CONFIG=\fRDHCP | STATIC\fR"
This determines how you want to configure IPv4 networking. If you use \fBIPV4_CONFIG=\fRSTATIC, you must supply additional paramaters to the APPEND command line.
.IP "\fBIPV4_ADDRESS=\fIipv4-address\fR/\fICIDR-mask\fR"
Use \fIipv4-address\fR with netmask \fICIDR-mask\fR for static IPv4 configuration. The netmask must not be ommitted. For IPv4 address 192.168.12.17 with a netmask of 255.255.255.0 use \fI192.168.12.17/24\fR. For IPv4 address 10.4.0.8 with a netmask of 255.255.0.0 use 10.4.0.8/16. This paramater is ignored, if you used \fBIPV4_CONFIG=\fRDHCP.
.IP "\fBIPV4_GATEWAY=\fIipv4-address\fR | NONE"
Use \fIipv4-address\fR as the default gateway. This is usually the IPv4 address of your router. You may specify NONE explicitly for no gateway. In this case your virtual machine is only visible on its local LAN. This paramater is ignored, if you used \fBIPV4_CONFIG=\fRDHCP.
.IP "\fBIPV4_DNS1=\fIipv4-address\fR | NONE"
Use \fIipv4-address\fR as the primary name server. In home networks this is often the IPv4 address of your router. You may specify NONE explicitly. If you specified NONE for both \fBIPV4_DNS1=\fR and \fBIPV4_DNS2=\fR, your virtual machine cannot resolve host names to IP addresses. While \fBvlmcsd\fR(8) works perfectly without DNS servers, you must use IP addresses when referring to a host, e.g. for specifying an NTP server. This paramater is ignored, if you used \fBIPV4_CONFIG=\fRDHCP.
.IP "\fBIPV4_DNS2=\fIipv4-address\fR | NONE"
Use \fIipv4-address\fR as the secondary name server. It serves as a backup if the primary name server is not available. Home networks often don't have a secondary name server. In this case set this to NONE. This paramater is ignored, if you used \fBIPV4_CONFIG=\fRDHCP.
.IP "\fBNTP_SERVER=\fIhost-name\fR | \fIipv4-address\fR | NONE"
This sets the name of a time server using the NTP protocol. If your virtualization environment reliably provides time, you can set this to NONE. Don't use a public time service like pool.ntp.org or time.nist.gov if you have a (at least somewhat reliable) NTP server in your LAN.
.IP "\fBHOST_NAME=\fIhost-name\fR"
Sets the local host name for your virtual machine. It can be a single name or a fully-qualified domain name FQDN. If you used \fBIPV4_CONFIG=\fRDHCP and your DHCP server returns a domain name, the domain part of an FQDN will be replaced by that name. This host name or host part of an FQDN will not replaced by a host name returned via DHCP. The host name is not important for the operation of \fBfloppy144.vfd\fR.
.IP "\fBROOT_PASSWORD=\fIpassword\fR"
Sets the password of the root user.
.IP "\fBUSER_NAME=\fIusername\fR"
Sets the name of for a general user with no special privileges. This user can login but can't do much.
.IP "\fBUSER_PASSWORD=\fIpassword\fR"
Sets the password for the user defined by \fBUSER_NAME=\fIusername\fR.
.IP "\fBGUEST_PASSWORD=\fIpassword\fR"
Sets the password for the pre-defined guest user. This user has the same priviliges (none) as the user defined by \fBUSER_NAME=\fIusername\fR.
.IP "\fBINETD=\fRY | N"
\fBINETD=\fRY specifies that \fBinetd\fR(8) should automatically be started. That means you can telnet and ftp to your virtual machine.
.IP "\fBVLMCSD_EXTRA_ARGS=\fR\fIcomma-seperated-argument-list\fR"
Allows you to specify additional command line options that will be passed to \fBvlmcsd\fR(8). Instead of spaces you use commas between arguments. Example: \fBVLMCSD_EXTRA_ARGS=\fR\-c1,-K3,-M1
.SH OPERATION
.SS Diskless System
The \fBfloppy144.vfd\fR virtual machine is a diskless system that works entirely from RAM. The file system is actually a RAM disk that is created from the \fBinitrd\fR(4) file on the floppy image.
Anything you'll do from inside the virtual machine, for instance editing a config file, will be lost when you reboot the machine. So, if you ever asked yourself if \fBrm -fr /\fR (root privileges required) really deletes all files from all mounted partitions, the \fBfloppy144.vfd\fR VM is the right place to test it (Yes, it does).
The VM uses a RAM disk, because the Linux kernel had to be stripped down to essential features to fit on a 1.44 MB floppy. It has no floppy driver, no disk file system drivers and no block layer (cannot use disks of any type).
.SS System startup
The kernel boots up very quickly and the init script (/sbin/init) waits 5 seconds. In these 5 seconds you can:
.IP
Press 'm' to manually enter the time zone and the IPv4 parameters. These will be queried interactively.
.br
Press 't' to manually enter the time zone only.
.br
Press 's' to escape to a shell.
.RE
If you don't want to 5 seconds for continuing the init process, you can press any other key to speed things up. At the end of the init script you should see that\fBvlmcsd\fR(8) has started. You should also see the IP addresses and all user names and passwords.
.SS Logging into the system
There are 5 local logins provided on /dev/tty2 to /dev/tty6. To switch to these logins, simply press ALT\-F2 to ALT\-F6. To return to the console on /dev/tty1, press ALT\-F1. If \fBinetd\fR(8) is running you can also use \fBtelnet\fR(1). This allows you use a terminal program (e.g. putty) that can utilize your keyboard layout, can be resized and has full UTF-8 support. The local terminals support US keyboard layout only. Please be aware that \fBtelnet\fR(1) is unencrypted and everything including passwords is transmitted in clear text. There is not enough space for an ssh server like \fBsshd\fR(8) or \fBdropbear\fR(8).
The floppy image only provides basic Unix commands. Type \fIbusybox\fR or \fIll /bin\fR to get a list. The only editor available is \fBvi\fR(1). If you don't like vi, you may transfer config files via \fBftp\fR(1) edit them with the editor of your choice and transfer them back to the \fBfloppy144.vfd\fR VM.
.SS The menu system
You'll find a menu system on /dev/tty8 (press ALT\-F8 to see it). It allows you performing some administrative tasks and to view various system information. It is mainly for users that do not have much experience with Unix commands.
.IP "\fB1) (Re)start vlmcsd\fR"
Starts or restarts \fBvlmcsd\fR(8). This is useful if you changed \fB/etc/vlmcsd.ini\fR(5).
.IP "\fB2) Stop vlmcsd\fR"
Stops \fBvlmcsd\fR(8).
.IP "\fB3) (Re)start inetd\fR"
Starts or restarts \fBinetd\fR(8). If \fBinetd\fR(8) is restarted, current clients connected via \fBtelnet\fR(1) or \fBftp\fR(1) will \fBnot\fR be dropped. They can continue their sessions. This is useful if you changed \fB/etc/inetd.conf\fR(5).
.IP "\fB4) Stop inet\fR"
Stops \fBinetd\fR(8). All clients connected via \fBtelnet\fR(1) or \fBftp\fR(1) will be dropped immediately.
.IP "\fB5) Change the time zone\fR"
Just in case you missed pressing 't' during system startup. This also restarts \fBvlmcsd\fR(8) if it was running to notify it that the time zone has changed. Restarting \fBvlmcsd\fR(8) allows currently connected clients to finish their activation.
.IP "\fBk) Change keyboard layout\fR"
This allows you to select a different keyboard layout.
.IP "\fB6) Show all kernel boot parameters\fR"
Shows all parameters passed to the kernel via syslinux.cfg. If you experience any unexpected behavior, you can use this to check if your APPEND line in syslinux.cfg is correct. The output is piped through \fBless(1)\fR. So press 'q' to return to the menu.
.IP "\fB7) Show boot log (dmesg)\fR"
Shows the boot log of the kernel. The output is piped through \fBless(1)\fR. So press 'q' to return to the menu.
.IP "\fB8) Show TCP/IP configuration\fR"
Shows the TCP/IP configuration, listening sockets and current TCP and UDP connections. Useful, if you problems with net connectivity. The output is piped through \fBless(1)\fR. So press 'q' to return to the menu.
.IP "\fB9) Show running processes\fR"
Shows all processes including memory and CPU usage. Display will updated every second. Press 'q' or CTRL-C to return to the menu.
.IP "\fBs) Shutdown\fR"
Shuts down the \fBfloppy144.vfd\fR virtual machine. Proper shutdown is not required. It is ok to use a hard power off in your virtualization program.
.IP "\fBr) Reboot\fR"
Reboots the \fBfloppy144.vfd\fR virtual machine. Proper reboot is not required. It is ok to use a hard reset in your virtualization program.
.SH PERMANENT CHANGES OF INITRD
If you want to change any file or script of the file system (e.g. the init script /sbin/init or /etc/vlmcsd.ini), you'll need to mount the floppy image, unpack the \fBinitrd\fR(4) file, make any modfications you like, create a new \fBinitrd\fR(4) file and copy it to the mounted floppy.
To unpack the \fBinitrd\fR(4) file you'll need \fBxz\fR(1) (or \fBlzma\fR(1) on older unix-like OSses) and \fBcpio\fR(1). These can be installed using your package manager on all major distros. It is ok to use the BSD version of \fBcpio\fR(1). No need to get the GNU version for BSD users.
Provided the floppy is mounted in /mnt/floppy do the following:
.IP "Create an empty directory"
mkdir ~/vlmcsd-floppy-initrd
.IP "cd into that directory"
cd ~/vlmcsd-floppy-initrd
.IP "Unpack initrd"
cat /mnt/floppy/initrd | unlzma | cpio -i
.RE
After applying your changes build a new \fBinitrd\fR(4) file:
.IP "cd into your directory"
cd ~/vlmcsd-floppy-initrd
.IP "Create the packed file"
find . | cpio -o -H newc | lzma > /mnt/floppy/initrd
.RE
Do not try to use 'lzma -9' to achive better compression. The kernel can't read the resulting file. While customizing the \fBinitrd\fR(4) file works on almost any unix-like OS, it does not work on Windows even not with Cygwin. The reason is that the NTFS file system can't handle uids and gids. These cannot be preserved when unpacking the \fBcpio\fR(1) archive to NTFS. If you use the WSL subsystem of Windows 10 Redstone (Anniversary Update) and later, you must make sure to unpack the \fBinitrd\fR(4) file to a directory on VolFs (normally everything that is \fBnot\fR mounted under /mnt). The \fBinitrd\fR(4) file can be on a VolFs or DriveFs.
.SH FAQ
.SS On what distro is the floppy image based?
None. Besides the boot loader \fBldlinux.sys\fR, there are only three binaries: The Linux kernel \fBbzImage\fR, \fBbusybox\fR(1) and \fBvlmcsdmulti-x86-musl-static\fR. \fBbzImage\fR and \fBbusybox\fR(1) have been compiled with carefully selected configuration parameters not found in any distro. This was neccesary to fit everything on a 1.44 MB floppy.
.SS Why is a rather old Linux kernel (3.12) used?
Linux 3.12 is the last kernel that can be booted with 16 MB of RAM. Beginning with Linux 3.13 it requires much more memory (about 80 MB) to boot. The floppy image is regularly tested with newer kernels. Everything works except that you need to assign much more main memory to the virtual machine.
.SS Can the floppy be booted on bare metal?
Basically yes. However, only Intel Pro/1000 and AMD PCNET32 ethernet cards are supported by the kernel. In addition there is no USB support compiled into the kernel. That means you can only use an IBM AT or IBM PS/2 keyboard which are not available on newer hardware.
.SH FILES
\fBsyslinux.cfg\fR, \fBvlmcsd.ini\fR(5)
.SH BUGS
IPv6 cannot be configured with static or manual parameters.
.br
DHCPv6 is not supported.
.br
\'ip route add ...' does not work. Use 'route add ...' instead.
.SH AUTHOR
\fBfloppy144.vfd\fR has been created by Hotbird64
.SH CREDITS
Linus Torvalds et al. for the Linux kernel
.br
Erik Andersen et al. for the original uClibc
.br
Waldemar Brodkorb et al. for uClibc-ng
.br
Denys Vlasenko et al. for BusyBox
.br
H. Peter Anvin et al. for SYSLINUX
.SH SEE ALSO
\fBvlmcsd\fR(8), \fBvlmcsd.ini\fR(5), \fBinitrd\fR(4), \fBbusybox\fR(1), \fBsyslinux(1)\fR

145
sources/man/vlmcsd.7 Normal file
View File

@@ -0,0 +1,145 @@
.TH VLMCSD 7 "March 2016" "Hotbird64" "KMS Activation Manual"
.SH NAME
vlmcsd\ \-\ a guide to KMS activation using vlmcsd
.SH SYNOPSIS
.B vlmcsd
[
.IR "options" " ]
.SH DESCRIPTION
This manual describes the concepts of Microsoft KMS activation using \fBvlmcsd\fR. For detailed usage of \fBvlmcsd\fR see \fBvlmcsd\fR(8).
.SS What is KMS?
KMS is a way to activate Microsoft products that was designed for medium and large businesses. In a standard SOHO environment you enter a product key during installation and then activate your product over the Internet. This is done by sending a request to a server at microsoft.com which then either grants or refuses activation.
.PP
By entering a special key called General Volume License Key (\fBGVLK\fR), a.k.a "KMS client key", the product no longer asks the Microsoft server for activation but a user-defined server (called the KMS server) which usually resides in a company's intranet. \fBvlmcsd\fR is an independent open source implementation of a KMS server that is available for everyone while Microsoft gives their KMS server only to corporations that signed a so called "Select contract". In addition \fBvlmcsd\fR never refuses activation while the Microsoft KMS server only activates the products the customer has paid for.
.PP
Product activation using \fBvlmcsd\fR is performed in three easy steps:
.IP 1) 3
Run \fBvlmcsd\fR (or any other KMS emulator) on a computer in your network. This will be your KMS server. New users should simply run the program without any parameters. The defaults should fit the needs of most users.
.IP 2) 3
Install your product and enter the GVLK when you are asked for a key
.IP 3) 3
Configure your client (the machine where you installed your product) to use your KMS server.
.PP
However, when it comes to the details, some things turn out to be more difficult than you might think.
.PP
The most important thing to know is that KMS activation is not permanent. The computer remains activated for 180 days (30 or 45 days with consumer-only products). KMS activation however is not an evaluation license. You can repeat the activation anytime and as often as you like to extend activation to another 180 days. This normally happens automatically. For this to work, you have to ensure that a KMS server is always reachable for the clients on your network.
.PP
Beginning with Windows 8.1 the KMS server must be a different computer than the client. You cannot use \fBvlmcsd\fR on the same computer where you want to activate a product. If you have only one computer, you can run \fBvlmcsd\fR in a virtual machine. \fBvlmcsd\fR is also designed to run on "always-on devices", for example a router. The router becomes your KMS server then.
.SS How to get a GVLK?
That is relatively simple. The GVLKs are published on Microsoft's Technet web site.
.PP
Windows: http://technet.microsoft.com/en-us/library/jj612867.aspx
.br
Office 2010: http://technet.microsoft.com/en-us/library/ee624355(v=office.14).aspx#section2_3
.br
Office 2013: http://technet.microsoft.com/en-us/library/dn385360.aspx
.PP
These lists only include products that Microsoft sells to corporations via volume license contracts. For Windows there are inofficial GVLKs that work with consumer-only versions of Windows. Here is a list:
.PP
TX9XD\-98N7V\-6WMQ6\-BX7FG\-H8Q99 - Windows 10 Home
.br
3KHY7\-WNT83\-DGQKR\-F7HPR\-844BM - Windows 10 Home N
.br
7HNRX\-D7KGG\-3K4RQ\-4WPJ4\-YTDFH - Windows 10 Home Single Language
.br
PVMJN\-6DFY6\-9CCP6\-7BKTT\-D3WVR - Windows 10 Home Country Specific
.br
789NJ\-TQK6T\-6XTH8\-J39CJ\-J8D3P - Windows 8.1 Professional with Media Center
.br
M9Q9P\-WNJJT\-6PXPY\-DWX8H\-6XWKK - Windows 8.1 Core
.br
7B9N3\-D94CG\-YTVHR\-QBPX3\-RJP64 - Windows 8.1 Core N
.br
BB6NG\-PQ82V\-VRDPW\-8XVD2\-V8P66 - Windows 8.1 Core Single Language
.br
NCTT7\-2RGK8\-WMHRF\-RY7YQ\-JTXG3 - Windows 8.1 Core Country Specific
.br
GNBB8\-YVD74\-QJHX6\-27H4K\-8QHDG - Windows 8 Professional with Media Center
.br
BN3D2\-R7TKB\-3YPBD\-8DRP2\-27GG4 - Windows 8 Core
.br
8N2M2\-HWPGY\-7PGT9\-HGDD8\-GVGGY - Windows 8 Core N
.br
2WN2H\-YGCQR\-KFX6K\-CD6TF\-84YXQ - Windows 8 Core Single Language
.br
4K36P\-JN4VD\-GDC6V\-KDT89\-DYFKP - Windows 8 Core Country Specific
.PP
The above keys require activation renewal every 45 days (Win 8.1) or 30 days (Win 8). All GVLKs from the Microsoft Technet web site require renewal every 180 days.
.SS What are SLMGR and OSPP and how to use them?
You will need these utilities later. So please continue reading this section.
.PP
These are two Visual Basic script utilities that are used to control Microsoft's Software Protection system. To use them open a Windows Command Prompt. slmgr.vbs is for Windows. ospp.vbs is for Office 2010 and 2013. These utilities are installed with Windows and Office and you don't need to download them.
.PP
slmgr.vbs resides in the system32 directory. So you just have to type "slmgr" in the Windows Command prompt to use it. To use ospp.vbs you'll have to change the current directory to your Office installation. This is usually something like "C:\eProgram\ Files\eMicrosoft\ Office\eOffice14". You may type "slmgr" or "cscript ospp.vbs" without parameters to see help for these commands but this produces some rather confusing output for newbies.
.SS How to get the GVLK into the product?
Normally every product asks you to enter a key during installation. At this time simply enter the GVLK. If you skipped this step or entered some other key which later turned out to be non-working, you can use "slmgr\ /ipk\ \fIGVLK\fR" (Windows) or "cscript ospp.vbs\ /inpkey:\fIGVLK\fR" (Office) at any time.
.IP \fBExamples\fR
slmgr\ /ipk GCRJD\-8NW9H\-F2CDX\-CCM8D\-9D6T9
.br
cscript ospp.vbs\ /inpkey:YC7DK\-G2NP3\-2QQC3\-J6H88\-GVGXT
.SS Why doesn't Office accpet a GVLK?
You'll have to install a volume license (VL) version of Office. Office versions downloaded from MSDN and/or Technet are non-VL.
.SS How to configure a client to use a KMS server?
After you have installed a GVLK you can set your product to use your KMS server. \fBvlmcsd\fR or another KMS server must already be running on your server machine.
.IP "\fBWindows\fR" 5
.PP
Type "slmgr\ /skms\ \fIkms-server\fR[:\fItcp-port\fR]". Example: "slmgr\ /skms\ 192.168.1.17:1688"
.IP "\fBOffice\fR" 5
.IP 1) 3
Type "cscript ospp.vbs\ /sethst:\fIkms-server\fR". Example "cscript ospp.vbs\ /sethst:192.168.1.17"
.IP 2) 3
Type "cscript ospp.vbs\ /setprt:\fItcp-port\fR". Example: cscript ospp.vbs\ /setprt:1688
.PP
\fItcp-port\fR is usually 1688 unless you instructed \fBvlmcsd\fR to use a different port which is rarely necessary.
.SS How to activate my product?
If you have installed a product with GVLK and pointed it to working KMS server like \fBvlmcsd\fR, activation occurs automatically. This may take a while.
.IP "You may type"
slmgr\ /ato
.br
\-or\-
.br
cscript ospp.vbs\ /act
.PP
at any time to speed up that process. You may repeat these commands later to extend your activation for another 180 (45) days.
.SS Does vlmcsd work correctly?
If something does not work, it may have the cause that \fRvlmcsd\fR does not work correctly although this is unlikely. You can test this with the KMS client \fBvlmcs\fR(1). First type "vlmcs" on the same machine where you started \fBvlmcsd\fR. If things are ok, you should see something like this:
.IP
Connecting to 127.0.0.1:1688 ... successful
.br
Sending\ activation\ request\ (KMS\ V4)\ 1\ of\ 1\ \-> 06401\-00206\-296\-206344\-03\-5179\-9600.0000\-3432013
.PP
If anything goes wrong, you'll see an error message. Next try "vlmcs \fIkms-server\fR" from another machine where \fIkms-server\fR is the hostname or IP address of your KMS server. If that fails while it works locally, you'll most likely have to configure your firewall that it accepts incoming connections on TCP port 1688.
.SS Is there an easier way than using OSPP and SLMGR?
Yes and no. KMS activation was designed for large corporations. Thus Microsoft designed KMS in a way that corporations can configure their network infrastructure to fully automate KMS activation. Since this involves DHCP and DNS, it is not that easy to accomplish that for home users. However, if you are using an open source router firmware like OpenWRT or DD-WRT, it is easy to customize DHCP and DNS.
.IP 1) 3
Configure DHCP that it assigns a DNS domain name to your clients (if it doesn't already), e.g. my-home-net.local
.IP 2) 3
Create zone my-home-net.local in your DNS server (if it doesn't exist already).
.IP 3) 3
Add the following records to your DNS
_vlmcs._tcp.my-home-net.local. 10800 IN SRV 100 100 kms1.my-home-net.local.
.br
kms1.my-home-net.local. 10800 IN A 192.168.1.17
Replace 192.168.1.17 with the IP address of your KMS server. If you don't like a cache time of 10800 seconds (3 hours), replace it with another number.
.PP
This causes that clients will find the KMS server automatically.
.SH AUTHOR
This manual page was written by Hotbird64.
.SH SEE ALSO
\fBvlmcsd\fR(8), \fBvlmcs\fR(1)

346
sources/man/vlmcsd.8 Normal file
View File

@@ -0,0 +1,346 @@
.mso www.tmac
.TH VLMCSD 8 "February 2019" "Hotbird64" "KMS Activation Manual"
.LO 8
.SH NAME
vlmcsd \- a fully Microsoft compatible KMS server
.SH SYNOPSIS
.B vlmcsd
[
.IR "options" " ]
.SH DESCRIPTION
\fBvlmcsd\fR is a fully Microsoft compatible KMS server that provides product activation services to clients. It is meant as a drop-in replacement for a Microsoft KMS server (Windows computer with KMS key entered). It currently supports KMS protocol versions 4, 5 and 6.
.PP
\fBvlmcsd\fR is designed to run on POSIX compatible operating systens. It only requires a basic C library with a BSD-style sockets API and either \fBfork\fR(2) or \fBpthreads\fR(7). That allows it to run on most embedded systems like routers, NASes, mobile phones, tablets, TVs, settop boxes, etc. Some efforts have been made that it also runs on Windows.
.PP
Although \fBvlmcsd\fR does neither require an activation key nor a payment to anyone, it is not meant to run illegal copies of Windows. Its purpose is to ensure that owners of legal copies can use their software without restrictions, e.g. if you buy a new computer or motherboard and your key will be refused activation from Microsoft servers due to hardware changes.
.PP
\fBvlmcsd\fR may be started via an internet superserver like \fBinetd\fR(8) or \fBxinetd\fR(8) as well as an advanced init system like \fBsystemd\fR(8) or \fBlaunchd\fR(8) using socket based activation. If \fBvlmcsd\fR detects that \fBstdin\fR(3) is a socket, it assumes that there is already a connected client on stdin that wants to be activated.
All options that control setting up listening sockets will be ignored when in inetd mode. The sockets will be set up by your internet superserver. You also cannot limit the number of simultanous clients (option \fB-m\fR). You need to configure the limit in your internet superserver.
The followong features that require that vlmcsd is permanently loaded will not work if started from an internet superserver:
.IP
You cannot maintain a client list (option \fB-M1\fR)
.IP
EPID Randomization Level 1 (option \fB-r1\fR) works like Level 2 (\fB-r2\fR). You may want to use Level 0 (\fB-r0\fR) or custom EPIDs (options \fB-w\fR, \fB-G\fR, \fB-0\fR, \fB-3\fR and \fB-6\fR) instead.
.SH OPTIONS
Since vlmcsd can be configured at compile time, some options may not be available on your system.
.PP
All options that do no require an argument may be combined with a single dash, for instance "vlmcsd -D -e" is identical to "vlmcsd -De". For all options that require an argument a space between the option and the option argument is optional. Thus "vlmcsd -r 2" and "vlmcsd -r2" are identical too.
.IP "\fB-h\fR or \fB-?\fR"
Displays help.
.IP "\fB-V\fR"
Displays extended version information. This includes the compiler used to build vlmcsd, the intended platform and flags (compile time options) to build vlmcsd. If you have the source code of vlmcsd, you can type \fBmake help\fR (or \fBgmake help\fR on systems that do not use the GNU version of \fBmake\fR(1) by default) to see the meaning of those flags.
.IP "\fB-L\fR \fIipaddress\fR[:\fIport\fR]"
Instructs vlmcsd to listen on \fIipaddress\fR with optional \fIport\fR (default 1688). You can use this option more than once. If you do not specify \fB-L\fR at least once, IP addresses 0.0.0.0 (IPv4) and :: (IPv6) are used. If the IP address contains colons (IPv6) you must enclose the IP address in brackets if you specify the optional port, e.g. [2001:db8::dead:beef]:1688.
.PP
.IP
If no port is specified, vlmcsd uses the default port according to a preceding \fB-P\fR option. If you specify a port, it can be a number (1-65535) or a name (usually found in /etc/services if not provided via LDAP, NIS+ or another name service).
.PP
.IP
If you specify a link local IPv6 address (fe80::/10, usually starting with fe80::), it must be followed by a percent sign (%) and a scope id (=network interface name or number) on most unixoid OSses including Linux, Android, MacOS X and iOS, e.g. fe80::1234:56ff:fe78:9abc\fB%eth0\fR or [fe80::1234:56ff:fe78:9abc\fB%2\fR]:1688. Windows (including cygwin) does not require a scope id unless the same link local address is used on more than one network interface. Windows does not accept a name and the scope id must be a number.
.IP "\fB-o \fIlevel\fR"
Sets the \fIlevel\fR of protection against activations from public IP addresses. The default is \fB-o0\fR for no protection.
\fB-o1\fR causes vlmcsd not to listen on all IP addresses but on private IP addresses only. IPv4 addresses in the 100.64.0.0/10 range (see RFC6598) are not treated as private since they can be reached from other users of your ISP. Private IPv4 addresses are 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 and 127.0.0.0/8. vlmcsd treats all IPv6 addresses not within 2000::/3 as private addresses.
If \fB-o1\fR is combined with \fB-L\fR, it will listen on all private IP addresses plus the ones specified by one or more \fB-L\fR statements. If \fB-o1\fR is combined with \fB-P\fR, only the last \fB-P\fR statement will be used.
Using \fB-o1\fR does not protect you if you enable NAT port forwarding on your router to your vlmcsd machine. It is identical to using multiple -L statements with all of your private IP addresses. What \fB-o1\fR does for you, is automatically enumerating your private IP addresses.
\fB-o2\fR does not affect the interfaces, vlmcsd is listening on. When a clients connects, vlmcsd immediately drops the connection if the client has a public IP address. Unlike \fB-o1\fR clients will be able to establish a TCP connection but it will be closed without a single byte sent over the connection. This protects against clients with public IP addresses even if NAT port forwarding is used. While \fB-o2\fR offers a higher level of protection than \fB-o1\fR, the client sees that the KMS TCP port (1688 by default) is actually accepting connections.
If vlmcsd is compiled to use MS RPC, \fB-o2\fR can only offer very poor protection. Control is passed from MS RPC to vlmcsd after the KMS protocol has already been negotiated. Thus a client can always verify that the KMS protocol is available even though it receives an RPC_S_ACCESS_DENIED error message. vlmcsd will issue a warning if \fB-o2\fR is used with MS RPC. \fBFor adaequate protection do not use a MS RPC build of vlmcsd with -o2\fR.
\fB-o3\fR combines \fB-o1\fR and \fB-o2\fR. vlmcsd listens on private interfaces only and if a public client manages to connect anyway due to NAT port forwarding, it will be immediately dropped.
If you use any form of TCP level port forwarding (e.g. \fBnc\fR(1), \fBnetcat\fR(1), \fBssh\fR(1) port forwarding or similar) to redirect KMS requests to vlmcsd, there will be no protection even if you use \fB-o2\fR or \fB-o3\fR. This is due to the simple fact that vlmcsd sees the IP address of the redirector and not the IP address of the client.
\fB-o1\fR (and thus \fB-o3\fR) is not (yet) available in some scenarios:
.RS 12
FreeBSD: There is a longtime unfixed
.URL https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=178881 bug ""
in the 32-bit ABI of the 64-bit kernel. If you have a 64-bit FreeBSD kernel, you must run the 64-bit version of vlmcsd if you use \fB-o1\fR or \fB-o3\fR. The 32-bit version causes undefined behavior up to crashing vlmcsd. Other BSDs (NetBSD, OpenBSD, Dragonfly and Mac OS X) work correctly.
If vlmcsd was started by an internet superserver or was compiled to use Microsoft RPC (Windows only) or simple sockets, \fB-o1\fR and \fB-o3\fR are not available by design.
.RE
.IP "\fB-P\fR \fIport\fR"
Use TCP \fIport\fR for all subsequent \fB-L\fR statements that do not include an optional port. If you use \fB-P\fR and \fB-L\fR, \fB-P\fR must be specified before \fB-L\fR.
.IP "\fB-O\fR \fIvpn-adapter-name\fR[=\fIipv4-address\fR][/\fIcidr-mask\fR][:\fIdhcp-lease-duration\fR]"
Enables a compatible VPN adapter to create additional local IPv4 addresses (like 127.0.0.1) that appear as remote IPv4 addresses to the system. This allows product activation using a local instance of vlmcsd. This feature is only available in Windows and Cygwin builds of vlmcsd since it is not of any use on other operating systems. Compatible VPN adapters are Tap-windows version 8.2 or higher (from OpenVPN) and the TeamViewer VPN adapter. There are two special \fIvpn-adapter-name\fRs. A single period (.) instructs vlmcsd to use the first available compatible VPN adapter. A single dash (\-) disables the use of a VPN adapter if one has been configured in \fBvlmcsd.ini\fR(5). The \fIvpn-adapter-name\fR is \fBnot\fR case-sensitive. If the \fIvpn-adapter-name\fR contains spaces (e.g. Ethernet 3), you must enclose it in quotes.
The default \fIipv4-address\fR is 10.10.10.9 and the default \fIcidr-mask\fR is 30. If you are using the default values, your VPN adapter uses an IPv4 address of 10.10.10.9 and you can set your activation client to use the easy to remember address 10.10.10.10 (e.g. slmgr /skms 10.10.10.10 or cscript ospp.vbs /sethst:10.10.10.10).
The \fIdhcp-lease-duration\fR is a number optionally followed by s, m, h, d or w to indicate seconds, minutes, hours, days or weeks. The default \fIdhcp-lease-duration\fR is 1d (one day). It is normally not required to change this value.
It is advised not to manually configure your OpenVPN TAP or TeamViewer VPN adapter in "Network Connections". If you set the IPv4 configuration manually anyway, the IPv4 address and the subnet mask must match the \fB-O\fR parameter. It is safe leave the IPv4 configuration to automatic (DHCP). vlmcsd will wait up to four seconds for the DHCP configuration to complete before binding to and listenin on any interfaces.
You should be aware that only one program can use a VPN adapter at a time. If you use the TeamViewer VPN adapter for example, you will not be able to use the VPN feature of TeamViewer as long as vlmcsd is running. The same applies to OpenVPN TAP adapters that are in use by other programs (for example OpenVPN, QEMU, Ratiborus VM, aiccu, etc.). The best way to avoid conflicts is to install Tap-Windows from OpenVPN, cd to C:\\Program Files\\TAP-Windows\\bin and run addtap.bat to install an additional TAP adapter. Go to "Network Connections" and rename the new adapter to "vlmcsd" and specify \fB-O vlmcsd\fR to use it.
Example: \fB-O "Ethernet 7"=192.168.123.1/24\fR (uses VPN adapter Ethernet 7 with IPv4 address 192.168.123.1 and have 192.168.123.2 to 192.168.123.254 as additional local (but apparently remote) IPv4 addresses.
.IP "\fB-x0\fR and \fB-x1\fR"
Controls under what circumstances vlmcsd will exit. Using the default of \fB-x0\fR vlmcsd stays active as long as it can perform some useful operations. If vlmcsd is run by any form of a watchdog, e.g. NT service manager (Windows), systemd (Linux) or launchd (Mac OS / iOS), it may be desirable to end vlmcsd and let the watchdog restart it. This is especially true if some pre-requisites are not yet met but will be some time later, e.g. network is not yet fully setup.
By using \fB-x0\fR vlmcsd will
.RS 12
exit if none of the listening sockets specified with \fB-L\fR can be used. It continues if at least one socket can be setup for listening.
exit any TAP mirror thread (Windows version only) if there is an error condition while reading or writing from or to the VPN adapter but continue to work without utilizing a VPN adapter.
.RE
.IP
By using \fB-x1\fR vlmcsd will
.RS 12
exit if not all listening sockets specified with \fB-L\fR can be used.
exit completely if there is a problem with a VPN adapter it is using. This can happen for instance if the VPN adapter has been disabled using "Control Panel - Network - Adapter Settings" while vlmcsd is using it.
.RE
.IP
Please note that \fB-x1\fR is kind of a workaround option. While it may help under some circumstances, it is better to solve the problem at its origin, e.g. properly implementing dependencies in your startup script to ensure all network interfaces and the VPN adapter you will use are completely setup before you start vlmcsd.
.IP "\fB-F0\fR and \fB-F1\fR"
Allow (\fB-F1\fR) or disallow (\fB-F0\fR) binding to IP addresses that are currently not configured on your system. The default is \fB-F0\fR. \fB-F1\fR allows you to bind to an IP address that may be configured after you started \fBvlmcsd\fR. \fBvlmcsd\fR will listen on that address as soon as it becomes available. This feature is only available under Linux (IPv4 and IPv6) and FreeBSD (IPv4 only). FreeBSD allows this feature only for the root user (more correctly: processes that have the PRIV_NETINET_BINDANY privilege). Linux does not require a capability for this.
.IP "\fB-t\fR \fIseconds\fR"
Timeout the TCP connection with the client after \fIseconds\fR seconds. After sending an activation request. RPC keeps the TCP connection for a while. The default is 30 seconds. You may specify a shorter period to free ressources on your device faster. This is useful for devices with limited main memory or if you used \fB-m\fR to limit the concurrent clients that may request activation. Microsoft RPC clients disconnect after 30 seconds by default. Setting \fIseconds\fR to a greater value does not make much sense.
.IP "\fB-m\fR \fIconcurrent-clients\fR"
Limit the number of clients that will be handled concurrently. This is useful for devices with limited ressources or if you are experiencing DoS attacks that spawn thousands of threads or forked processes. If additional clients connect to vlmcsd, they need to wait until another client disconnects. If you set \fIconcurrent-clients\fR to a small value ( <10 ), you should also select a reasonable timeout of 2 or 3 seconds with \fB-t\fR. The default is no limit.
.IP "\fB-d\fR"
Disconnect each client after processing one activation request. This is a direct violation of DCE RPC but may help if you receive malicous fake RPC requests that block your threads or forked processes. Some other KMS emulators (e.g. py-kms) behave this way.
.IP "\fB-k\fR"
Do not disconnect clients after processing an activation request. This selects the default behavior. \fB-k\fR is useful only if you used an ini file (see \fBvlmcsd.ini\fR(5) and \fB-i\fR). If the ini file contains the line "DisconnectClientsImmediately = true", you can use this switch to restore the default behavior.
.IP "\fB-N0\fR and \fB-N1\fR
Disables (\fB-N0\fR) or enables (\fB-N1\fR) the use of the NDR64 transfer syntax in the RPC protocol. Unlike Microsoft vlmcsd supports NDR64 on 32-bit operating systems. Microsoft introduced NDR64 in Windows Vista but their KMS servers started using it with Windows 8. Thus if you choose random ePIDs, vlmcsd will select ePIDs with build numbers 9200 and 9600 if you enable NDR64 and build numbers 6002 and 7601 if you disable NDR64. The default is to enable NDR64.
.IP "\fB-B0\fR and \fB-B1\fR"
Disables (\fB-B0\fR) or enables (\fB-B1\fR) bind time feature negotiation (BTFN) in the RPC protocol. All Windows operating systems starting with Vista support BTFN and try to negotiate it when initiating an RPC connection. Thus consider turning it off as a debug / troubleshooting feature only. Some older firewalls that selectively block or redirect RPC traffic may get confused when they detect NDR64 or BTFN.
.IP "\fB-l\fR \fIfilename\fR
Use \fIfilename\fR as a log file. The log file records all activations with IP address, Windows workstation name (no reverse DNS lookup), activated product, KMS protocol, time and date. If you do not specify a log file, no log is created. For a live view of the log file
type tail -f \fIfile\fR.
.PP
.IP
If you use the special \fIfilename\fR "syslog", vlmcsd uses \fBsyslog\fR(3) for logging. If your system has no syslog service (/dev/log) installed, logging output will go to /dev/console. Syslog logging is not available in the native Windows version. The Cygwin version does support syslog logging.
.IP "\fB-T0\fR and \fB-T1\fR"
Disable (\fB-T0\fR) or enable (\fB-T1\fR) the inclusion of date and time in each line of the log. The default is \fB-T1\fR. \fB-T0\fR is useful if you log to \fBstdout\fR(3) which is redirected to another logging mechanism that already includes date and time in its output, for instance \fBsystemd-journald\fR(8). If you log to \fBsyslog\fR(3), \fB-T1\fR is ignored and date and time will never be included in the output sent to \fBsyslog\fR(3).
.IP "\fB-D\fR"
Normally vlmcsd daemonizes and runs in background (except the native Windows version). If \fB-D\fR is specified, vlmcsd does not daemonize and runs in foreground. This is useful for testing and allows you to simply press <Ctrl-C> to exit vlmcsd.
.PP
.IP
The native Windows version never daemonizes and always behaves as if \fB-D\fR had been specified. You may want to install vlmcsd as a service instead. See \fB-s\fR.
.IP "\fB-e\fR"
If specified, vlmcsd ignores \fB-l\fR and writes all logging output to \fBstdout\fR(3). This is mainly useful for testing and debugging and often combined with \fB-D\fR.
.IP "\fB-v\fR"
Use verbose logging. Logs every parameter of the base request and the base response. It also logs the HWID of the KMS server if KMS protocol version 6 is used. This option is mainly for debugging purposes. It only has an effect if some form of logging is used. Thus \fB-v\fR does not make sense if not used with \fB-l\fR, \fB-e\fR or \fB-f\fR.
.IP "\fB-q\fR"
Do not use verbose logging. This is actually the default behavior. It only makes sense if you use vlmcsd with an ini file (see \fB-i\fR and \fBvlmcsd.ini\fR(5)). If the ini file contains the line "LogVerbose = true" you can use \fB-q\fR to restore the default behavior.
.IP "\fB-p\fR \fIfilename\fR"
Create pid file \fIfilename\fR. This has nothing to do with KMS ePIDs. A pid file is a file where vlmcsd writes its own process id. This is used by standard init scripts (typically found in /etc/init.d). The default is not to write a pid file.
.IP "\fB-u\fR \fIuser\fR and \fB-g\fR \fIgroup\fR"
Causes vlmcsd to run in the specified \fIuser\fR and \fIgroup\fR security context. The main purpose for this is to drop root privileges after it has been started from the root account. To use this feature from cygwin you must run cyglsa-config and the account from which vlmcsd is started must have the rights "Act as part of the operating system" and "Replace a process
level token". The native Windows version does not support these options.
.PP
.IP
The actual security context switch is performed after the TCP sockets have been created. This allows you to use privileged ports (< 1024) when you start vlmcsd from the root account.
.PP
.IP
However if you use an ini, pid or log file, you must ensure that the unprivileged user has access to these files. You can always log to \fBsyslog\fR(3) from an unprivileged account on most platforms (see \fB-l\fR).
.IP "\fB-a\fR \fICSVLK\fR = \fIePID\fR [ / \fIHwId\fR ]"
Use \fIePID\fR and \fIHwId\fR for a specific \fICSVLK\fR. When you use it, \fB-r\fR is disregarded for this \fICSVLK\fR. If vlmcsd uses the default vlmcsd.kmd database, you can use the following \fICSVLK\fRs: Windows, WinChinaGov, Office2010, Office2013, Office2016 and Office2019. The \fB-a\fR option requires that database version 1.6 or later is used.
\fIHwId\fR must be specified as 16 hex digits that are interpreted as a series of 8 bytes (big endian). Any character that is not a hex digit will be ignored. This is for better readability.
.IP "\fB-i\fR \fIfilename\fR"
Use configuration file (aka ini file) \fIfilename\fR. Most configuration parameters can be set either via the command line or an ini file. The command line always has precedence over configuration items in the ini file. See \fBvlmcsd.ini\fR(5) for the format of the configuration file.
If vlmcsd has been compiled to use a default configuration file (often /etc/vlmcsd.ini), you may use \fB-i-\fR to ignore the default configuration file.
.IP "\fB-j\fR \fIfilename\fR"
Use KMS data file \fIfilename\fR. By default vlmcsd only contains the minimum product data that is required to perform all operations correctly. You may use a more complete KMS data file that contains all detailed product names. This is especially useful if you are logging KMS requests. If you don't log, there is no need to load an external KMS data file.
If vlmcsd has been compiled to use a default KMS data file, you may use \fB-j-\fR to ignore the default configuration file.
.IP "\fB-r0\fR, \fB-r1\fR (default) and \fB-r2\fR"
These options determine how ePIDs are generated if
- you did not sprecify an ePID in the command line and
.br
- you haven't used \fB-i\fR or
.br
- the file specified by \fB-i\fR cannot be opened or
.br
- the file specified by \fB-i\fR does not contain an ePID for the KMS request
\fB-r0\fR means there are no random ePIDs. vlmcsd simply issues default ePIDs that are built into the binary at compile time. \fBPro:\fR behaves like real KMS server that also always issues the same ePID. \fBCon:\fR Microsoft may start blacklisting again and the default ePID may not work any longer.
\fB-r1\fR instructs vlmcsd to generate random ePIDs when the program starts or receives a SIGHUP signal and uses these ePIDs until it is stopped or receives another SIGHUP. Most other KMS emulators generate a new ePID on every KMS request. This is easily detectable. Microsoft could just modify sppsvc.exe in a way that it always sends two identical KMS requests in two RPC requests but over the same TCP connection. If both KMS responses contain the different ePIDs, the KMS server is not genuine. \fB-r1\fR is the default mode. \fB-r1\fR also ensures that all three ePIDs (Windows, Office 2010 and Office 2013) use the same OS build number and LCID (language id).
If vlmcsd has been started by an internet superserver, \fB-r1\fR works almost identically to \fB-r2\fR. The only exception occurs if you send more than one activation request over the same TCP connection. This is simply due to the fact that vlmcsd is started upon a connection request and does not stay in memory after servicing a KMS request. Consider using \fB-r0\fR or \fB-w\fR, \fB-G\fR, \fB-0\fR, \fB-3\fR and \fB-6\fR when starting vlmcsd by an internet superserver.
\fB-r2\fR behaves like most other KMS server emulators with random support and generates a new random ePID on every request. \fB-r2\fR should be treated as debugging option only because it allows very easy emulator detection.
.IP "\fB-C\fR \fILCID\fR"
Do not randomize the locale id part of the ePID and use \fILCID\fR instead. The \fILCID\fR must be specified as a decimal number, e.g. 1049 for "Russian - Russia". This option has no effect if the ePID is not randomized at all, e.g. if it is selected from the command line or an ini file.
By default vlmcsd generates a valid locale id that is recognized by .NET Framework 4.0. This may lead to a locale id which is unlikely to occur in your country, for instance 2155 for "Quecha - Ecuador". You may want to select the locale id of your country instead. See
.URL "http://msdn.microsoft.com/en-us/goglobal/bb964664.aspx" "MSDN" ""
for a list of valid \fILCID\fRs. Please note that some of them are not recognized by .NET Framework 4.0.
Most other KMS emulators use a fixed \fILCID\fR of 1033 (English - US). To achive the same behavior in vlmcsd use \fB-C 1033\fR.
.IP "\fB-H\fR \fIHostBuild\fR"
Do not randomize the host build number in the ePID and use \fIHostBuild\fR instead, for instance 17763 for Windows Server 2019 / Windows 10 1809.
.IP "\fB-K0\fR, \fB-K1\fR, \fB-K2\fR and \fB-K3\fR"
Sets the whitelisting level to determine which products vlmcsd activates or refuses. The default is \fB-K0\fR.
.RS 12
\fB-K0\fR: activate all products with an unknown, retail or beta/preview KMS ID.
.br
\fB-K1\fR: activate products with a retail or beta/preview KMS ID but refuse to activate products with an unknown KMS ID.
.br
\fB-K2\fR: activate products with an unknown KMS ID but refuse products with a retail or beta/preview KMS ID.
.br
\fB-K3\fR: activate only products with a known volume license RTM KMS ID and refuse all others.
.RE
.IP ""
The SKU ID is not checked. Like a genuine KMS server vlmcsd activates a product that has a random or unknown SKU ID. If you select \fB-K1\fR or \fB-K3\fR, vlmcsd also checks the Application ID for correctness. If Microsoft introduces a new KMS ID for a new product, you cannot activate it if you used \fB-K1\fR or \fB-K3\fR until a new version of vlmcsd is available.
.IP "\fB-c0\fR and \fB-c1\fR"
\fB-c1\fR causes vlmcsd to check if the client time differs no more than four hours from the system time. \fB-c0\fR (the default) disables this check. \fB-c1\fR is useful to prevent emulator detection. A client that tries to detect an emulator could simply send two subsequent request with two time stamps that differ more than four hours from each other. If both requests succeed, the server is an emulator. If you specify \fB-c1\fR on a system with no reliable time source, activations will fail. It is ok to set the correct system time after you started vlmcsd.
.IP "\fB-M0\fR and \fB-M1\fR"
Disables (\fB-M0\fR) or enables (\fB-M1\fR) maintaining a list of client machine IDs (CMIDs). The default is \fB-M0\fR. \fB-M1\fR is useful to prevent emulator detection. By maintaing a CMID list, vlmcsd reports current active clients exactly like a genuine KMS emulator. This includes bug compatibility to the extent that you can permanently kill a genuine KMS emulator by sending an "overcharge request" with a required client count of 376 or more and then request activation for 671 clients. vlmcsd can be reset from this condition by restarting it. If \fB-M0\fR is used, vlmcsd reports current active clients as good as possible. If no client sends an "overcharge request", it is not possible to detect vlmcsd as an emulator with \fB-M0\fR. \fB-M1\fR requires the allocation of a buffer that is about 50 kB in size. On hardware with few memory resources use it only if you really need it.
If you start vlmcsd from an internet superserver, \fB-M1\fR cannot be used. Since vlmcsd exits after each activation, it cannot maintain any state in memory.
.IP "\fB-E0\fR and \fB-E1\fR"
These options are ignored if you do not also specify \fB-M1\fR. If you use \fB-E0\fR (the default), vlmcsd starts up as a fully "charged" KMS server. Clients activate immediately. \fB-E1\fR lets you start up vlmcsd with an empty CMID list. Activation will start when the required minimum clients (25 for Windows Client OSses, 5 for Windows Server OSses and Office) have registered with the KMS server. As long as the minimum client count has not been reached, clients end up in HRESULT 0xC004F038 "The count reported by your Key Management Service (KMS) is insufficient. Please contact your system administrator". You may use \fBvlmcs\fR(1) or another KMS client emulator to "charge" vlmcsd. \fB-E1\fR does not improve emulator detection prevention. It's primary purpose is to help developers of KMS clients to test "charging" a KMS server.
.IP "\fB-R\fR \fIrenewal-interval\fR"
Instructs clients to renew activation every \fIrenewal-interval\fR. The \fIrenewal-interval\fR is a number optionally immediately followed by a letter indicating the unit. Valid unit letters are s (seconds), m (minutes), h (hours), d (days) and w (weeks). If you do not specify a letter, minutes is assumed.
\fB-R3d\fR for instance instructs clients to renew activation every 3 days. The default \fIrenewal-interval\fR is 10080 (identical to 7d and 1w).
Due to poor implementation of Microsofts KMS Client it cannot be guaranteed that activation is renewed on time as specfied by the -R option. Don't care about that. Renewal will happen well before your activation expires (usually 180 days).
Even though you can specify seconds, the granularity of this option is 1 minute. Seconds are rounded down to the next multiple of 60.
.IP "\fB-A\fR \fIactivation-interval\fR"
Instructs clients to retry activation every \fIactivation-interval\fR if it was
unsuccessful, e.g. because it could not reach the server. The default is 120 (identical to 2h). \fIactivation-interval\fR follows the same syntax as \fIrenewal-interval\fR in the
\fB-R\fR option.
.IP "\fB-s\fR"
Installs vlmcsd as a Windows service. This option only works with the native Windows version and Cygwin. Combine \fB-s\fR with other command line options. These will be in effect when you start the service. The service automatically starts when you reboot your machine. To start it manually, type "net start vlmcsd".
If you use Cygwin, you must include your Cygwin system DLL directory (usually C:\eCygwin\ebin or C:\eCygwin64\ebin) into the PATH environment variable or the service will not start.
You can reinstall the service anytime using vlmcsd -s again, e.g. with a different command line. If the service is running, it will be restarted with the new command line.
When using \fB-s\fR the command line is checked for basic syntax errors only. For example "vlmcsd -s -L 1.2.3.4" reports no error but the service will not start if 1.2.3.4 is not an IP address on your system.
.IP "\fB-S\fR"
Uninstalls the vlmcsd service. Works only with the native Windows version and Cygwin. All other options will be ignored if you include -S in the command line.
.IP "\fB-U\fR [\fIdomain\fR\e]\fIusername\fR"
Can only be used together with \fB-s\fR. Starts the service as a different user than the local SYSTEM account. This is used to run the service under an account with low privileges. If you omit the domain, an account from the local computer will be used.
You may use "NT AUTHORITY\eNetworkService". This is a pseudo user with low privileges. You may also use "NT AUTHORITY\eLocalService" which has more privileges but these are of no use for running vlmcsd.
Make sure that the user you specify has at least execute permission for your executable. "NT AUTHORITY\eNetworkService" normally has no permission to run binaries from your home directory.
For your convenience you can use the special username "/l" as a shortcut for "NT AUTHORITY\eLocalService" and "/n" for "NT AUTHORITY\eNetworkService". "vlmcsd\ \-s\ \-U\ /n" installs the service to run as "NT AUTHORITY\eNetworkService".
.IP "\fB-W\fR \fIpassword\fR"
Can only be used together with \fB-s\fR. Specifies a \fIpassword\fR for the corresponding username you use with -U. SYSTEM, "NT AUTHORITY\eNetworkService", "NT AUTHORITY\eLocalService" do not require a password.
If you specify a user with even lower privileges than "NT AUTHORITY\eNetworkService", you must specify its password. You also have to grant the "Log on as a service" right to that user.
.SH SIGNALS
The following signals differ from the default behavior:
.IP "\fBSIGTERM\fR, \fBSIGINT\fR"
These signals cause vlmcsd to exit gracefully. All global semaphores and shared memory pages will be released, the pid file will be unlinked (deleted) and a shutdown message will be logged.
.IP "\fBSIGHUP\fR"
Causes vlmcsd to be restarted completely. This is useful if you started vlmcsd with an ini file. You can modify the ini file while vlmcsd is running and then sending \fBSIGHUP\fR, e.g. by typing "killall -SIGHUP vlmcsd" or "kill -SIGHUP `cat /var/run/vlmcsd.pid`".
The SIGHUP handler has been implemented relatively simple. It is virtually the same as stopping vlmcsd and starting it again immediately with the following exceptions:
.RS
.IP "\(em" 3
The new process does not get a new process id.
.IP "\(em" 3
If you used a pid file, it is not deleted and recreated because the process id stays the same.
.IP "\(em" 3
If you used the 'user' and/or 'group' directive in an ini file these are ignored. This is because once you switched to lower privileged users and groups, there is no way back. Anything else would be a severe security flaw in the OS.
.RE
Signaling is not available in the native Windows version and in the Cygwin version when vlmcsd runs as a Windows service.
.SH SUPPORTED OPERATING SYSTEMS
\fBvlmcsd\fR compiles and runs on Linux, Windows (no Cygwin required but explicitly supported), Mac OS X, FreeBSD, NetBSD, OpenBSD, Dragonfly BSD, Minix, Solaris, OpenIndiana, Android and iOS. Other POSIX or unixoid OSses may work with unmodified sources or may require minor porting efforts.
.SH SUPPORTED PRODUCTS
\fBvlmcsd\fR can answer activation requests for the following products: Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10 (up to 1809), Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Office 2010, Project 2010, Visio 2010, Office 2013, Project 2013, Visio 2013, Office 2016, Project 2016, Visio 2016, Office 2019, Project 2019, Visio 2019. Newer products may work as long as the KMS protocol does not change. A complete list of fully supported products can be obtained using the \fB-x\fR option of \fBvlmcs\fR(1).
.PP
Windows Vista, Windows 7, Office, Project and Visio must be volume license versions.
.SH FILES
.IP "\fBvlmcsd.ini\fR(5)"
.SH EXAMPLES
.IP "\fBvlmcsd -De\fR"
Starts \fBvlmcsd\fR in foreground. Useful if you use it for the first time and want to see what's happening when a client requests activation.
.IP "\fBvlmcsd -l /var/log/vlmcsd.log\fR"
Starts \fBvlmcsd\fR as a daemon and logs everything to /var/log/vlmcsd.log.
.IP "\fBvlmcsd -L 192.168.1.17"
Starts \fBvlmcsd\fR as a daemon and listens on IP address 192.168.1.17 only. This is useful for routers that have a public and a private IP address to prevent your KMS server from becoming public.
.IP "\fBvlmcsd -s -U /n -l C:\elogs\evlmcsd.log"
Installs \fBvlmcsd\fR as a Windows service with low privileges and logs everything to C:\elogs\evlmcsd.log when the service is started with "net start vlmcsd".
.SH BUGS
An ePID specified in an ini file must not contain spaces.
.SH AUTHOR
Written by crony12, Hotbird64 and vityan666.
With contributions from DougQaid.
.SH CREDITS
Thanks to abbodi1406, CODYQX4, deagles, eIcn, mikmik38, nosferati87, qad, Ratiborus, ...
.SH SEE ALSO
\fBvlmcsd.ini\fR(5), \fBvlmcsd\fR(7), \fBvlmcs\fR(1), \fBvlmcsdmulti\fR(1)

206
sources/man/vlmcsd.ini.5 Normal file
View File

@@ -0,0 +1,206 @@
.TH VLMCSD.INI 5 "October 2018" "Hotbird64" "KMS Activation Manual"
.LO 8
.SH NAME
\fBvlmcsd.ini\fR \- vlmcsd KMS emulator configuration file
.SH SYNOPSIS
.B vlmcsd.ini
.SH DESCRIPTION
\fBvlmcsd.ini\fR (or simply called the "ini file") is a configuration file for \fBvlmcsd\fR(8). By default vlmcsd does not use a configuration file. It is completely optional and for advanced users only. You must use the \fB-i\fR option on the vlmcsd command line to use an ini file. There is no default name or default location for the ini file.
.PP
Everything, that can be configured in the ini file, may also be specified on the command line. Any configuration option specified on the command line takes precedence over the respective configuration line in the ini file.
.PP
\fBBenefits of a configuration file\fR
.PP
While you can use the configuration file to simply modify the default behavior of vlmcsd, it can also be used to change the configuration of vlmcsd after you sent a HUP \fBsignal\fR(7). Whenever you send SIGHUP, the configuration file will be re-read. Any changes you made to the ini file will be reflected after vlmcsd received the hangup signal.
.PP
\fBDifferences between command line and configuration file\fR
.PP
If you specify an illegal option or option argument on the command line, vlmcsd displays help and exits. If you specify an incorrect \fIkeyword\fR or \fIargument\fR in the ini file, vlmcsd displays a warning with some information, ignores the respective line and continues. This is intentional and prevents vlmcsd from aborting after a SIGHUP if the configuration was modified incorrectly.
.SH SYNTAX
vlmcsd.ini is a UTF-8 encoded text file with each line being in the format \fIkeyword\fR = \fIargument\fR. The \fIkeyword\fR is not case-sensitive. The \fIargument\fR is treated literally. It is neither required nor allowed to enclose the \fIargument\fR in any form of quote characters except when quote characters are part of the argument itself. Whitespace characters are ignored only
- at the beginning of a line
.br
- between the \fIkeyword\fR and '='
.br
- between '=' and the \fIargument\fR
Lines, that start with '#' or ';' are treated as comments. Empty lines are ignored as well. If a \fIkeyword\fR is repeated in another line, vlmcsd will use the \fIargument\fR of the last occurence of the \fIkeyword\fR. An exception to this is the Listen \fIkeyword\fR which can be specified multiple times and causes vlmcsd to listen on more than one IP address and/or port.
.PP
Some \fIargument\fRs are binary arguments that need to be either TRUE or FALSE. You can use "Yes", "On" or "1" as an alias for TRUE and "No", "Off" or "0" as an alias for FALSE. Binary arguments are case-insensitive.
.SH KEYWORDS
The following \fIkeyword\fRs are defined (not all keywords may be available depending on the operating system and the options used when \fBvlmcsd\fR(8) was compiled):
.IP "\fBListen\fR"
This defines on what combinations of IP addresses and ports vlmcsd should listen. \fBListen\fR can be specified more than once. The \fIargument\fR has the form \fIipaddress\fR[:\fIport\fR]. If you omit the \fIport\fR, the default port of 1688 is used. If the \fIipaddress\fR contains colons and a \fIport\fR is used, you must enclose the \fIipaddress\fR in brackets. The default is to listen to 0.0.0.0:1688 and [::]:1688 which means listen to all IPv4 and all IPv6 addresses. See the \fB-L\fR option in \fBvlmcsd\fR(8) for more info about the syntax. If you use \fB-L\fR or \fB-P\fR on the command line, all \fBListen\fR keywords in the ini file will be ignored. The \fBListen\fR keyword cannot be used if vlmcsd has been compiled to use Microsoft RPC (Windows and Cygwin only) or simple sockets.
Examples:
Listen = 192.168.1.123:1688
.br
Listen = 0.0.0.0:1234
.br
Listen = [fe80::1721:12ff:fe81:d36b%eth0]:1688
.IP "\fBPort\fR"
Can only be used if vlmcsd has been compiled to use simple sockets or on Windows and Cygwin if \fBvlmcsd\fR(8) has been compiled to use Microsoft RPC. Otherwise you must use \fBListen\fR instead. Causes vlmcsd to listen on that port instead of 1688.
.IP "\fBFreeBind\fR"
Can be TRUE or FALSE. If TRUE, you can use the \fBListen\fR keyword with IP addresses that are currently not defined on your system. \fBvlmcsd\fR(8) will start listening on these IP addresses as soon as they become available. This keyword is only available under Linux and FreeBSD because no other OS currently supports that feature. FreeBSD supports this only for IPv4 and requires the PRIV_NETINET_BINDANY privilege which is normally assigned to proccesses of the root user.
.IP "\fBPublicIPProtectionLevel\fR"
Set the level of protection against KMS activations from public IP addresses.
0 = No protection (default)
.br
1\ =\ Listen on private IP addresses only (plus those specified by one or more \fBListen\fR statements)
.br
2\ =\ Disconnect clients with public IP addresses without activating
.br
3\ =\ Combines 1 and 2
For details on public IP protection levels see \fBvlmcsd\fR(8) command line option \fB-o\fR.
.IP "\fBVPN\fR"
Has to be in the form \fIvpn-adapter-name\fR[=\fIipv4-address\fR][/\fIcidr-mask\fR][:\fIdhcp-lease-duration\fR].
Enables a compatible VPN adapter to create additional local IPv4 addresses (like 127.0.0.1) that appear as remote IPv4 addresses to the system. This allows product activation using a local instance of vlmcsd. This feature is only available in Windows and Cygwin builds of vlmcsd since it is not of any use on other operating systems. Compatible VPN adapters are Tap-windows version 8.2 or higher (from OpenVPN) and the TeamViewer VPN adapter. There is a special \fIvpn-adapter-name\fR. A single period (.) instructs vlmcsd to use the first available compatible VPN adapter. The \fIvpn-adapter-name\fR is \fBnot\fR case-sensitive. If the \fIvpn-adapter-name\fR contains spaces (e.g. Ethernet 3), do \fBnot\fR enclose it in quotes.
The default \fIipv4-address\fR is 10.10.10.9 and the default \fIcidr-mask\fR is 30. If you are using the default values, your VPN adapter uses an IPv4 address of 10.10.10.9 and you can set your activation client to use the easy to remember address 10.10.10.10 (e.g. slmgr /skms 10.10.10.10 or cscript ospp.vbs /sethst:10.10.10.10).
The \fIdhcp-lease-duration\fR is a number optionally followed by s, m, h, d or w to indicate seconds, minutes, hours, days or weeks. The default \fIdhcp-lease-duration\fR is 1d (one day). It is normally not required to change this value.
It is advised not to manually configure your OpenVPN TAP or TeamViewer VPN adapter in "Network Connections". If you set the IPv4 configuration manually anyway, the IPv4 address and the subnet mask must match the \fBVPN=\fR directive. It is safe leave the IPv4 configuration to automatic (DHCP). vlmcsd will wait up to four seconds for the DHCP configuration to complete before binding to and listenin on any interfaces.
You should be aware that only one program can use a VPN adapter at a time. If you use the TeamViewer VPN adapter for example, you will not be able to use the VPN feature of TeamViewer as long as vlmcsd is running. The same applies to OpenVPN TAP adapters that are in use by other programs (for example OpenVPN, QEMU, Ratiborus VM, aiccu, etc.). The best way to avoid conflicts is to install Tap-Windows from OpenVPN, cd to C:\\Program Files\\TAP-Windows\\bin and run addtap.bat to install an additional TAP adapter. Go to "Network Connections" and rename the new adapter to "vlmcsd" and specify \fBVPN=vlmcsd\fR to use it.
.IP "\fBExitLevel"
Can be either 0 (the default) or 1. Controls under what circumstances vlmcsd will exit. Using the default of \fB0\fR vlmcsd stays active as long as it can perform some useful operations. If vlmcsd is run by any form of a watchdog, e.g. NT service manager (Windows), systemd (Linux) or launchd (Mac OS / iOS), it may be desirable to end vlmcsd and let the watchdog restart it. This is especially true if some pre-requisites are not yet met but will be some time later, e.g. network is not yet fully setup.
By using \fBExitLevel = 0\fR vlmcsd will
.RS 12
exit if none of the listening sockets specified with \fB-L\fR can be used. It continues if at least one socket can be setup for listening.
exit any TAP mirror thread (Windows version only) if there is an error condition while reading or writing from or to the VPN adapter but continue to work without utilizing a VPN adapter.
.RE
.IP
By using \fBExitLevel = 1\fR vlmcsd will
.RS 12
exit if not all listening sockets specified with \fB-L\fR can be used.
exit completely if there is a problem with a VPN adapter it is using. This may happen for instance if the VPN adapter has been disabled using "Control Panel - Network - Adapter Settings" while vlmcsd is using it.
.RE
.IP
Please note that \fBExitLevel = 1\fR is kind of a workaround option. While it may help under some circumstances, it is better to solve the problem at its origin, e.g. properly implementing dependencies in your startup script to ensure all network interfaces and the VPN adapter you will use are completely setup before you start vlmcsd.
.IP "\fBUseNDR64\fR"
Can be TRUE or FALSE. Specifies whether you want to use the NDR64 transfer syntax. See options \fB-n0\fR and \fB-n1\fR in \fBvlmcsd\fR(8). The default is TRUE.
.IP "\fBUseBTFN\fR"
Can be TRUE or FALSE. Specifies whether you want to use bind time feature negotiation in RPC. See options \fB-b0\fR and \fB-b1\fR in \fBvlmcsd\fR(8). The default is TRUE.
.IP "\fBRandomizationLevel\fR"
The \fIargument\fR must 0, 1 or 2. This specifies the ePID randomization level. See options \fB-r0\fR, \fB-r1\fR and \fB-r2\fR in \fBvlmcsd\fR(8). The default randomization level is 1. A \fBRandomizationLevel\fR of 2 is not recommended and should be treated as a debugging level.
.IP "\fBLCID\fR"
Use a specific culture id (LCID) even if the ePID is randomized. The \fIargument\fR must be a number between 1 and 32767. While any number in that range is valid, you should use an offcial LCID. A list of assigned LCIDs can be found at http://msdn.microsoft.com/en\-us/goglobal/bb964664.aspx. On the command line you control this setting with option \fB-C\fR.
.IP "\fBHostBuild\fR"
Use a specific host build number in the ePID even if it is randomized. The \fIargument\fR must be a number between 1 and 65535. While you can use any number you should only use build numbers that a released build numbers of Windows Servers, e.g. 17763 for Windows Server 2019.
.IP "\fBMaxWorkers\fR"
The \fIargument\fR specifies the maximum number of worker processes or threads that will be used to serve activation requests concurrently. This is the same as specifying \fB-m\fR on the command line. Minimum is 1. The maximum is platform specific and is at least 32767 but is likely to be greater on most systems. The default is no limit.
.IP "\fBConnectionTimeout\fR"
Used to control when the vlmcsd disconnects idle TPC connections. The default is 30 seconds. This is the same setting as \fB-t\fR on the command line.
.IP "\fBDisconnectClientsImmediately\fR"
Set this to TRUE to disconnect a client after it got an activation response regardless whether a timeout has occured or not. The default is FALSE. Setting this to TRUE is non-standard behavior. Use only if you are experiencing DoS or DDoS attacks. On the command line you control this behavior with options \fB-d\fR and \fB-k\fR.
.IP "\fBPidFile\fR"
Write a pid file. The \fIargument\fR is the full pathname of a pid file. The pid file contains is single line containing the process id of the vlmcsd process. It can be used to stop (SIGTERM) or restart (SIGHUP) vlmcsd. This directive can be overriden using \fB-p\fR on the command line.
.IP "\fBLogFile\fR"
Write a log file. The \fIargument\fR is the full pathname of a log file. On a unixoid OS and with Cygwin you can use the special filename 'syslog' to log to the syslog facility. This is the same as specifying \fB-l\fR on the command line.
.IP "\fBKmsData\fR"
Use a KMS data file. The \fIargument\fR is the full pathname of a KMS data file. By default vlmcsd only contains the minimum product data that is required to perform all operations correctly. You may use a more complete KMS data file that contains all detailed product names. This is especially useful if you are logging KMS requests. If you don't log, there is no need to load an external KMS data file.
You may use \fBKmsData\ =\ \-\fR to prevent the default KMS data file to be loaded.
.IP "\fBLogDateAndTime\fR"
Can be TRUE or FALSE. The default is TRUE. If set to FALSE, logging output does not include date and time. This is useful if you log to \fBstdout\fR(3) which is redirected to another logging mechanism that already includes date and time in its output, for instance \fBsystemd-journald\fR(8). If you log to \fBsyslog\fR(3), \fBLogDateAndTime\fR is ignored and date and time will never be included in the output sent to \fBsyslog\fR(3). Using the command line you control this setting with options \fB-T0\fR and \fB-T1\fR.
.IP "\fBLogVerbose\fR"
Set this to either TRUE or FALSE. The default is FALSE. If set to TRUE, more details of each activation will be logged. You use \fB-v\fR and \fB-q\fR in the command line to control this setting. \fBLogVerbose\fR has an effect only if you specify a log file or redirect logging to \fBstdout\fR(3).
.IP "\fBWhitelistingLevel\fR"
Can be 0, 1, 2 or 3. The default is 0. Sets the whitelisting level to determine which products vlmcsd activates or refuses.
.RS 12
\fB0\fR: activate all products with an unknown, retail or beta/preview KMS ID.
.br
\fB1\fR: activate products with a retail or beta/preview KMS ID but refuse to activate products with an unknown KMS ID.
.br
\fB2\fR: activate products with an unknown KMS ID but refuse products with a retail or beta/preview KMS ID.
.br
\fB3\fR: activate only products with a known volume license RTM KMS ID and refuse all others.
.RE
.IP ""
The SKU ID is not checked. Like a genuine KMS server vlmcsd activates a product that has a random or unknown SKU ID. If you select \fB1\fR or \fB3\fR, vlmcsd also checks the Application ID for correctness. If Microsoft introduces a new KMS ID for a new product, you cannot activate it if you used \fB1\fR or \fB3\fR until a new version of vlmcsd is available.
.IP "\fBCheckClientTime\fR"
Can be TRUE or FALSE. The default is FALSE. If you set this to TRUE \fBvlmcsd\fR(8) checks if the client time differs no more than four hours from the system time. This is useful to prevent emulator detection. A client that tries to detect an emulator could simply send two subsequent request with two time stamps that differ more than four hours from each other. If both requests succeed, the server is an emulator. If you set this to TRUE on a system with no reliable time source, activations will fail. It is ok to set the correct system time after you started \fBvlmcsd\fR(8).
.IP "\fBMaintainClients\fR"
Can be TRUE or FALSE (the default). Disables (FALSE) or enables (TRUE) maintaining a list of client machine IDs (CMIDs). TRUE is useful to prevent emulator detection. By maintaing a CMID list, \fBvlmcsd\fR(8) reports current active clients exactly like a genuine KMS emulator. This includes bug compatibility to the extent that you can permanently kill a genuine KMS emulator by sending an "overcharge request" with a required client count of 376 or more and then request activation for 671 clients. \fBvlmcsd\fR(8) can be reset from this condition by restarting it. If FALSE is used, \fBvlmcsd\fR(8) reports current active clients as good as possible. If no client sends an "overcharge request", it is not possible to detect \fBvlmcsd\fR(8) as an emulator with \fBMaintainClients\fR\~=\~FALSE. Maintaining clients requires the allocation of a buffer that is about 50 kB in size. On hardware with few memory resources use it only if you really need it.
If you start \fBvlmcsd\fR(8) from an internet superserver, this setting cannot be used. Since \fBvlmcsd\fR(8) exits after each activation, it cannot maintain any state in memory.
.IP "\fBStartEmpty\fR"
This setting is ignored if you do not also specify \fBMaintainClients\fR\~=\~TRUE. If you specify FALSE (the default), \fBvlmcsd\fR(8) starts up as a fully "charged" KMS server. Clients activate immediately. \fBStartEmpty\fR\~=\~TRUE lets you start up \fBvlmcsd\fR(8) with an empty CMID list. Activation will start when the required minimum clients (25 for Windows Client OSses, 5 for Windows Server OSses and Office) have registered with the KMS server. As long as the minimum client count has not been reached, clients end up in HRESULT 0xC004F038 "The count reported by your Key Management Service (KMS) is insufficient. Please contact your system administrator". You may use \fBvlmcs\fR(1) or another KMS client emulator to "charge" \fBvlmcsd\fR(8). Setting this parameter to TRUE does not improve emulator detection prevention. It's primary purpose is to help developers of KMS clients to test "charging" a KMS server.
.IP "\fBActivationInterval\fR"
This is the same as specifying \fB-A\fR on the command line. See \fBvlmcsd\fR(8) for details. The default is 2 hours. Example: ActivationInterval\~=\~1h
.IP "\fBRenewalInterval\fR"
This is the same as specifying \fB-R\fR on the command line. See \fBvlmcsd\fR(8) for details. The default is 7 days. Example: RenewalInterval = 3d. Please note that the KMS client decides itself when to renew activation. Even though vlmcsd sends the renewal interval you specify, it is no more than some kind of recommendation to the client. Older KMS clients did follow the recommendation from a KMS server or emulator. Newer clients do not.
.IP "\fBUser\fR"
Run vlmcsd as another, preferrably less privileged, user. The \fIargument\fR can be a user name or a numeric user id. You must have the required privileges (capabilities on Linux) to change the security context of a process without providing any credentials (a password in most cases). On most unixoid OSses 'root' is the only user who has these privileges in the default configuration. This setting is not available in the native Windows version of vlmcsd. See \fB-u\fR in \fBvlmcsd\fR(8). This setting cannot be changed on the fly by sending SIGHUP to vlmcsd.
.IP "\fBGroup\fR"
Run vlmcsd as another, preferrably less privileged, group. The \fIargument\fR can be a group name or a numeric group id. You must have the required privileges (capabilities on Linux) to change the security context of a process without providing any credentials (a password in most cases). On most unixoid OSses 'root' is the only user who has these privileges in the default configuration. This setting is not available in the native Windows version of vlmcsd. See \fB-g\fR in \fBvlmcsd\fR(8). This setting cannot be changed on the fly by sending SIGHUP to vlmcsd.
.IP "\fB<csvlk-name>\fR"
The \fIargument\fR has the form \fIePID\fR [ / \fIHwId\fR ]. Always use \fIePID\fR and \fIHwId\fR for activations with \fB<csvlk-name>\fR. If specified, \fBRandomizationLevel\fR for the \fB<csvlk-name>\fR will be ignored. With the default vlmcsd.kmd database you can use the following \fB<csvlk-name>\fRs: Windows, Office2010, Office2013, Office2016, Office2019 and WinChinaGov. While vlmcsd is compatible with older databases, you must use at least database version 1.6 for this feature to work.
.SH "VALID EPIDS"
The ePID is currently a comment only. You can specify any string up to 63 bytes. In Windows 7 Microsoft has blacklisted few ( < 10 ) ePIDs that were used in KMSv5 versions of the "Ratiborus Virtual Machine". Microsoft has given up on blacklisting when KMS emulators appeared in the wild.
Even if you can use "Activated by cool hacker guys" as an ePID, you may wish to use ePIDs that cannot be detected as non-MS ePIDs. If you don't know how these "valid" ePIDs look like exactly, do not use GUIDS in vlmcsd.ini. vlmcsd provides internal mechanisms to generate valid ePIDs.
If you use non-ASCII characters in your ePID (you shouldn't do anyway), these must be in UTF-8 format. This is especially important when you run vlmcsd on Windows or cygwin because UTF-8 is not the default encoding for most editors.
If you are specifying an optional HWID it follows the same syntax as in the \fB\-H\fR option in \fBvlmcsd\fR(8) ecxept that you must not enclose a HWID in quotes even if it contains spaces.
.SH FILES
.IP "\fBvlmcsd.ini\fR(5)"
.SH AUTHOR
\fBvlmcsd\fR(8) was written by crony12, Hotbird64 and vityan666. With contributions from DougQaid.
.SH CREDITS
Thanks to abbodi1406, CODYQX4, deagles, eIcn, mikmik38, nosferati87, qad, Ratiborus, ...
.SH SEE ALSO
\fBvlmcsd\fR(8), \fBvlmcsd\fR(7), \fBvlmcs\fR(1), \fBvlmcsdmulti\fR(1)

53
sources/man/vlmcsdmulti.1 Normal file
View File

@@ -0,0 +1,53 @@
.TH VLMCSDMULTI 1 "February 2015" "Hotbird64" "KMS Activation Manual"
.LO 1
.SH NAME
vlmcsdmulti \- a multi-call binary containing \fBvlmcs\fR(1) and \fBvlmcsd\fR(8)
.SH SYNOPSIS
\fBvlmcsdmulti\fR vlmcs [ \fIoptions\fR ] [ \fIhostname\fR|\fIip-address\fR[:\fIport\fR] ] [ \fIoptions\fR ] | vlmcsd [ \fIoptions\fR ]
.SH DESCRIPTION
\fBvlmcsdmulti\fR is a multi-call binary that contains \fBvlmcs\fR(1) and \fBvlmcsd\fR(8) in a single binary. Since both programs share a lot of code and data, the combined binary is significantly smaller than the sum of both files.
.PP
\fBvlmcsdmulti\fR should not be called directly. Instead you may want to create symbolic links named vlmcs and vlmcsd which point to \fBvlmcsdmulti\fR. You then use these links to call the respective program. You may however call \fBvlmcsdmulti\fR followed by a complete command line of either \fBvlmcs\fR(1) or \fBvlmcsd\fR(8).
.SS Creating symbolic links in unixoid operating systems
cd to the directory containing \fBvlmcsdmulti\fR and type
.PP
ln -s vlmcsdmulti vlmcsd
.br
ln -s vlmcsdmulti vlmcs
.PP
You may use a destination directory, e.g.
.PP
ln -s vlmcsdmulti /usr/local/sbin/vlmcsd
.br
ln -s vlmcsdmulti /usr/local/bin/vlmcs
.PP
Ensure that \fBvlmcsdmulti\fR has execute permissions. You can do that by typing "chmod 755 vlmcsdmulti". See \fBchmod\fR(1) for details.
.SS Creating symbolic links in Windows (Vista and higher only)
cd to the directory containing \fBvlmcsdmulti\fR and type
.PP
mklink vlmcsd.exe vlmcsdmulti.exe
.br
mklink vlmcs.exe vlmcsdmulti.exe
.PP
You may use a destination directory, e.g.
.PP
mklink C:\\tools\\vlmcsd.exe vlmcsdmulti.exe
.br
mklink C:\\tools\\vlmcs.exe vlmcsdmulti.exe
.SS Memory considerations
While you definitely save disk space by using \fBvlmcsdmulti\fR you will need more RAM when you run \fBvlmcsdmulti\fR as a daemon (KMS server) instead of vlmcsd. You should consider running \fBvlmcsdmulti\fR via an internet superserver like \fBinetd\fR(8) or \fBxinetd\fR(8).
.SH BUGS
\fBvlmcsdmulti\fR has the same bugs as \fBvlmcs\fR(1) and \fBvlmcsd\fR(8).
.SH AUTHOR
Written by Hotbird64
.SH CREDITS
Thanks to CODYQX4, crony12, deagles, DougQaid, eIcn, mikmik38, nosferati87, qad, vityan666, ...
.SH SEE ALSO
\fBvlmcs\fR(1)\fB, vlmcsd\fR(8)\fB, vlmcsd\fR(7)