Hi,I am getting this error message on all our Windows 2008 DC's:Event ID: 12293 Publishing the Key Management Service (KMS) to DNS in the 'domainname.com' domain failed.Info: hr=0x8007232DThe key that was obtained from Microsoft, is in fact a KMS key.The servers have been activated online and are working fine; they're just logging the above mentioned event.Ideally, I know that we should setup a KMS server; but I would just like to know if we can ignore those Errors - or will it cause a problem sometime in the future?Regards,Tom

Hello Tom Zuk,It sounds like you have setup KMS Host machines ( KMS servers.)Open an elevated cmd prompt and run slmgr /dlv and report back the output.Thanks, Darrell Gorter This posting is provided "AS IS" with no warranties, and confers no rights

Hi, If this is your KMS host, this error can occur if the server does not have the permission to create the SRV record. Right-click on the _TCP zone under the Forward Lookup Zone container, choose "Properties", then on the "Security" tab, add the KMS server and give it the permission "Create All Child Objects." Restart the KMS Server and it will automatically register the SRV record after boot-up. Hope it helps. Tim Quan - MSFT

hi tom,Please follow tim quan's suggestion i would like to add more info With KMS the servers would have to contact the KMS to keep themselves active. This usually happens on a weekly basis and can go upto 180 days without contact. Now if you were to have something go wrong with your KMS key you are solely depending on Microsoft to resolve the issue.Here's a quick list from Ryan Kononoff site:KMS Pros:Activation is automated. New servers will attempt to discover the KMS via DNS (an SRV record) and activate automatically.Internet access is not required as servers only require access to the KMS.KMS Cons:KMS clients must contact the KMS host every 180 days. This means availability is important though it is worth mentioning that the activation grace period still applies.KMS Hosts must renew their activation every 180 days. Again, availability is important.A minimum of 5 KMS clients are required in order to activate KMS.Other notes worth mentioning:The number of required activation keys are reduced by grouping activations: DataCenter/Itanium, Enterprise/Standard, Web, Vista Ent/Bus.And also similar issue was discussed in the below thread.http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/c00cf870-47bb-4d2a-aea9-2b92d694f4f9hope this helpssainath !analyze

Hello Tim,Careful here, that registers the machine with DNS which may not be what he wants to do. Part of his message talks about setting up a KMS server machine, however the error message he is referring to is from a KMS server machine. So if he has used the KMS host key to setup multiple KMS host machines, and we enable them all to register with DNS he could have future problems.1) he could be using all his KMS host keys activations on machines which he may or may not want to be KMS hosts in the future2) With multiple KMS host machines, now the KMS clients, may not be able to activate seeing how there could be multiple KMS host machines so the count could be spread amonst different KMS hosts. Depending on many of the DC's they activated, this would be the number of KMS hosts available for KMS clients to find. Plus that removes those machines from the pool of potential KMS clients3) If that is not what he intended, he may continue to use the KMS key on additional machines using up all the activations and have additional question later.4) If those machines are not intended to be KMS host machines then at a later date, he will have to clean out the DNS records.Let's get the information about what he really is installing and determine what he really wants to be doing with those machines.Registering those machines with DNS may not be the best solution.Thanks, Darrell Gorter This posting is provided "AS IS" with no warranties, and confers no rights

HI,I have run slmgr /dlv with the following (relevant) results:Description: Windows Operating System - Windows Server (R), Volume_KMS_B channelKey Management Service is enabled on this machineCurrent count: 0Listening on port: 1688DNS publishing enabledKMS Priority: NormalKey Management Service cumulative requests received from clients: these are all '0'So....the one thing I did notice is that the email received from the LAR with the Windows Product Key contained (KMS) in brackets after the Key.I have emailed the LAR to find out why this was not a MAK/VLK instead.All the servers have been activated using the normal online process.We are not currently planning to deploy a KMS server. They simply typed in the Key emailed to them by the LAR.So the main question is: will the current configuration result in any serious issues in the near future? The servers that this KMS error message is appearing is on all the WS08 domain controllers.Regards,Tom

Hello Tom,Those machines are KMS server machines. You used the KMS server key to activate those machines.So you have KMS servers running. The error message is telling you that those servers cannot register their presence in DNS to allow KMS client machines to find them. It does not affect the operation of those machines or any other machines in the near future.The effects of what happened are1) the KMS server key, allows 6 machines to be activated. You have used some of those activation on your DC's, not sure if that is what you would want or not. This may limit the choices later on. THere is nothing wrong with this, these machines can run as KMS server machines2) If you allow those machines to register with DNS, they will KMS activate KMS clients machines, but there are several so the counts will be split amonst the multiple machines, so depending on the number of KMS clients you are planning on having this can affect whether sufficient counts can be reached. The error message is informative, telling you the clients cannot activate since they will not be able to get the correct location of the KMS host machines from the DNS records. This is not a requirement.Thanks, Darrell Gorter This posting is provided "AS IS" with no warranties, and confers no rights

Hi Darrell,So in essence we have 2 options:1) Leave things as they are (and from your feedback, this will not impact the servers in any way, except for the warning messages in Event Log) OR2) Change those servers' KMS keys to VLK/MAK keys and re-activate?Regards,Tom

Hello Tom,That would be correct for either the first or the second option.Thanks, Darrell Gorter This posting is provided "AS IS" with no warranties, and confers no rights

Hi Tom, How are things going? We have not heard back from you in a few days and wanted to check on the status of the issue. Please let us know how things turned out. Tim Quan - MSFT

Hi Tim,Based on the feedback I received, we are going to leave the servers as they are; and in the future the customer will simply use the MAK keys,Thank you,Tom

Thanks for the reply.

You can also disable KMS DNS checking by Running "slmgr.vbs /cdns" in CMD then reboot