Setting up Key Management Server (KMS) on Windows Server 2008

KMS activates computers on a local network, eliminating the need for individual computers to connect to Microsoft. To do this, KMS uses a client–server topology. KMS client computers can locate KMS host computers by using Domain Name System (DNS) or a static configuration. KMS clients contact the KMS host by using remote procedure call (RPC). KMS can be hosted on computers that are running the Windows Vista, Windows 7, Windows Server 2003, Windows Server 2008, or Windows Server 2008 R2 operating systems.

  1. Go to the volume licensing center and grab a copy of the KMS key for your server OS
    1. Navigate to
    2. Login
    3. Select Downloads and Keys
      Volume Licensing Service Center - Downloads and Keys
    4. Select Windows Server
      Volume Licensing Service Center - Windows Server
    5. Finder your server version and click Key
      Volume Licensing Service Center - Windows Server - Key
    6. Copy the KMS type key
  2. Login to the server you want to setup as the KMS server.
  3. Open up a command prompt as an administrator.
  4. Ensure you are in the system32 folder of Windows
    1. cd c:\Windows\System32
      windows - System 32
  5. Execute the following command to setup your license key
    1. cscript slmgr.vbs /ipk WINDOWS-KMS-LICENSE-KEY-HERE
      cscript slmgr ipk
  6. Execute the following command to activate the host
    1. cscript slmgr.vbs /ato
      Activating Windows
  7. Execute the following command to verify the host has the Key Management Service enabled
    1. cscript slmgr.vbs /dlv
      cscript slmgr dlv
  8. Next, we need to open the firewall for the server to accept activation requests
    1. Open up Windows Firewall with Advanced Security
      Windows 8 - Windows Firewall with Advanced Security
    2. Right click on Inbound Rules and select New Rule…
      Windows Firewall with Advanced Security - New Rule
    3. Select Port and click Next >
      New Inboud Rule Wizard - Port
    4. Check TCP, check Specific Local Ports and enter port 1688, click Next >
      New Inboud Rule Wizard - Specific local ports
    5. Check Allow the connection and click Next >
      New Inboud Rule Wizard - Allow the connection
    6. Check Domain and click Next >
      New Inboud Rule Wizard - Domain
    7. Enter a name for the rule and click Finish
      New Inboud Rule Wizard - Rule Name

Congrats!  Your KMS server should now be ready to accept activation requests!


Force sync a single outlook folder when using cached mode

To correct folder synchronization in Outlook 2013 and 2010, simply right-click the folder, select properties. On the General tab of properties, click “Clear Offline Items”, click OK, click OK, then Shift-F9 to force synchronization on the folder. To confirm go into the properties of the folder, select the Synchronization tab verify the Server folder matches the Offline folder.

In Place Upgrade Of Windows Server 2008 R2 Standard To Enterprise Or Datacenter Edition

If you need to upgrade a server running Windows Server 2008 R2 Standard to either the Enterprise, or Datacenter editions, it’s possible to do so online, without re-installing Windows.

Open an elevated command prompt and type DISM /Online /Get-CurrentEdition.  This will return the current Windows version.

Type DISM /Online /Get-TargetEditions to list the Windows editions to which this server can be upgraded.

If you type DISM /Online /Set-Edition:ServerDataCenter you’ll get the message in the screenshot below.  This is because even if you’re using a KMS server for internal activation, you have to provide a product key.  Fortunately, Microsoft have a page that lists the KMS client setup keys  On this page you can find keys for Windows Server 2008 R2 Enterprise and Datacenter.

Typing DISM /Online /Set-Edition:ServerDataCenter /ProductKey:xxxxxx will upgrade the operating system.  All that’s required to complete the upgrade is a reboot.

Enable RealTek NIC on VMWare VSphere 6.5

When you try to install VMWare 6.0 or 6.5 on your home computer, you receive a message telling you that the install cannot be completed because the Network Adapter is not found.

The first and one of the most important steps is to clearly identify your NIC’s brand and model. The key here is the unique PCI vendor and device ID. There are multiple ways to find this out, and most of them involve booting the machine with another OS (Windows or Linux). But here is the easiest way that starts directly at the stuck ESXi installation process:

When you see the nasty error message displayed at the top of this post then just hit [Alt] and [F1] on your keyboard at the computer’s console. You will be greeted with a login prompt: log in as root without a password (just hit [Return] at the password prompt). Now run the following command:

lspci -v | grep “Class 0200″ -B 1

If you do not use an English keyboard you may find it hard to type this command (esp. the special characters -, ” and |), because the English keyboard mapping is in effect regardless of what your layout is. You can change the effective layout by running a command like

localcli system settings keyboard layout set -l German

This will switch to the German layout. You can list all available layouts and their correct label to be used with the -l switch by running

localcli system settings keyboard layout list

Alternatively you can keep the English layout and enter all special characters using Alt+NumPad ASCII codes: is code 45, | is code 124 and is code 34.

If you finally managed to type the lspci command line correctly then the output will look similar to this:

0000:02:00.0 Ethernet controller Network controller: Realtek Realtek 8168 Gigabit Ethernet
Class 0200: 10ec:8168

Here you are: (In this example) you have a Realtek 8168 Gigabit NIC with the PCI ID id 10ec:8168.

here is a workaround for you … I have created a package that includes the original VMware net-r8168, net-r8169, net-sky2 and net-s2io drivers and uses the name (net51-drivers), and published it on my V-Front Online Depot.

If your host is already installed and has a direct Internet connection then you can install it from an ESXi shell by running the following commands:

esxcli software acceptance set –level=CommunitySupported


esxcli network firewall ruleset set -e true -r httpClient


esxcli software vib install -n net51-drivers -d


As you can see I had to add the –no-sig-check to install the vib. It might be this is not needed in your situation, though.


How to enable wake on lan on VMWare client

Problem: You are not able to access the guest OS when the guest OS goes to sleep, and you need to manually wake up the guest OS.

Solution: Edit the Virtual Machine Properties. In the Power Management under Options menu, check the “Put the guest OS into standby mode and leave the virtual machine powered on”, and put a check on the Virtual NIC under the Wake on LAN for virtual machine traffic on.


Debugging Site to Site VPN connection

Debugging specific Peer IP Address.

debug crypto condition peer

The above command will only generate debug on Peer IP address of  When you’re done, run debug crypto condition reset to undo the command above.

Run debug crypto isakmp 127 (phase 1) or debug crypto ipsec 127 (phase 2) to generate debug information. Run undebug all to stop all debug information.

See for more information on what the debug output means.


Simple PHP encrypt and decrypt

You need to have openssl encrypt installed and running. Check this thread if you dont have it already

 * simple method to encrypt or decrypt a plain text string
 * initialization vector(IV) has to be the same when encrypting and decrypting
 * PHP 5.4.9 ( check your PHP version for function definition changes )
 * this is a beginners template for simple encryption decryption
 * before using this in production environments, please read about encryption
 * use at your own risk
 * @param string $action: can be 'encrypt' or 'decrypt'
 * @param string $string: string to encrypt or decrypt
 * @return string
function encrypt_decrypt($action, $string) {
    $output = false;

    $encrypt_method = "AES-256-CBC";
    $secret_key = 'This is my secret key';
    $secret_iv = 'This is my secret iv';

    // hash
    $key = hash('sha256', $secret_key);
    // iv - encrypt method AES-256-CBC expects 16 bytes - else you will get a warning
    $iv = substr(hash('sha256', $secret_iv), 0, 16);

    if( $action == 'encrypt' ) {
        $output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
        $output = base64_encode($output);
    else if( $action == 'decrypt' ){
        $output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);

    return $output;

$plain_txt = "This is my plain text";
echo "Plain Text = $plain_txt\n";

$encrypted_txt = encrypt_decrypt('encrypt', $plain_txt);
echo "Encrypted Text = $encrypted_txt\n";

$decrypted_txt = encrypt_decrypt('decrypt', $encrypted_txt);
echo "Decrypted Text = $decrypted_txt\n";

if( $plain_txt === $decrypted_txt ) echo "SUCCESS";
else echo "FAILED";

echo "\n";