使用 KMS 配置用于激活 Office 的批量许可版本的 DNSConfigure DNS for activating volume licensed versions of Office by using KMS

适用于: _ _Volume版 Office 2019 和 Office 2016,包括 Project 和 VisioApplies to: _ _Volume licensed versions of Office 2019 and Office 2016, including Project and Visio

若要使用密钥管理服务 (KMS) 激活 Office(包括 Project 和 Visio)的批量许可版本,必须可发现适用于 Office 的 KMS 主机。To activate volume licensed versions of Office, including Project and Visio, by using Key Management Service (KMS), the KMS host computer for Office must be discoverable. KMS 主机计算机会自动发布其存在状态, (SRV) DNS 服务器上 (RR) 服务。The KMS host computer automatically publishes its existence by creating service (SRV) resource records (RRs) on the DNS server. 但是,只有第一台 KMS 主机可以创建 SRV RR。But, only the first KMS host computer can create an SRV RR. 如果多台计算机运行 KMS,则后续 KMS 主机无法更改或更新 SRV R,除非 DNS 服务器上的权限配置为允许此操作。If there is more than one computer running KMS, subsequent KMS host computers cannot change or update SRV RRs unless the permissions on the DNS server are configured to allow this.

更改 DNS 服务器上的权限需要域中的管理权限。Changing the permissions on the DNS server requires administrative rights in the domain. 需要按如下所示设置 DNS:You will need to set up DNS as follows:

  • 确保运行 KMS 的所有计算机都是 AD DS (Active Directory 域服务) 的成员。Ensure that all computers running KMS are members of the same Active Directory Domain Services (AD DS) domain.
  • 在 AD DS 中为运行 KMS 的计算机创建全局安全组。Create a global security group in AD DS for the computers running KMS.
  • 将运行 KMS 的每台计算机添加到新的安全组。Add each computer running KMS to the new security group.
  • 设置 DNS 服务器上的权限,以启用新创建的安全组的成员的更新。Set the permissions on the DNS server to enable updates by members of the newly created security group.

有关详细信息,请参阅配置DNS。For more information, see Configuring DNS.

如何使用 DNS 查找 KMS 主机How DNS is used to find a KMS host computer

KMS 客户端首次查询 DNS 获取 KMS 信息时,会从 DNS 返回的 SRV R 列表中随机选择 KMS 主机。The first time that a KMS client queries DNS for KMS information, it randomly selects a KMS host computer from the list of SRV RRs that DNS returns. 包含 SRV R 的 DNS 服务器的地址可以在 KMS 客户端上列为后缀条目。The address of a DNS server that contains the SRV RRs can be listed as a suffixed entry on KMS clients. 这样,在一个 DNS 服务器和具有其他主 DNS 服务器的 KMS 客户端中,可以播发用于 KMS 的 SRV R 以找到它。This enables advertisement of SRV RRs for KMS in one DNS server and KMS clients that have other primary DNS servers to find it.

可以将优先级 和****权重 参数添加到 KMS 主机计算机的 DnsDomainPublishList 注册表值。You can add priority and weight parameters to the DnsDomainPublishList registry value for KMS host computers. 这样,你可在每个组中建立优先级分组和权重,指定 KMS 主机的使用顺序,并平衡多个 KMS 主机计算机之间的流量。Doing so enables you to establish priority groupings and weighting within each group, which specifies the order in which to use KMS host computers and balances traffic among multiple KMS host computers. 如果使用优先级和权重参数,我们建议在客户端上禁用 KMS 缓存。If you are using priority and weight parameters, we recommend that you disable KMS caching on the client. 有关详细信息,请参阅配置 KMS 主机缓存For more information, see Configure KMS host caching.

如果客户端选择的 KMS 主机未响应,KMS 客户端会从 SRV R 列表中删除该 KMS 主机,并从列表中随机选择另一台 KMS 主机。If the KMS host computer that a client selects does not respond, the KMS client removes that KMS host computer from its list of SRV RRs and randomly selects another KMS host computer from the list. 如果设置了优先级和权重参数,KMS 客户端将在查找另一台 KMS 主机时使用它们。If the priority and weight parameters are set, the KMS client will use them while finding another KMS host computer. 否则,将随机选择 KMS 主机。Otherwise, KMS host computers are selected randomly. KMS 主机做出响应后,KMS 客户端将缓存 KMS 主机的名称,如果启用了缓存,则使用它进行连续的激活和续订尝试。After a KMS host computer responds, the KMS client caches the name of the KMS host computer and, if caching is enabled, uses it for successive activation and renewal attempts. 如果缓存的 KMS 主机在以后续订时没有响应,KMS 客户端会通过查询 DNS 查找 KMS SRV R 来发现新的 KMS 主机计算机。If the cached KMS host computer does not respond on a later renewal, the KMS client discovers a new KMS host computer by querying DNS for KMS SRV RRs.