ADBA Air Gapped Network

Copper Contributor

Hello, I am trying to find out how the ADBA operates within an air gapped network. I have an isolated network with 200 windows 10 clients. I know that once I load the KMS license to the ADBA and create the object that the clients will activate and check in every 180 days. What I don't know is does the ADBA need check in with Microsoft on an interval as that is impossible within my environment. If it cannot check in does it expire the license and stop activating? Any clarity on this matter would be greatly appreciated as I have not found any articles that speak to this.

2 Replies
Hi, Scruggst.

While I don't use ADBA, from what I've read on the requirements, it comes across like KMS (my area of experience), where the initial activation is once-off.

I know you're looking for an explicit statement but from reading the following, the implied discussions (around proxy and phone activation for isolated networks) are about as good as you're going to get from docs.microsoft.com.

It seems your best best may be the VAMT proxy activation route.

In the third article, as you read the "isolated networks" section, you can readily exchange the term "KMS" for "ADBA" in your scenario.

https://docs.microsoft.com/en-us/windows/deployment/volume-activation/active-directory-based-activat...
https://docs.microsoft.com/en-us/windows/deployment/volume-activation/activate-forest-by-proxy-vamt
https://docs.microsoft.com/en-us/windows/deployment/volume-activation/plan-for-volume-activation-cli...
I would also plea for keeping ADBA and for these airgapped ones use VAMT 3 with a special account and proxy activation using the same method. KMS imho is only used because it is well known and MSFT still refers to it in many docs instead of ADBA and VAMT.

You can also use VAMT from Windows 11 ADK and use MAK instead on airgapped systems. It is a neat tool. Check the docs. Have updated them throughout the year.