Highlighted

The Adobe Authorization Server and You: How your device is identified, and the changes that will invalidate that ID.

Community Beginner ,
May 09, 2019

Copy link to clipboard

Copied

I should preface this by saying that this is purely a result of my personal experience and reading through the support forums.

That said, so far as I can tell the following really does reflect reality.

I can speak from personal experience that a change of physical OS drive will result in a non-match with the profile on the server; the cloned drive would not handshake, but when I put the old drive back, it worked fine, and was able to be deauthorized properly, allowing the replacement drive to then be authorized.

-----

Adobe Digital Editions will allow a maximum of 6 devices to be authorized at any given time for a unique Adobe ID.

The Adobe Authorization Server stores information concerning each device which is currently authorized.

You can only unauthorize a device from the installation of Adobe Digital Editions on that device.

IT IS NOT POSSIBLE FOR THE ADOBE ID OWNER TO DEAUTHORIZE A DEVICE THAT NO LONGER MATCHES THE PROFILE ON THE ADOBE AUTHORIZATION SERVER, NOR TO DEAUTHORIZE A DEVICE NO LONGER IN THEIR POSSESSION.

If any critical hardware component changes, it will no longer match the profile stored on the Authorization Server.

Critical hardware components, for a PC, are the motherboard and the OS drive. It is highly likely that the CPU is also considered a critical component.

Every distinct physical component of a PC has a unique identifier which the BIOS/UEFI/OS, etc., use to identify the components of the PC.

The Adobe Authorization Server queries these components at the time of authorization, and will only recognize communications concerning that distinct authorization from a device that matches that profile.

The installed software on the device can only initiate a request to deauthorize the device if there is a record in the System Registry to the effect that the device has been authorized; if that record is erased, the software will not present the option of requesting the device be deauthorized, as it will not believe that it is authorized in the first place.

This means that if you are going to change the motherboard or the physical OS drive, you must deauthorize that device prior to your making those changes.

The error messages produced by the Adobe Authorization Server do not always make it clear that one of the above scenarios is the cause of a failure on the part of a given device to successfully handshake with the server.

If any of the above scenarios has occurred, that's your explanation.

The procedure that Adobe Support uses as it's boilerplate response will not actually revoke the authorization, but merely allow you to activate the device as a different one of the 6 allowed activations.

It also means that you must deauthorize the device prior to doing a "clean" installation of the OS, as such an installation erases everything within the System Registry.

And, of course, if you are replacing the device entirely, or just retiring it from service, you need to deauthorize it first, or it will still count toward the maximum of 6 authorized devices.

Given the realities of life, this does mean that you will inevitably have instances where it was not possible to deauthorize a device prior to whatever occurred.

If you have a catastrophic system failure which results in having to replace any of the above without the chance to deauthorize the device, you are SOL.

If the device is stolen, you are SOL.

The device will still count toward the total of 6 active authorizations.

While it is theoretically possible for Adobe to pull up the records for all of the authorized devices for a given Adobe ID on the Authorization Server and delete any or all of them, to the best of my knowledge they have not set up protocols for doing so.

It would be a non-trivial exercise to do so, and while it is clear that Adobe Digital Editions must be a revenue source for them, the Adobe ID holder is not that source; it's the firms selling the DRM protected materials who utilize Adobe Digital Editions for DRM verification who provide Adobe with revenue.

Until such time as those firms require Adobe to provide a means for cleaning up authorizations for devices that are no longer in the Adobe ID owner's possession, Adobe will not find it worth their time.

Currently, how they deal with the potential for no authorizations being available due to their being tied to no-longer-extant devices is to increase, on a case-by-case basis, the number of authorizations allowed for a given Adobe ID.

For obvious reasons, this is something they are reluctant to do; they don't really have any way of confirming what you tell them.

After all, the entire reason for DRM is because individuals have proven themselves untrustworthy in the eyes of IP holders... with cause.

Only certain support staff have the authority to do this.

Views

69

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

The Adobe Authorization Server and You: How your device is identified, and the changes that will invalidate that ID.

Community Beginner ,
May 09, 2019

Copy link to clipboard

Copied

I should preface this by saying that this is purely a result of my personal experience and reading through the support forums.

That said, so far as I can tell the following really does reflect reality.

I can speak from personal experience that a change of physical OS drive will result in a non-match with the profile on the server; the cloned drive would not handshake, but when I put the old drive back, it worked fine, and was able to be deauthorized properly, allowing the replacement drive to then be authorized.

-----

Adobe Digital Editions will allow a maximum of 6 devices to be authorized at any given time for a unique Adobe ID.

The Adobe Authorization Server stores information concerning each device which is currently authorized.

You can only unauthorize a device from the installation of Adobe Digital Editions on that device.

IT IS NOT POSSIBLE FOR THE ADOBE ID OWNER TO DEAUTHORIZE A DEVICE THAT NO LONGER MATCHES THE PROFILE ON THE ADOBE AUTHORIZATION SERVER, NOR TO DEAUTHORIZE A DEVICE NO LONGER IN THEIR POSSESSION.

If any critical hardware component changes, it will no longer match the profile stored on the Authorization Server.

Critical hardware components, for a PC, are the motherboard and the OS drive. It is highly likely that the CPU is also considered a critical component.

Every distinct physical component of a PC has a unique identifier which the BIOS/UEFI/OS, etc., use to identify the components of the PC.

The Adobe Authorization Server queries these components at the time of authorization, and will only recognize communications concerning that distinct authorization from a device that matches that profile.

The installed software on the device can only initiate a request to deauthorize the device if there is a record in the System Registry to the effect that the device has been authorized; if that record is erased, the software will not present the option of requesting the device be deauthorized, as it will not believe that it is authorized in the first place.

This means that if you are going to change the motherboard or the physical OS drive, you must deauthorize that device prior to your making those changes.

The error messages produced by the Adobe Authorization Server do not always make it clear that one of the above scenarios is the cause of a failure on the part of a given device to successfully handshake with the server.

If any of the above scenarios has occurred, that's your explanation.

The procedure that Adobe Support uses as it's boilerplate response will not actually revoke the authorization, but merely allow you to activate the device as a different one of the 6 allowed activations.

It also means that you must deauthorize the device prior to doing a "clean" installation of the OS, as such an installation erases everything within the System Registry.

And, of course, if you are replacing the device entirely, or just retiring it from service, you need to deauthorize it first, or it will still count toward the maximum of 6 authorized devices.

Given the realities of life, this does mean that you will inevitably have instances where it was not possible to deauthorize a device prior to whatever occurred.

If you have a catastrophic system failure which results in having to replace any of the above without the chance to deauthorize the device, you are SOL.

If the device is stolen, you are SOL.

The device will still count toward the total of 6 active authorizations.

While it is theoretically possible for Adobe to pull up the records for all of the authorized devices for a given Adobe ID on the Authorization Server and delete any or all of them, to the best of my knowledge they have not set up protocols for doing so.

It would be a non-trivial exercise to do so, and while it is clear that Adobe Digital Editions must be a revenue source for them, the Adobe ID holder is not that source; it's the firms selling the DRM protected materials who utilize Adobe Digital Editions for DRM verification who provide Adobe with revenue.

Until such time as those firms require Adobe to provide a means for cleaning up authorizations for devices that are no longer in the Adobe ID owner's possession, Adobe will not find it worth their time.

Currently, how they deal with the potential for no authorizations being available due to their being tied to no-longer-extant devices is to increase, on a case-by-case basis, the number of authorizations allowed for a given Adobe ID.

For obvious reasons, this is something they are reluctant to do; they don't really have any way of confirming what you tell them.

After all, the entire reason for DRM is because individuals have proven themselves untrustworthy in the eyes of IP holders... with cause.

Only certain support staff have the authority to do this.

Views

70

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
May 09, 2019 0

Have something to add?

Join the conversation