If you wonder how to activate the Windows 7 extended support on your company machines after you bought and obtained the MAK activation key, here is a script that you can deploy via SCCM (or any other way). Note that you will need to do this only once on each machine.

@echo off
for /f "tokens=2 delims==" %%a in ('wmic OS Get localdatetime /value') do set "dt=%%a"
set "YY=%dt:~2,2%" & set "YYYY=%dt:~0,4%" & set "MM=%dt:~4,2%" & set "DD=%dt:~6,2%"
set "HH=%dt:~8,2%" & set "Min=%dt:~10,2%" & set "Sec=%dt:~12,2%"
set "datestamp=%YYYY%%MM%%DD%" & set "timestamp=%HH%%Min%%Sec%"
set "fullstamp=%YYYY%-%MM%-%DD%_%HH%-%Min%-%Sec%"

if not exist "C:\temp\" mkdir "C:\temp"

>> C:\temp\Company_Win7ESU_ACT_%fullstamp%.log (
ECHO [WARNING] ...Script Start...
ECHO [WARNING] ...Registering new MAK key...
cscript c:\windows\system32\slmgr.vbs /ipk <key>
ECHO [WARNING] ...Activating with ID...
cscript c:\windows\system32\slmgr.vbs /ato <activation ID>
ECHO [WARNING] ...Full activation output...
cscript c:\windows\system32\slmgr.vbs /dlv
ECHO [WARNING] ...Script End...

You would need to replace the <key> and the <activation ID> tags with your data. This will also create timestamped log file which is staged step-by-step by each command to enhance possible troubleshooting 🙂

Another note is that it seems like there will be a need to do this activation every year, as when using the /ato command, you need to specify which year you are actually applying for:
The Activation IDs are provided by Microsoft on: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807

Year 1    77db037b-95c3-48d7-a3ab-a9c6d41093e0 
Year 2    0e00c25d-8795-4fb7-9572-3803d91b6880 
Year 3    4220f546-f522-46df-8202-4d07afd26454