I blogged the other day on using compliance settings to check to see if a specific cert on clients, you can use similar powershell commands to inventory the specific properties of the certs you want and poke it back into wmi in a custom class. http://blogs.technet.com/b/configmgr_geek_speak/archive/2014/01/10/use-configuration-manager-2012-compliance-settings-to-check-for-the-existence-of-a-pki-certificate.aspx
From: [email protected] [mailto:[email protected]] On Behalf Of Beardsley, James Sent: Wednesday, January 15, 2014 9:59 AM To: [email protected] Subject: [mssms] Certificate issues Is there any way to gather inventory on client certificates? Is certificate information in WMI? Or detectable with Powershell? I have auto-enrollment set up and most PC's are successfully enrolling their client certificate but there are a handful here and there that don't have the cert in the Personal store so I'm unable to upgrade them to the 2012 client. I tried running certutil.exe -pulse on ones that I've had a chance to get my hands on and most of the time it doesn't help. Any pointers? Any logs or event's I can use to track down the issue on individual computers? ________________________________ IRS Compliance: Any tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties imposed under the Internal Revenue Code or applicable state or local tax law or (ii) promoting, marketing, or recommending to another party any transaction or matter addressed herein. ________________________________ Confidentiality Notice: This e-mail is intended only for the addressee named above. It contains information that is privileged, confidential or otherwise protected from use and disclosure. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, or dissemination of this transmission, or taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please reply to the sender listed above immediately and permanently delete this message from your inbox. Thank you for your cooperation.
