Thanks Cesar. I'm going to hold on to that for the future. That'll come in handy.
From: [email protected] [mailto:[email protected]] On Behalf Of elsalvoz Sent: Thursday, January 16, 2014 11:58 AM To: [email protected] Subject: Re: [mssms] RE: Certificate issues The one I created was to remove expired certs. it can be updated to check different parts of certs as well as just gather information and insert it into WMI to be inventory. Currently we are busy migrating 70+K clients so don't have the time to add those options to the function. Below is the link to the cert classes being used in the script. http://msdn.microsoft.com/en-us/library/system.security.cryptography(v=vs.110).aspx the code is not the best organized or written but it did the job for us :) Thanks, Cesar On Wed, Jan 15, 2014 at 7:12 PM, Russ Rimmerman <[email protected]<mailto:[email protected]>> wrote: I blogged the other day on using compliance settings to check to see if a specific cert on clients, you can use similar powershell commands to inventory the specific properties of the certs you want and poke it back into wmi in a custom class. http://blogs.technet.com/b/configmgr_geek_speak/archive/2014/01/10/use-configuration-manager-2012-compliance-settings-to-check-for-the-existence-of-a-pki-certificate.aspx From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Beardsley, James Sent: Wednesday, January 15, 2014 9:59 AM To: [email protected]<mailto:[email protected]> Subject: [mssms] Certificate issues Is there any way to gather inventory on client certificates? Is certificate information in WMI? Or detectable with Powershell? I have auto-enrollment set up and most PC's are successfully enrolling their client certificate but there are a handful here and there that don't have the cert in the Personal store so I'm unable to upgrade them to the 2012 client. I tried running certutil.exe -pulse on ones that I've had a chance to get my hands on and most of the time it doesn't help. Any pointers? Any logs or event's I can use to track down the issue on individual computers? ________________________________ IRS Compliance: Any tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties imposed under the Internal Revenue Code or applicable state or local tax law or (ii) promoting, marketing, or recommending to another party any transaction or matter addressed herein. ________________________________ Confidentiality Notice: This e-mail is intended only for the addressee named above. It contains information that is privileged, confidential or otherwise protected from use and disclosure. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, or dissemination of this transmission, or taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please reply to the sender listed above immediately and permanently delete this message from your inbox. Thank you for your cooperation. ________________________________ IRS Compliance: Any tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties imposed under the Internal Revenue Code or applicable state or local tax law or (ii) promoting, marketing, or recommending to another party any transaction or matter addressed herein. ________________________________ Confidentiality Notice: This e-mail is intended only for the addressee named above. It contains information that is privileged, confidential or otherwise protected from use and disclosure. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, or dissemination of this transmission, or taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please reply to the sender listed above immediately and permanently delete this message from your inbox. Thank you for your cooperation.
