HelperFunctions.ps1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 |
function Get-Domain { <# .Synopsis Return the current domain .DESCRIPTION Use .net to get the current domain .EXAMPLE Get-Domain #> [CmdletBinding()] [OutputType([System.DirectoryServices.ActiveDirectory.Domain])] Param () Write-Verbose -Message 'Calling GetCurrentDomain()' ([DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()) } function Get-ADPKIEnrollmentServers { <# .Synopsis Return the Active Directory objects of the Certificate Authorites .DESCRIPTION Use .net to get the current domain .EXAMPLE Get-PKIEnrollmentServers #> [CmdletBinding()] [OutputType([adsi])] Param ( [Parameter(Mandatory,HelpMessage='Domain To Query',Position = 0)] [string] $Domain ) $QueryDN = 'LDAP://CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=' + $Domain -replace '\.', ',DC=' Write-Verbose -Message "Querying [$QueryDN]" $result = [ADSI]$QueryDN if (-not ($result.Name)) { Throw "Unable to find any Certificate Authority Enrollment Services Servers on domain : $Domain" } $result } function Get-ADCertificateTemplate { <# .Synopsis Return the Active Directory objects of the Certificate Authorites .DESCRIPTION Use .net to get the current domain .EXAMPLE Get-PKIEnrollmentServers #> [CmdletBinding()] [OutputType([adsi])] Param ( [Parameter(Mandatory,HelpMessage='Domain To Query',Position = 0)] [string] $Domain, [Parameter(Mandatory,HelpMessage='Template Name',Position = 1)] [string] $TemplateName ) $QueryDN = "LDAP://CN=$TemplateName,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,DC=" + $Domain -replace '\.', ',DC=' Write-Verbose -Message "Querying [$QueryDN]" $result = [ADSI]$QueryDN if (-not ($result.Name)) { Throw "Unable to find any Certificate Authority Enrollment Services Servers on domain : $Domain" } $result } function Get-CaLocationString { <# .SYNOPSIS Gets the Certificate Authority Location String from active directory .DESCRIPTION Certificate Authority Location Strings are in the form of ComputerName\CAName This info is contained in Active Directory .PARAMETER CAName Name given when installing Active Directory Certificate Services .PARAMETER ComputerName Name of the computer with Active Directory Certificate Services Installed .PARAMETER Domain Domain to retreve data from .EXAMPLE get-CaLocationString -CAName MyCA Gets only the CA Location String for the CA named MyCA .EXAMPLE get-CaLocationString -ComputerName ca.contoso.com Gets only the CA Location String for server with the DNS name of ca.contoso.com .EXAMPLE get-CaLocationString -Domain contoso.com Gets all CA Location Strings for the domain contoso.com .NOTES Location string are used to connect to Certificate Authority database and extract data. .OUTPUTS [STRING[]] #> [CmdletBinding()] [OutputType([string])] Param ( # Name given when installing Active Directory Certificate Services [string[]] $CAName = $null, # Name of the computer with Active Directory Certificate Services Installed [string[]] $ComputerName = $null, # Domain to Search [String] $Domain = (Get-Domain).Name ) $CAList = Get-CertificatAuthority @PSBoundParameters foreach ($ca in $CAList) { ('{0}\{1}' -f $($ca.dNSHostName), $($ca.name)) } } |