Wednesday, July 29, 2020

Powershell - Get certificate information

 List Certificate Templates



function get-CertificateTemplates {
[CmdletBinding()] Param (
     [Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)]
     [string]$forest
    )
$DefaultPartition = Get-ADDomainController -Server $forest | select -expand DefaultPartition


$configcontext = "CN=Configuration,$($DefaultPartition)"
$ADSI = [ADSI]"LDAP://CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext"

$ADSI.Children | Sort-Object Name | Select-Object DisplayName, Name, msPKI-Cert-Template-OID
}


List Certificate CDP info

function get-CertificateCDP {
[CmdletBinding()] Param (
     [Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)]
     [string]$forest
    )

$DefaultPartition = Get-ADDomainController -Server $forest | select -expand DefaultPartition


$configcontext = "CN=Configuration,$($DefaultPartition)"
$ADSI = [ADSI]"LDAP://CN=cdp,CN=Public Key Services,CN=Services,$ConfigContext"

$ADSI.Children  | select cn,Children,path
}

List Certificate Auhtorities in forest - requires activedirectory module

function get-CertificationAuthorities {
[CmdletBinding()] Param (
     [Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)]
     [string]$forest
    )
  

$DefaultPartition = Get-ADDomainController -Server $forest | select -expand DefaultPartition


$configcontext = "CN=Configuration,$($DefaultPartition)"
$ADSI = [ADSI]"LDAP://CN=Certification Authorities,CN=Public Key Services,CN=Services,$ConfigContext"

$ADSI.Children | select name,whenCreated

} 

Monday, June 29, 2020

Powershell : get-ADReplicationReport - Function to get replication status from specified domain controller


.Synopsis
   Get Active Directory replication report
DESCRIPTION
   reports on replication issues
EXAMPLE
   get-ADReplicationReport -domains "Domain1","Domain2"

function get-QrgADReplicationReport
{
    [CmdletBinding()]
    [Alias()]
    [OutputType([int])]
    Param
    (
        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true,
                   Position=0)]
        [string]$Server
        
    )

    Begin
    {
    
    }
    Process
    {
    
        Get-ADReplicationPartnerMetadata -Target $server -Partition * | select `
        Server,`
        @{Name = 'Partner';Expression = {$_.Partner.split(",")[1].split("=")[1]}},`
        Partition,`
        LastReplicationSuccess,`
        ConsecutiveReplicationFailures,`
        PartnerType,`
        PartnerAddress,`
        PartnerGuid
    
    }
    
    End
    {
       
    }
}