I work in a military environment that enforces ‘smart card required’ for all accounts admin or otherwise so I have multiple certificates on the smart card. I understand you can use a smart card with get-credential but the problem is it only has the first cert available when prompted. Is there a way to make all certs on the smart card available when prompted with get-credential? Am I able to manipulate the cert: provider to do this or is there an easier way?
Not unless you have a custom smart card provider that can do so. Get-Credential is a pretty simple beast. You’ll need to roll something custom.
You should be able to edit the prompt. Lets say you have a WA, OA, and IA certs on your token(in that order). You need to use the OA cert to join a computer to the Domain. The Prompt should should read “EDPIPI#.wa”. now change it to “EDIPI.oa”.