Pull Certs from all Remote DCs

wasim · May 6, 2019, 11:16am

<p style=“text-align: left;”>Need assistance to pull all certs from remote domain controllers.I am able to pull all certs but not from NTDS store(LDAPs)</p>
<p style=“text-align: left;”>I have tried the following commands.</p>

Invoke-Command -ComputerName (get-addomaincontroller -filter *).name  -ScriptBlock {Get-ChildItem -Recurse cert: |select Thumbprint,PSPath,PSChildName,EnhancedKeyUsageList,NotAfter,NotBefore,Subject} |export-csv  certs.csv

Invoke-Command -ComputerName (get-addomaincontroller -filter *).name  {Get-ChildItem Cert:\LocalMachine\my -Recurse -Force |export-csv  certs.csv}

Thanks

kvprasoon · May 6, 2019, 12:17pm

AFAIK, PowerShell can open only LocalMachine and CurrentUser stores and doesn’t support ServiceAccount stores. There could be some thirdparty executable to achieve this.

Topic		Replies	Views
List certificates held on remote computer PowerShell Help	2	117	January 14, 2016
get AD User Object cert in remote session PowerShell Help	0	114	December 31, 2011
Not able to do remoting PowerShell Help	2	141	June 10, 2017
Remove Expired Certs in LocalMachine\My remotely using Powershell Website & Forum Feedback	1	236	October 5, 2015
Invoke Generate Self Signed Certificate PowerShell Help	2	158	June 26, 2015

Pull Certs from all Remote DCs

Related Topics