Hi guys,
I am working with a mixed environment where my customer has some older PowerShell version 2 installations.
I know that these should be updated to the lastest version of PS however due to the platform being rigorously controlled in regards to software upgrades etc. I unfortunately have to work with what I have.
I have written a script which caters for this and will (or should) remove a particular certificate from a number of servers based on a particular thumbprint variable, however when run I receive the following Access Denied error:
Exception calling “Remove” with “1” argument(s): "Access is denied.
I have read a few articles on this where they all mention running the powershell console or ISE as administrator, particularly when UAC is enabled, however I do not have UAC enabled on the host or destination machine and my account is a member of Domain Admins so this is really starting to annoy the hell out of me.
Any help would be much appreciated!
Code below:
[pre]
$FinalList = @()
$CurrentSystem = @()
$Machine = get-content Servers.txt
$Thumb = Get-Content Thumbprint.txt
foreach ($Server in $Machine)
{
Write-Host $Server
$CurrentSystem = Invoke-Command -computername $Server -ArgumentList $Thumb -scriptblock{
param($Thumb)
$Store = New-Object System.Security.Cryptography.x509Certificates.x509Store(“ROOT”,“LocalMachine”)
$Store.Open(“ReadWrite”)
#$Certificate = gci Cert:\LocalMachine\Root -Recurse | Where-Object {$_.Thumbprint -eq $Thumb}
$Certificate = $store.Certificates | Where {$_.Thumbprint -eq $Thumb}
$store.Remove($Certificate)
#$Certificate | Remove-Item
}
$finallist += $Server,$Thumb
}
$finallist | Out-File CertsDeleted.txt -Append
[/pre]