Hi there,
Can any one help me with the below script. I need to search the domain windows 7 systems and delete a old expired certificate from Trusted Root certification Authorities. But I get “The operation is on root store and UI is not allowed”. I tried running it on my own system first and then make it part of the full script to run on the domain.
Invoke-command -computername ABS-T48911 {Remove-Item -Path Cert:\CurrentUser\Root\2810178e6f7b4bd31f42c0946e822d116b9a144e}
Clear-Host # Grab an computer OU from AD and get the DistinguishedName as input for the SearchBase # Filter for a OS type and get the NetBIOS name of the computers $SearchBase = (Get-ADOrganizationalUnit -Filter *).DistinguishedName[48] # Filter for a OS type and get the NetBIOS name of the computers $TargetHosts = (Get-ADComputer -SearchBase $SearchBase -Filter {OperatingSystem -Like 'Windows 7 Enterprise'}).Name ForEach ($TargetHost in $TargetHosts ) { Invoke-command -computername $TargetHost { Get-ChildItem Cert:\CurrentUser\Root\2810178e6f7b4bd31f42c0946e822d116b9a144e | Remove-Item } }