I need to get a list of all of the certificates in the personal store across all of the servers in my domain. I am currently using the following powershell command which provides the desired results
Get-ChildItem Cert:\localmachine\my | Export-Csv \\filepath\filename.csv
However this requires me to go into each server and run the command. how do I avoid doing so? I used the following to create a csv file aof all of the server names to iterate through
get-adcomputer -filter * -SearchBase $OUpath | Select-object name | export-csv -NoType $ExportPath
all of the servers are in a specific OU which is the value of the %OUPath variable.
Here is the script I have tried, however it does not give me the certificate data I am looking for.
$OUpath = 'OU=Servers,OU=someOU,DC=somedomain,DC=com'
$ExportPath = '\\filepath\ServerList.csv'
get-adcomputer -filter * -SearchBase $OUpath | Select-object name | export-csv -NoType $ExportPath
import-csv $exportpath
foreach-object{
Get-ChildItem Cert:\localmachine\my | Export-Csv -append -path \\filepath\certlist.csv
}
there are over 500 servers in the OU yet the file only has 30 rows, and is missing pertinent information regarding the cert for each server. I am looking for the following headers DnsNameList FriendlyName NotAfter NotBefore HasPrivateKey Issuer
I'm not too sure where to start, your script will not work as is. You will have to work invoke-command into your script.
This is a oneline that could get you started:
get-adcomputer -filter * -SearchBase $OUpath | Select-object -expand name | foreach-object {invoke-command -computername $_ -scriptblock {get-childitem Cert:\localmachine\my | select friendlyname, dnsnamelist}}