-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSCUtil.psm1
More file actions
executable file
·49 lines (38 loc) · 1.53 KB
/
SCUtil.psm1
File metadata and controls
executable file
·49 lines (38 loc) · 1.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
Import-Module PSPKI
Function Get-Smartcard
{
[OutputType([string])]
param ([Parameter(Mandatory=$true)][string]$CommonName)
$ca = Get-CertificationAuthority
$certs = ($ca | get-issuedrequest -Property "CommonName", "Request.SubmittedWhen", "Request.CallerName" -filter "CertificateTemplate -eq Smartcard","NotAfter -ge $(Get-Date)" | Where-Object {$_.CommonName -like $CommonName})
Write-Output $certs
}
Function Revoke-Smartcard
{
[CmdLetBinding(SupportsShouldProcess=$true,ConfirmImpact='High')]
param (
[Parameter(Mandatory=$true, Position=0, ValueFromPipelineByPropertyName=$true)]
[string]$SerialNumber,
[string]$Reason="Unspecified"
)
begin {
$ca = Get-CertificationAuthority
}
process {
$certs = ($ca | get-issuedrequest -Property "CommonName", "Request.SubmittedWhen", "Request.CallerName" -filter "CertificateTemplate -eq Smartcard","SerialNumber -eq $SerialNumber")
if (-not $certs) {
Write-Output "No certificates found"
Break
}
foreach ($cert in $certs) {
Write-Output $cert
if ($PSCmdlet.ShouldProcess($cert.SerialNumber,"Revoke")) {
Write-Output "Revoking certificate with serial number $SerialNumber. Reason: $reason"
if (-Not [bool]$WhatIfPreference.IsPresent) {
Revoke-Certificate -Request $cert -Reason $Reason
}
}
}
}
}