Powershell 인증서 해지

Question

사용자와 컴퓨터의 인증서를 제거하고 싶습니다. 이 나는 ​​시도했다 :

Import-Module PSPKI 
Import-Module ActiveDirectory 

$RequesterNameComputer = "A\B$"; 
$RequesterNameUser = "A\C"; 

certutil -view -out "RequestID,SerialNumber,RequesterName,RequestType,NotAfter,CommonName" csv > "$env:TEMP\tempcerts.csv"; 

$Csv = Import-Csv -Path "$env:TEMP\tempcerts.csv"; 
$csv | Select-Object "requester name" | Group-Object -Property "requester name" | Sort-Object -Property count; 

$computer = $csv | Where-Object {$_."requester name" -eq $RequesterNameComputer} | ?{$_."Certificate Template" -like "*PlaygroundComputer"}; 
$computer 

$User = $csv | Where-Object {$_."requester name" -eq $RequesterNameUser} | ?{$_."Certificate Template" -like "*User"}; 
$User 

내가 certutil -revoke를 사용해야하지만 $ 컴퓨터 및 $ 사용자를 보여줍니다 모든 인증서를 삭제하도록 내 스크립트로 조정하는 방법을 모른다 알고있다.

Answer 1

Import-Module PSPKI 
Import-Module ActiveDirectory 

$RequesterNameComputer = "A\B"; 
$RequesterNameUser = "A\C"; 

#certutil: display information about the digital certificates that are installed on a DirectAccess client, DirectAccess server, or intranet resource. 
certutil -view -out "RequestID,SerialNumber,RequesterName,RequestType,NotAfter,CommonName,Certificate Template" csv > "$env:TEMP\tempcerts.csv"; 

$Csv = Import-Csv -Path "$env:TEMP\tempcerts.csv"; 
$csv | Select-Object "requester name" | Group-Object -Property "requester name" | Sort-Object -Property count; 

$computer = $csv | Where-Object {$_."requester name" -eq $RequesterNameComputer} | ?{$_."Certificate Template" -like "*PlaygroundComputer"}; 
$computer 

ForEach ($com in $computer){ 
certutil -revoke $com.'Serial Number' 5; 
} 

# certutil -installdefaulttemplates 
$User = $csv | Where-Object {$_."requester name" -eq $RequesterNameUser} | ?{$_."Certificate Template" -like "*User"}; 
$User 

foreach ($usr in $User){ 
certutil -revoke $usr.'Serial Number' 5; 
} 

Remove-Item -Path "$env:TEMP\tempcerts.csv" -Force;