Automatic HTTPS WinRM Listener creation

In this post I will show you how to create a HTTPS WinRM listener that is using a certificate issued by your own MS PKI. The requirements are the following: – An Active Directory domain – An Enterprise MS PKI…

Create a self-signed certificate on Windows server

If you don’t have your own PKI and just want to perform some tests on a specific application or OS feature, you will probably need to generate a self-signed certificate. You can easily achieve this on Windows server without any…

Active Directory Functional Domain level check

This script will help you to check the Active Directory domain functional level. First the script asks for the domain name (fqdn). Then, the domain controllers names of this domain are queried to get the value of the AD attribute…

Get the Active Directory functional levels/FSMO roles forest wide

Description With the following script, it is possible in the same array to get useful Active Directory informations such as: domain names (DNS fqdn) domain functional level forest functional level fsmo roles The powershell cmdlets used for this script are…

List duplicated valid certificates on a MS PKI version 3

Description One more version of the script provided some weeks ago. This is a minor update but it can be helpful. In that version, the duplicated valid certificates are listed and two options are shown : keep or revoke. It…

List duplicated valid certificates on a MS PKI version 2

Description I have written another version of the script provided some weeks ago. This new version is looking for duplicated valid certificates based on both CommonName and Certificate template. The first version checked only the CommonName. All of this cmdlets…

Microsoft PKI: revoke expired certificates

Microsoft PKI: revoke expired certificates Description I have written the script below to cleanup the CA database by revoking the expired certificates. First, the script performs three checks and then revoke the expired certificates: a valid certificate for the same…

Manage reverse DNS zones with Powershell

Manage reverse DNS zones with Powershell The script is a complete tool that will perform the following tasks: list the A records in the domain name defined in the variable $dnsDomainName for each record, check if the reverse zone exist.…

Password never expires status

Description With this little script, you will have a status on the user account “Password never expires” flag. This check is done on a specific OU. You can adapt the script to run it on a domain-wide. The principe of…

Owncloud Passwords application migration to Passman

If you used the application Passwords for Owncloud to store your credentials, you have seen recently this app does not exist anymore. The application has been removed from Github and it is hard to find the documentation. This is why…