Description I have written another version of the script provided some weeks ago. This new version is looking for duplicated valid certificates based on both CommonName and Certificate template. The first version checked only the CommonName. All of this cmdlets
Microsoft PKI: revoke expired certificates
Manage reverse DNS zones with Powershell
Password never expires status
Owncloud Passwords application migration to Passman
List duplicated valid certificates on a MS PKI
Request and remove a certificate using Active Directory templates
List AD domain controller KDC certificates
Kerberos uses certificates to encrypt communication between the Kerberos client and the Kerberos Key Distribution Center (KDC). If you’re domain controllers use certificate for KDC you can list them by runnning this script: $domains = (Get-ADForest).domains $dcs = (Get-ADForest).globalcatalogs $list