Need to build list of computer certificates:

This topic contains 8 replies, has 3 voices, and was last updated by  Will Anderson 2 months, 3 weeks ago.

  • Author
    Posts
  • #75905

    Martin
    Participant

    Hi,
    I am new to the world of Powershell scripting and need some assistance from you guys,
    Basically I need to build a list of certificates against a text file of all machines in my domain but also need to list only certificates with keywords within the issuer property.
    I am using a -like filter but can seem to only use one of these within my line of code as below...

    Import-module pki
    cd cert:\localmachine
    Get-ChildItem -recurse | select -property PSParentPath, version, SerialNumber, Issuer, subject, notbefore, notafter | where-object -Property issuer -like "*ABC*"

    Can anyone tell me what I need to do to add an additional -like value in the same line of code if possible?

    Many thanks in advance!

  • #75908

    Will Anderson
    Keymaster

    Try using the FilterScript parameter in your Where-Object.

    Get-ChildItem -recurse | select -property PSParentPath, version, SerialNumber, Issuer, subject, notbefore, notafter | where-object -FilterScript {$PSItem.Issuer -like "*Microsoft*" -and $PSItem.Version -eq 3}
  • #75913

    Martin
    Participant

    Hi Will, many thanks for your quick reply!

    I have tried your suggestion and applied it to my code as below:

     Get-ChildItem -recurse | select -property PSParentPath, version, SerialNumber, Issuer, subjec, notbefore, notafter | where-object -filterscript {$PSItem.issuer -like "**" -and $PSItem.issuer ="**" -and $PSItem.issuer = "**"} 

    However, I now receive the error below:

    At line:1 char:146
    + ... -filterscript {$PSItem.issuer -like "**" -and $PSItem.issuer ="**" -and ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    The assignment expression is not valid. The input to an assignment operator must be an object that is able to accept assignments, such
    as a variable or a property.
    At line:1 char:196
    + ... PSItem.issuer ="**" -and $PSItem.issuer = "**"}
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    The assignment expression is not valid. The input to an assignment operator must be an object that is able to accept assignments, such
    as a variable or a property.
    + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : InvalidLeftHandSide

    Apologies if the full error is a bit overkill here, just trying to be conscise.

    Again, many thanks for your help so far.

  • #75916

    Martin
    Participant

    Hi Will,
    Apologies, my code snippet above was incorrect, I have corrected it as below and it runs without error, however it returns no results 🙁

     Get-ChildItem -recurse | select -property PSParentPath, version, SerialNumber, Issuer, subjec, notbefore, notafter | where-object -filterscript {$PSItem.issuer -like "*STR-1*" -and $PSItem.issuer -like "*STR-2*" -and $PSItem.issuer -like "*STR-3*"} 

    Any idea why, is it ok to add similar -like statements in the same filter reference?
    Again, thanks for your help so far.

  • #75919

    Simon B
    Participant

    Did you mean -and ??

    you are asking $PSItem.issuer to be like STR-1 STR2 and STR3 or with -or

    where-object -filterscript {$PSItem.issuer -like "*STR-1*" -and $PSItem.issuer -like "*STR-2*" -and $PSItem.issuer -like "*STR-3*"}

  • #75920

    Simon B
    Participant

    try with -or

  • #75923

    Martin
    Participant

    Yes, -or was the final solution, may thanks for both of your helps on getting this sorted out for me.
    This is my very first posting on any blog and I am so impressed, you guys are worth your weight in gold!

    Thanks again 🙂

  • #75926

    Simon B
    Participant

    np anytime

  • #75952

    Will Anderson
    Keymaster

    Anytime! ^_^

You must be logged in to reply to this topic.