Trouble deleting certificate using powershell

Welcome Forums General PowerShell Q&A Trouble deleting certificate using powershell

This topic contains 2 replies, has 1 voice, and was last updated by

 
Participant
10 months, 4 weeks ago.

  • Author
    Posts
  • #92027

    Participant
    Points: 12
    Rank: Member

    Hi there,

    Can any one help me with the below script. I need to search the domain windows 7 systems and delete a old expired certificate from Trusted Root certification Authorities. But I get "The operation is on root store and UI is not allowed". I tried running it on my own system first and then make it part of the full script to run on the domain.

    Invoke-command -computername ABS-T48911 {Remove-Item -Path Cert:\CurrentUser\Root\2810178e6f7b4bd31f42c0946e822d116b9a144e}
    
    Clear-Host
    # Grab an computer OU from AD and get the DistinguishedName as input for the SearchBase
    # Filter for a OS type and get the NetBIOS name of the computers
    $SearchBase = (Get-ADOrganizationalUnit -Filter *).DistinguishedName[48]
    
    # Filter for a OS type and get the NetBIOS name of the computers
    $TargetHosts = (Get-ADComputer -SearchBase $SearchBase -Filter {OperatingSystem -Like 'Windows 7 Enterprise'}).Name
    
    ForEach ($TargetHost  in $TargetHosts )
    {
    
    Invoke-command -computername $TargetHost { Get-ChildItem Cert:\CurrentUser\Root\2810178e6f7b4bd31f42c0946e822d116b9a144e | Remove-Item }
    
    }
    
  • #92030

    Participant
    Points: 12
    Rank: Member

    Hi there,

    Can anyone help me with the below script please.I want to find all windows 7 systems and delete a old expired certificate from Trusted Root Certification Authorities which causes issues. But when i tried to delete the certificate using invoke-command I get "The operation is on root store and UI is not allowed"

    Invoke-command -computername ABS-T48911 {Remove-Item -Path Cert:\CurrentUser\Root\2810178e6f7b4bd31f42c0946e822d116b9a144e}
    
    Clear-Host
    # Grab an computer OU from AD and get the DistinguishedName as input for the SearchBase
    # Filter for a OS type and get the NetBIOS name of the computers
    $SearchBase = (Get-ADOrganizationalUnit -Filter *).DistinguishedName[48]
    
    # Filter for a OS type and get the NetBIOS name of the computers
    $TargetHosts = (Get-ADComputer -SearchBase $SearchBase -Filter {OperatingSystem -Like 'Windows 7 Enterprise'}).Name
    
    ForEach ($TargetHost  in $TargetHosts )
    {
    
    Invoke-command -computername $TargetHost { Get-ChildItem Cert:\CurrentUser\Root\‎2810178e6f7b4bd31f42c0946e822d116b9a144e | Remove-Item }
    
    }
    
  • #92102

    Participant
    Points: 12
    Rank: Member

    Anybody any ideas?

The topic ‘Trouble deleting certificate using powershell’ is closed to new replies.