Forum Discussion

Dominique's avatar
Dominique
Icon for Advisor rankAdvisor
4 years ago

Active Discovery Script "SPLIT"?

Hello,

I have the following Active Discovery script: 

far the Active Discovery script is:

##--------------- Discovery ------------------##
$pshost = Get-Host              # Get the PowerShell Host.
$pswindow = $pshost.UI.RawUI    # Get the PowerShell Host's UI.

$newsize = $pswindow.BufferSize # Get the UI's current Buffer Size.
$newsize.width = 800            # Set the new buffer's width to 800 columns.
$pswindow.buffersize = $newsize # Set the new Buffer Size as active.

$newsize = $pswindow.windowsize # Get the UI's current Window Size.
$newsize.width = 800            # Set the new Window Width to 800 columns.
$pswindow.windowsize = $newsize # Set the new Window Size as active.

$readOnly     = [System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
$localMachine = [System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
$store        = new-object System.Security.Cryptography.X509Certificates.X509Store( "\\##SYSTEM.SYSNAME##\my", $localMachine )

$store.Open( $readOnly )

$store.Certificates `
| Select-Object { `
  $_.Thumbprint + "##" `
  + $_.Issuer + "##" `
+ $_.Subject + $_.Issuer + "##" `
+ "##" `
+ "cert.issuer=" + $_.Issuer `
+ "&cert.friendlyname=" + $_.FriendlyName `
+ "&cert.serialnumber=" + $_.SerialNumber `
+ "&cert.thumbprint=" + $_.Thumbprint `
+ "&cert.split=" + {(($_.Issuer -split ",") |? {$_ -like "CN=*"}) -replace "CN="}
} `
| Format-Table -HideTableHeaders

 

I am getting the friendlyname, serialnumber, thumbprint are appearing in info on the device and could be used in the report but I do not get the split ... what is wrong with it?

Thanks,

Dom

  • Anonymous's avatar
    Anonymous
    4 years ago

    If you're making changes to the DS, you need to manually kick off discovery on the device to see the results right away (within a couple minutes).

    Btw, adding auto.cert.days as a property is an alternative way of getting the data into a report (a resource inventory report).

  • Dominique's avatar
    Dominique
    Icon for Advisor rankAdvisor
    4 years ago

    After waiting an hour the auto.cert.days finally appears...

    the field is in but the value if incorrect...

    but still missing the auto.cert.idssuerby...

  • Dominique's avatar
    Dominique
    Icon for Advisor rankAdvisor
    4 years ago
    Quote

    | Select-Object { `
      $_.Thumbprint + "##" `
      + $_.Issuer + "##" `
    + $_.Subject + $_.Issuer + "##" `
    + "##" `
    + "cert.issuer=" + $_.Issuer `
    + "&cert.friendlyname=" + $_.FriendlyName `
    + "&cert.serialnumber=" + $_.SerialNumber `
    + "&cert.thumbprint=" + $_.Thumbprint `
    + "&cert.issuerby=" + {(($_.Issuer -split ",") |? {$_ -like "CN=*"}) -replace "CN="} `
    + "&cert.days=" + {($_.NotAfter - [datetime]::Today).Days} `

    It works for me in the Collector Attribute Script but does not work in the Active Discovery Script...

    I don't get the field split available in my report or in the device info...

    I tried also the days to expire and I have the same issue as well...

  • Dominique's avatar
    Dominique
    Icon for Advisor rankAdvisor
    4 years ago

    It works for me in the Collector Attribute Script but does not work in the Active Discovery Script...

  • Anonymous's avatar
    Anonymous
    4 years ago

    The following works for me: 

    > $Issuer = "CN=UCLA Health AD Certificate Authority-CA1, DC=ad, DC=medctr, DC=ucla, DC=edu"
> (($Issuer -split ",") |? {$_ -like "CN=*"}) -replace "CN="
UCLA Health AD Certificate Authority-CA1