Forum Discussion

Dominique's avatar
Dominique
Icon for Advisor rankAdvisor
4 years ago

Active Discovery Script "SPLIT"?

Hello,

I have the following Active Discovery script:

far the Active Discovery script is:

##--------------- Discovery ------------------##
$pshost = Get-Host              # Get the PowerShell Host.
$pswindow = $pshost.UI.RawUI    # Get the PowerShell Host's UI.

$newsize = $pswindow.BufferSize # Get the UI's current Buffer Size.
$newsize.width = 800            # Set the new buffer's width to 800 columns.
$pswindow.buffersize = $newsize # Set the new Buffer Size as active.

$newsize = $pswindow.windowsize # Get the UI's current Window Size.
$newsize.width = 800            # Set the new Window Width to 800 columns.
$pswindow.windowsize = $newsize # Set the new Window Size as active.

$readOnly     = [System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
$localMachine = [System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
$store        = new-object System.Security.Cryptography.X509Certificates.X509Store( "\\##SYSTEM.SYSNAME##\my", $localMachine )

$store.Open( $readOnly )

$store.Certificates `
| Select-Object { `
  $_.Thumbprint + "##" `
  + $_.Issuer + "##" `
+ $_.Subject + $_.Issuer + "##" `
+ "##" `
+ "cert.issuer=" + $_.Issuer `
+ "&cert.friendlyname=" + $_.FriendlyName `
+ "&cert.serialnumber=" + $_.SerialNumber `
+ "&cert.thumbprint=" + $_.Thumbprint `
+ "&cert.split=" + {(($_.Issuer -split ",") |? {$_ -like "CN=*"}) -replace "CN="}
} `
| Format-Table -HideTableHeaders

 

I am getting the friendlyname, serialnumber, thumbprint are appearing in info on the device and could be used in the report but I do not get the split ... what is wrong with it?

Thanks,

Dom

  • Everything i listed properly in the test Active Discovery but the report does not show anything anymore !!!

    Checking ...

    Thanks,

    Dom

  • I remove the "+ "&cert.issuedby=" + (($_.Issuer -split ",") |? {$_ -like "CN=*"}) -replace "CN=" `" from the Active Discovery script and now I am getting:

    Checking why this line is removing everything from the report!!!

    Thanks,

    Dom

  • I could add more fields but IssuedTo, IssuedBy are causing issues, ...

    Also the days to expire are not the ones 28 7 2 !!! set in the threshold of the Datasource? Should the threshold set somewhere else?

    The content of common name seems blanks : should it be: commonname, Subject, Subject Alternative Name (SAN)... other?

    Thanks,

    Dom

  • Anonymous's avatar
    Anonymous

    Waiting to see it in the report is not the right place to verify that the script is outputting correctly. You should be verifying by using the "Test Active Discovery" button. This will help you ensure that the properties are getting created properly and let you adjust the script so that it outputs the right data. 

  • You are correct the script does not show the missing data either:

    Quote

    ##--------------- Discovery ------------------##
    $pshost = Get-Host              # Get the PowerShell Host.
    $pswindow = $pshost.UI.RawUI    # Get the PowerShell Host's UI.

    $newsize = $pswindow.BufferSize # Get the UI's current Buffer Size.
    $newsize.width = 800            # Set the new buffer's width to 800 columns.
    $pswindow.buffersize = $newsize # Set the new Buffer Size as active.

    $newsize = $pswindow.windowsize # Get the UI's current Window Size.
    $newsize.width = 800            # Set the new Window Width to 800 columns.
    $pswindow.windowsize = $newsize # Set the new Window Size as active.

    $readOnly     = [System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
    $localMachine = [System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
    $store        = new-object System.Security.Cryptography.X509Certificates.X509Store( "\\##SYSTEM.SYSNAME##\my", $localMachine )

    $store.Open( $readOnly )

    $store.Certificates `
    | Select-Object { `
      $_.Thumbprint + "##" `
      + $_.Issuer + "##" `
    + $_.Subject + $_.Issuer + $_.NotAfter + "##" `
    + "##" `
    + "cert.issuer=" + $_.Issuer `
    + "&cert.friendlyname=" + $_.FriendlyName `
    + "&cert.serialnumber=" + $_.SerialNumber `
    + "&cert.thumbprint=" + $_.Thumbprint `
    + "&cert.days=" + ($_.NotAfter - [datetime]::Today).Days `
    + "&cert.commonName=" + $_.Subject `
    } `
    | Format-Table -HideTableHeaders

    The days is showing but why the big numbers like way other the 28 7 2 threholds!!!?

    The commonname field does not show so this means it should not be the correct parameter... not sure if I should used the $_.Subject, SubjectAlternativeName (SAN) not sure which name it will have..., Issuedto, Issuedby, ...

    Trying to find a list of names for all these parameters..

    Thanks,
    Dom