• 0
Cole McDonald

winCertCheck DS comes deactivated...

Question

POSH Code looks sound on it, but troubleshooting shows it will only grab the cert info from the collectors as it's testing the current hostname against the collector name to see if they match, the hostname is being gathered from where the script is running, which is always the Collector... so it will always only return info on the collectors as the if/then never fails to the second state.

 

I'm fixing this in our environment after figuring out the correct sequence of tests to verify local or remote run for the invoke-command.

Share this post


Link to post
Share on other sites

4 answers to this question

Recommended Posts

  • 0

Here's the change I made to the 2 scripts in the DS:

# if ($hostname -eq $collectorName){ #!!! CTM 20190807
if ("##system.collector##" -eq "true"){

First line is the original statement in the scripts commented out (and tagged with my initials and the date of change for auditing later)

This does grab the collectors correctly, but the non-collectors still don't quite work, but this is where I'm going with it... back to troubleshooting.

The payload of the scripts does work directly from the collector, so it should be a sound method of collecting this data.

$server      = "servername_to_test_goes_here"

$scriptBlock = {
   Get-ChildItem Cert:\LocalMachine\My, Cert:\LocalMachine\AuthRoot, Cert:\LocalMachine\Root `
   | Select-Object {$_.Thumbprint + "##" + $_.Thumbprint + "##" + $_.Subject + $_.FriendlyName} `
   | Format-Table -HideTableHeaders
}

Invoke-Command -ComputerName $server -ScriptBlock $scriptBlock

 

Edited by Cole McDonald

Share this post


Link to post
Share on other sites
  • 0

Working now... the WMI.user and .pass were causing some grief and we don't currently use them specifically, so I commented them out temporarily and it started working (Thank you Yussuf!)

Share this post


Link to post
Share on other sites
  • 0

The data gather portion wasn't gathering any data...  Corrected the scope of the $wildValue inside the $ScriptBlock to:

$Using:wildValue

$wildValue is a local variable to the collector and wasn't getting passed into the invoke-command at all... so nothing was matching.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.