Hello All
Can someone please help me with the following question.
Basically I want to retrieve and add certificates from a remotes computers X509 crytographic store. Now I can do this no problem for domain joined computers e.g. where I am also logged into the domain on another computer with enough rights (e.g. domain admin for example)
for example to get a list of the certs on a remove computer in its LocalMachine\My store I can do the following (I know I do not need the Invoke-Command in this instance just leaving there as relevent to the second example)
$ComputerName = "DomainJoinedComputer1"
$RemoteX590Store = new-object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList "$ComputerName\My","LocalMachine"
invoke-command {($Args[0]).Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadOnly)} -ArgumentList $RemoteX590Store
$RemoteX590Store.Certificates
So the above works OK, so now I want to do the same but for against a remote computer which is a standalone computer or in an untrusted domain. I know the username and password for said non domain computers, the important thing is these remote non domain computers do not have PowerShell installed, and not remoting (only WMI/ADSI etc)
therefore I now try the following
$ComputerName = "NonDomainJoinedComputer1"
$Cred = Get-Credential
$RemoteX590Store = new-object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList "$ComputerName\My","LocalMachine"
invoke-command {($Args[0]).Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadOnly)} -ArgumentList $RemoteX590Store -Credential $Cred
$RemoteX590Store.Certificates
when I run the above I receive the following error message
Invoke-Command : Parameter set cannot be resolved using the specified named parameters.
At C:\Users\adm.ernie.brant\AppData\Local\Temp\c7511d42-be59-4959-a153-c97782980546.ps1:6 char:1
+ invoke-command {($Args[0]).Open([System.Security.Cryptography.X509Certificates.O ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Invoke-Command], ParameterBindingException
+ FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.PowerShell.Commands.InvokeCommandCommand
So I am thinking OK invoke-command is normally used against remote computers by specifying the -ComputerName parameter, now will not help here against the remote computer as it does not have PowerShell installed.
Can anyone think of a way please where I can get at the X509 store on standalone computers which do not have PowerShell installed. One a similar note I can get and set local user passwords on these computers using ADSI as the constructor has an overload for specifying a username and password. However I cannot find such a constructor overload with the .NET types above.
Any help most welcome
Thanks All
Ernie