Add-CertificateEnrollmentPolicyServer
Adds an enrollment policy server to the current user or local system configuration.
Syntax
Default (Default)
Add-CertificateEnrollmentPolicyServer
[-NoClobber]
-Url <Uri>
[-RequireStrongValidation]
[-Credential <PkiCredential>]
-context <Context>
[-AutoEnrollmentEnabled]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Add-CertificateEnrollmentPolicyServer cmdlet adds an enrollment policy server to the current
user or local system configuration. If an enrollment policy server already exists, then this cmdlet
will overwrite it. Group Policy can be configured to prevent enrollment policy servers from being
added.
Delegation may be required when using this cmdlet with Windows PowerShell remoting and changing user configuration.
Examples
EXAMPLE 1
Add-CertificateEnrollmentPolicyServer -Url $url -Context Machine
This example loads a policy from $url using Windows integrated authentication under the computer
context, using the computer account credentials. This example also adds the policy server to the
local computer configuration. Auto enrollment is off and strong validation is off.
EXAMPLE 2
$cert = Get-ChildItem -Path cert:\LocalMachine\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF
$parameters = @{
Url = $cert.EnrollmentPolicyEndPoint.Url
Credential = $cert
Context = 'Machine'
}
Add-CertificateEnrollmentPolicyServer @parameters
This example loads a policy using $cert as the authentication credential and adds the policy to
the local computer local configuration since the context is the local computer (Machine).
EXAMPLE 3
$up = Get-Credential
Add-CertificateEnrollmentPolicyServer -Url $url -Context Machine -Credential $up
This example loads a policy using the username and password from $url.
This example adds the policy server to the local computer configuration.
EXAMPLE 4
$cert = Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF
$parameters = @{
Url = $cert.EnrollmentPolicyEnd
Credential = $cert.PSPath
Context = 'Machine'
}
Add-CertificateEnrollmentPolicyServer @parameters
This example loads policy using the Path object for a certificate. Use the certificate to authenticate to the URL and add the policy server into the local user configuration.
EXAMPLE 5
$up = Get-Credential
Add-CertificateEnrollmentPolicyServer -Url $url -Context User -Credential $up -WhatIf
What if: Policy successfully loaded from {$url} using username/password credentials.
Policy server configuration will be added to current user context.
This example shows that if the policy cannot be loaded or if there is a conflict with an identifier (ID) or URL, then this will be the output.
If the policy server already exists, then the output will state that the existing policy server configuration will be overwritten.
Parameters
-AutoEnrollmentEnabled
Enables auto-enrollment for the policy server being added.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Context
Stores information about the policy server in the configuration for the Current User or Local computer.
Parameter properties
| Type: | Microsoft.CertificateServices.Commands.Context |
| Default value: | None |
| Accepted values: | Machine, User |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Credential
Specifies the credential used to authenticate to the policy server. This credential can be a PSCredential object, which is a username and password, an x509 certificate, or a path to an x509 certificate. Kerberos authentication is used if no credential is specified.
Parameter properties
| Type: | Microsoft.CertificateServices.Commands.PkiCredential |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-NoClobber
Prevents an enrollment policy server from overwriting an existing one.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RequireStrongValidation
Specifies that the certificate obtained through this enrollment policy server must be trusted on the client.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Url
Identifies the uniform resource locator (URL) of the enrollment policy server to configure.
Parameter properties
| Type: | Uri |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
Microsoft.CertificateServices.Commands.EnrollmentPolicyServer
The EnrollmentPolicyServer object contains information about the certificate enrollment policy.
Outputs
Microsoft.CertificateServices.Commands.EnrollmentPolicyServer
The EnrollmentPolicyServer object contains information about the certificate enrollment policy.