Unable to generate self signed certificate using Powershell - powershell

Windows 10, Windows PowerShell ISE
I'm trying to run the example I found at https://damienbod.com/2019/06/27/using-chained-certificates-for-certificate-authentication-in-asp-net-core-3-0/
New-SelfSignedCertificate
-DnsName "root_ca_dev_test.com", "root_ca_dev_test.com"
-CertStoreLocation "cert:\LocalMachine\My"
-NotAfter (Get-Date).AddYears(20)
-FriendlyName "root_ca_dev_test.com"
-KeyUsageProperty All
-KeyUsage CertSign, CRLSign, DigitalSignature
$mypwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText
Get-ChildItem -Path cert:\localMachine\my\"The thumbprint..." | Export-PfxCertificate -FilePath C:\git\root_ca_dev_test.pfx -Password $mypwd
Export-Certificate -Cert cert:\localMachine\my\"The thumbprint..." -FilePath root_ca_dev_test.crt
I'm getting the following errors:
New-SelfSignedCertificate : Missing Subject information. The CloneCert parameter, DnsName parameter or Subject Alternative Name
extension must be specified
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:5 char:1
+ New-SelfSignedCertificate
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-SelfSignedCertificate], ParameterBindingException
+ FullyQualifiedErrorId : RuntimeException,Microsoft.CertificateServices.Commands.NewSelfSignedCertificateCommand
-DnsName : The term '-DnsName' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:6 char:4
+ -DnsName "root_ca_dev_test.com", "root_ca_dev_test.com"
+ ~~~~~~~~
+ CategoryInfo : ObjectNotFound: (-DnsName:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
-CertStoreLocation : The term '-CertStoreLocation' is not recognized as the name of a cmdlet, function, script file, or operable
program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:7 char:4
+ -CertStoreLocation "cert:\LocalMachine\My"
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (-CertStoreLocation:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
-NotAfter : The term '-NotAfter' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:8 char:4
+ -NotAfter (Get-Date).AddYears(20)
+ ~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (-NotAfter:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
-FriendlyName : The term '-FriendlyName' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:9 char:4
+ -FriendlyName "root_ca_dev_test.com"
+ ~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (-FriendlyName:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
-KeyUsageProperty : The term '-KeyUsageProperty' is not recognized as the name of a cmdlet, function, script file, or operable
program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:10 char:4
+ -KeyUsageProperty All
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (-KeyUsageProperty:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
-KeyUsage : The term '-KeyUsage' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:11 char:4
+ -KeyUsage CertSign, CRLSign, DigitalSignature
+ ~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (-KeyUsage:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
Get-ChildItem : Cannot find path '\localMachine\my\The thumbprint...' because it does not exist.
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:15 char:1
+ Get-ChildItem -Path cert:\localMachine\my\"The thumbprint..." | Expor ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (\localMachine\my\The thumbprint...:String) [Get-ChildItem], ItemNotFoundException
+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
Export-PfxCertificate : Object reference not set to an instance of an object.
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:15 char:65
+ ... print..." | Export-PfxCertificate -FilePath C:\git\root_ca_dev_test.p ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Export-PfxCertificate], NullReferenceException
+ FullyQualifiedErrorId : System.NullReferenceException,Microsoft.CertificateServices.Commands.ExportPfxCertificate
Export-Certificate : Cannot bind parameter 'Cert' to the target. Exception setting "Cert": "Cannot find path
'Cert:\localMachine\my\The thumbprint...' because it does not exist."
At U:\Development\Server-Side\Certificates\Generate Certificate - Example1.ps1:17 char:26
+ ... t-Certificate -Cert cert:\localMachine\my\"The thumbprint..." -FilePa ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : WriteError: (:) [Export-Certificate], ParameterBindingException
+ FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.CertificateServices.Commands.ExportCertificateCommand
I installed the PKI module though I did read I need the PKIClient module. However, I am unable to find it anywhere online. Do I need this module or is the PKI one sufficient?
Thanks

You have to use this:
New-SelfSignedCertificate `
-DnsName "root_ca_dev_test.com", "root_ca_dev_test.com" `
-CertStoreLocation "cert:\LocalMachine\My" `
-NotAfter (Get-Date).AddYears(20) `
-FriendlyName "root_ca_dev_test.com" `
-KeyUsageProperty All `
-KeyUsage CertSign, CRLSign, DigitalSignature
$mypwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText
Get-ChildItem -Path "cert:\localMachine\my\'The thumbprint...'" | Export-PfxCertificate -FilePath "C:\git\root_ca_dev_test.pfx" -Password $mypwd
Export-Certificate -Cert "cert:\localMachine\my\'The thumbprint...'" -FilePath root_ca_dev_t
The parameters should be continued using a backtick. Otherwise powershell will not recognize it.

Related

Powershell creating OU's

$DEPsOUs = #("A","B","C","D")
$createOUs = #('Users', 'Tester')
ForEach ($DEPOU In $DEPsOUs) {
$DEPOUDN = Get-ADOrganizationalUnit -Filter "Name -like '$DEPOU'" | select DistinguishedName | Format-Table -HideTableHeaders | Out-String
#write-host "$DEPOUDN" #checking if output is a string
ForEach ($createOU IN $createOUs) {
New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
}
}
this is the script, I just created some test OU's inside active directory. the script works but I get some weird issues which I don't understand.
New-ADOrganizationalUnit : The object name has bad syntax
At line:7 char:9
+ New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (OU=Users,
OU=A...,DC=local
:String) [New-ADOrganizationalUnit], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADOrganizationalUni
t
New-ADOrganizationalUnit : The object name has bad syntax
At line:7 char:9
+ New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (OU=Tester,
OU=...,DC=local
:String) [New-ADOrganizationalUnit], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADOrganizationalUni
t
New-ADOrganizationalUnit : The object name has bad syntax
At line:7 char:9
+ New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (OU=Users,
OU=B...,DC=local
:String) [New-ADOrganizationalUnit], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADOrganizationalUni
t
New-ADOrganizationalUnit : The object name has bad syntax
At line:7 char:9
+ New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (OU=Tester,
OU=...,DC=local
:String) [New-ADOrganizationalUnit], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADOrganizationalUni
t
New-ADOrganizationalUnit : The object name has bad syntax
At line:7 char:9
+ New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (OU=Users,
OU=C...,DC=local
:String) [New-ADOrganizationalUnit], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADOrganizationalUni
t
New-ADOrganizationalUnit : The object name has bad syntax
At line:7 char:9
+ New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (OU=Tester,
OU=...,DC=local
:String) [New-ADOrganizationalUnit], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADOrganizationalUni
t
New-ADOrganizationalUnit : The object name has bad syntax
At line:7 char:9
+ New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (OU=Users,
OU=D...,DC=local
:String) [New-ADOrganizationalUnit], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADOrganizationalUni
t
New-ADOrganizationalUnit : The object name has bad syntax
At line:7 char:9
+ New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (OU=Tester,
OU=...,DC=local
:String) [New-ADOrganizationalUnit], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADOrganizationalUni
t
can somebody clarify what is going on ? it creates the OU's with success but this issue appeared.i lauched it in Powershell ISE
I tried a few thing by converting it to string but doesn't really make sense to me when my arrays are string arrays.
You just need to expand the DistinguishedName attribute instead of using Format-Table (meant only for console display) and Out-String:
$DEPsOUs = #("A","B","C","D")
$createOUs = #('Users', 'Tester')
ForEach ($DEPOU In $DEPsOUs) {
$DEPOUDN = (Get-ADOrganizationalUnit -Filter "Name -eq '$DEPOU'").DistinguishedName
ForEach ($createOU IN $createOUs) {
New-ADOrganizationalUnit -Name $createOU -Path $DEPOUDN
}
}

In windows powershell ISE, trying to bulk update people information. I get this error message

I'm trying to bulk update people information. I get this error message.
The users2.csv file contains this:
UserPrincipalName,Company,CountryOrRegion,DisplayName,Fax,FirstName,Initials,LastName,MobilePhone,Phone,Title,WindowsEmailAddress,Name
test#bio-dynamics.be,Bio-Dynamics,Belgium,Test,Test,Test,Test,Test,Test,Test,Test,test#bio-dynamics.be,Test
test2#bio-dynamics.be,Bio-Dynamics,France,Test2,Test2,Test2,Test2,Test2,Test2,Test2,Test2,test2#bio-dynamics.be,Test2
The error message is this:
PS C:\WINDOWS\system32> Import-Csv "c:\scripts\users2.csv" | ForEach {Set-user UserPrincipalName $_.UserPrincipalName -Company $_.company -CountryOrRegion $_.CountryOrRegion -DisplayName $_.DisplayName -Fax $_.Fax -FirstName $_.FirstName -Initials $_.Initials -LastName $_.LastName -MobilePhone $_.MobilePhone -Phone $_.Phone -Title $_.Title -WindowsEmailAddress $_.WindowsEmailAddress -Name $_.Name}
A positional parameter cannot be found that accepts argument 'test#bio-dynamics.be'.
+ CategoryInfo : InvalidArgument: (:) [Set-User], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Set-User
+ PSComputerName : outlook.office365.com
A positional parameter cannot be found that accepts argument 'test2#bio-dynamics.be'.
+ CategoryInfo : InvalidArgument: (:) [Set-User], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Set-User
+ PSComputerName : outlook.office365.com
Can anybody help point me toward the problem? Thank you so much!

How to use error variable and error action in this cmd New-ADOrganizationalUnit

I am trying to use error action on powershell command New-ADOrganizationUnit. I want continue silently -EA SilentlyContinue. I am able to do for other commands.
PS C:\Users\154948> New-ADOrganizationalUnit -Name $INNCODE -Path "OU=???,OU=???,DC=??,DC=???,DC=???,DC=???" -ea SilentlyContinue -ErrorVariable myerror
New-ADOrganizationalUnit : The term 'New-ADOrganizationalUnit' is not
recognized as the name of a cmdlet, function, script file, or operable
program. Check the spelling of the name, or if a path was included,
verify that the path is correct and try again. At line:1 char:1
+ New-ADOrganizationalUnit -Name $INNCODE -Path "OU=???,OU=???,DC ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (New-ADOrganizationalUnit:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
PS C:\Users\154948> Stop-Process "13" -ea SilentlyContinue -ErrorVariable myerror
PS C:\Users\154948> $myerror
Stop-Process : Cannot find a process with the process identifier 13.
At line:1 char:1
+ Stop-Process "13" -ea SilentlyContinue -ErrorVariable myerror
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (13:Int32) [Stop-Process], ProcessCommandException
+ FullyQualifiedErrorId : NoProcessFoundForGivenId,Microsoft.PowerShell.Commands.StopProcessCommand
Regards,
Nikita
-ErrorAction SilentlyContinue is never going to work on a cmdlet that PowerShell doesn't recognize.
Make sure you have the ActiveDirectory module loaded and try again.

Add a disk on my virtual machine Azure

I am doing the this tutorial https://technet.microsoft.com/library/mt771177.aspx
The thing is I made my virtual machine and asign to the lun a 0.
The problem is I don t quite understand what does it mean to asign 0 to lun, and how does it affect that the following scrip to fail.
disk=Get-Disk | where {$_.PartitionStyle -eq "RAW"}
$diskNumber=$disk.Number
Initialize-Disk -Number $diskNumber
New-Partition -DiskNumber $diskNumber -UseMaximumSize -AssignDriveLetter
Format-Volume -DriveLetter F
disk=Get-Disk : The term 'disk=Get-Disk' is not recognized as the name of a cmdlet, function, script file, or operable
program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1
+ disk=Get-Disk | where {$_.PartitionStyle -eq "RAW"}
+ ~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (disk=Get-Disk:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
Initialize-Disk : Cannot validate argument on parameter 'Number'. The argument is null. Provide a valid value for the
argument, and then try running the command again.
At line:3 char:25
+ Initialize-Disk -Number $diskNumber
+ ~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Initialize-Disk], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Initialize-Disk
New-Partition : Cannot validate argument on parameter 'DiskNumber'. The argument is null. Provide a valid value for
the argument, and then try running the command again.
At line:4 char:27
+ New-Partition -DiskNumber $diskNumber -UseMaximumSize -AssignDriveLet ...
+ ~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [New-Partition], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,New-Partition
Format-Volume : No MSFT_Volume objects found with property 'DriveLetter' equal to 'F'. Verify the value of the
property and retry.
At line:5 char:1
+ Format-Volume -DriveLetter F
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (F:Char) [Format-Volume], CimJobException
+ FullyQualifiedErrorId : CmdletizationQuery_NotFound_DriveLetter,Format-Volume
You're not setting the variable correctly.
Your code...
disk=Get-Disk | where {$_.PartitionStyle -eq "RAW"}
Needs to have a $ in front to make "disk" a variable
$disk = Get-Disk | where {$_.PartitionStyle -eq "RAW"}

passing parameters from command line to powershell

When I run the following command in command line
powershell.exe "Import-Module ActiveDirectory;New-ADUser -name "rr"
-path "OU=Test,DC=Example,DC=com"
I get the error below:
New-ADUser : Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'Path'. Specified method is not supported.
At line:1 char:56
+ Import-Module ActiveDirectory;New-ADUser -name rr -path <<<< OU=Test,DC=Example,DC=com
+ CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.Management.Commands.NewADUser
Try this:
powershell.exe "Import-Module ActiveDirectory;New-ADUser -name 'rr' `
-path 'OU=Test,DC=Example,DC=com'"