用于扫描 OU 中所有服务器的过期 SSL 证书的 Powershell 脚本不起作用
Powershell script to scan for Expired SSL certificate for all server in OU not working
我使用 DOMAIN\Administrator 帐户作为凭据 运行 下面的 PowerShell 脚本扫描过期的 SSL 证书:
$ScriptBlock = {
Get-ChildItem Cert:\*\My -Recurse |
Select-Object Subject,
DnsNameList,
NotAfter,
NotBefore,
Thumbprint,
Issuer,
@{n = "SAN"; e = {Try {($_.Extensions | Where-Object {$_.Oid.Value -eq '2.5.29.17'}).Format(0)} Catch {} }},
@{n = "IsValid"; e = {$today = Get-Date; If ( $_.NotBefore -lt $today -and $_.NotAfter -gt $today ) { $true } Else {$false} } } }
$computers = Get-ADComputer -Filter {Enabled -eq $True -and OperatingSystem -like "*Server*"} -SearchBase "OU=Servers,OU=Production Site 1,DC=Domain,DC=com" |
Where-Object {Test-Connection $_.Name -Count 1 -Quiet} |
Select-Object -expandProperty DnsHostName |
Export-Csv -Path C:\Logs\SSL.csv -NoTypeInformation
$adCred = Get-Credential Invoke-Command -ComputerName $computers
-ScriptBlock $ScriptBlock -Credential $adCred
但是,然后我得到了错误:
[Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData]
Connecting to remote server
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData failed
with the following error message : WinRM cannot process the request.
The following error occurred while using Kerberos authentication:
Cannot find the computer
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData. Verify
that the computer exists on the network and that the name provided is
spelled correctly. For more information, see the
about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (Microsoft.Power...FormatEntryData:String) [], PSRemotingTransportException
+ FullyQualifiedErrorId : NetworkPathNotFound,PSSessionStateBroken
如何修复它以便我可以获得 CSV 结果?
更新后的错误代码现在是:
Invoke-Command : Cannot validate argument on parameter 'ComputerName'.
The argument is null or empty. Provide an argument that is not null or
empty, and then try the command again. At line:19 char:30
+ Invoke-Command -ComputerName $computers -ScriptBlock $ScriptBlock -Cr ...
+ ~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand
这一行一开始就不正确
$computers = Get-ADComputer -Filter {Enabled -eq $True} -SearchBase "OU=Servers,OU=Production,DC=Domain,DC=com" |
Select-Object -expandProperty DnsHostName |
Select-Object -expandProperty DnsHostName | #bad line
Export-Csv -Path C:\Logs\SSL.csv -NoTypeInformation
应该是
$computers = Get-ADComputer -Filter {Enabled -eq $True} -SearchBase "OU=Servers,OU=Production,DC=Domain,DC=com" |
Select-Object -expandProperty DnsHostName |
Export-Csv -Path C:\Logs\SSL.csv -NoTypeInformation
我使用 DOMAIN\Administrator 帐户作为凭据 运行 下面的 PowerShell 脚本扫描过期的 SSL 证书:
$ScriptBlock = {
Get-ChildItem Cert:\*\My -Recurse |
Select-Object Subject,
DnsNameList,
NotAfter,
NotBefore,
Thumbprint,
Issuer,
@{n = "SAN"; e = {Try {($_.Extensions | Where-Object {$_.Oid.Value -eq '2.5.29.17'}).Format(0)} Catch {} }},
@{n = "IsValid"; e = {$today = Get-Date; If ( $_.NotBefore -lt $today -and $_.NotAfter -gt $today ) { $true } Else {$false} } } }
$computers = Get-ADComputer -Filter {Enabled -eq $True -and OperatingSystem -like "*Server*"} -SearchBase "OU=Servers,OU=Production Site 1,DC=Domain,DC=com" |
Where-Object {Test-Connection $_.Name -Count 1 -Quiet} |
Select-Object -expandProperty DnsHostName |
Export-Csv -Path C:\Logs\SSL.csv -NoTypeInformation
$adCred = Get-Credential Invoke-Command -ComputerName $computers
-ScriptBlock $ScriptBlock -Credential $adCred
但是,然后我得到了错误:
[Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData] Connecting to remote server Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData failed with the following error message : WinRM cannot process the request. The following error occurred while using Kerberos authentication: Cannot find the computer Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData. Verify that the computer exists on the network and that the name provided is spelled correctly. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo : OpenError: (Microsoft.Power...FormatEntryData:String) [], PSRemotingTransportException + FullyQualifiedErrorId : NetworkPathNotFound,PSSessionStateBroken
如何修复它以便我可以获得 CSV 结果?
更新后的错误代码现在是:
Invoke-Command : Cannot validate argument on parameter 'ComputerName'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. At line:19 char:30 + Invoke-Command -ComputerName $computers -ScriptBlock $ScriptBlock -Cr ... + ~~~~~~~~~~ + CategoryInfo : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand
这一行一开始就不正确
$computers = Get-ADComputer -Filter {Enabled -eq $True} -SearchBase "OU=Servers,OU=Production,DC=Domain,DC=com" |
Select-Object -expandProperty DnsHostName |
Select-Object -expandProperty DnsHostName | #bad line
Export-Csv -Path C:\Logs\SSL.csv -NoTypeInformation
应该是
$computers = Get-ADComputer -Filter {Enabled -eq $True} -SearchBase "OU=Servers,OU=Production,DC=Domain,DC=com" |
Select-Object -expandProperty DnsHostName |
Export-Csv -Path C:\Logs\SSL.csv -NoTypeInformation