Update-RmsMfgEnrollment
Updates enrollment information for an AD RMS server enrolled with the Microsoft Federation Gateway service.
Syntax
Update-RmsMfgEnrollment
[-TokenCert]
[-SigningCert]
[-SetCertificatePermissions]
[-Force]
[-GetDefaultCertificate]
[-CertificateThumbprint <String>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Update-RmsMfgEnrollment cmdlet updates enrollment information for an Active Directory Rights Management Services (AD RMS) server enrolled with the Microsoft Federation Gateway service.
Examples
Example 1: Update support enrollment using the default certificate
PS C:\> Update-RmsMfgEnrollment -GetDefaultCertificateThis command updates the Microsoft Federation Gateway support enrollment for the current AD RMS server by retrieving and using the thumbprint hash of the AD RMS default certificate.
Example 2: Update support enrollment using a specified certificate
PS C:\> Update-RmsMfgEnrollment -CertificateThumbprint "a909502dd82ae41433e6f83886b00d4277a32a7b"This command updates the Microsoft Federation Gateway support enrollment for the current AD RMS server using the thumbprint hash of a non-default certificate.
Example 3: Update the signing certificate for the enrollment
PS C:\> Update-RmsMfgEnrollment -SigningCertThis command updates the Microsoft Federation Gateway support enrollment for the current AD RMS server.
Example 4: Update the token decryption certificate
PS C:\> Update-RmsMfgEnrollment -TokenCertThis command updates the token decryption certificate for the current AD RMS server.
Example 5: Set certificate permissions for the Microsoft Federation Gateway
PS C:\> Update-RmsMfgEnrollment -SetCertificatePermissionsThis command sets certificate permissions for the Microsoft Federation Gateway support enrollment for the current AD RMS.
Parameters
-CertificateThumbprint
Specifies a string containing the thumbprint hash of the certificate being used to update enrollment with the Microsoft Federation Gateway.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-GetDefaultCertificate
When specified, indicates that the thumbprint hash of the AD RMS default certificate should be retrieved and used to update enrollment with the Microsoft Federation Gateway.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SetCertificatePermissions
When specified, indicates that permissions are to be set on the AD RMS server enrollment with the Microsoft Federation Gateway.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SigningCert
When specified, indicates that the Microsoft Federation Gateway signing certificate should be updated (or refreshed in metadata) for the current AD RMS server enrollment.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TokenCert
When specified, indicates that the token decryption certificate should be updated for the AD RMS server enrollment with the Microsoft Federation Gateway.
You can update the token decryption certificate or the Microsoft Federation Gateway certificate, as needed. Because the token decryption certificate is the SSL certificate for the AD RMS cluster, you must update the token decryption certificate if the cluster SSL certificate expires. After you update the token decryption certificate, you must grant the AD RMS Services group permission to access the certificate on all servers in the AD RMS cluster.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
Outputs
None