Partilhar via


Download and Deploy CRLs fully automated

COMMENT BEGIN
************************************************************************************
PREREQUISITES
************************************************************************************
Configuration @ Sharepoint
Enable-PSRemoting
Enable-WSManCredSSP -Role server -force
Configuration @ Client
Enable-PSRemoting
Enable-WSManCredSSP -Role Client -DelegateComputer * -Force
************************************************************************************
RUNAS USER
************************************************************************************
Must be able to download files from the internet
must be local admin on sp servers
must have read/write access to download path
COMMENT END

$download_path = "\\fileserver\shaere$\CRLs\crl.microsoft.com\"
$sp_servers = "server1","server2","server3","server4","server5","server6"
$cred = Get-Credential -Message "Credentials für Remote PowerShell" -UserName (whoami)

$crls = `
"https://crl.microsoft.com/pki/crl/products/CodeSignPCA.crl", `
"https://crl.microsoft.com/pki/crl/products/CodeSignPCA2.crl", `
"https://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl", `
"https://crl.microsoft.com/pki/crl/products/CSPCA.crl", `
"https://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl"
$i=0
foreach ($crl in $crls)
{
Invoke-WebRequest $crl -Proxy "https://proxy.domain.com:80" -ProxyUseDefaultCredentials -UseBasicParsing -OutFile ($download_path+$i+".crl")
$i++
}

foreach ($server in $sp_servers)
{
Invoke-Command -ComputerName $server -Authentication Credssp -Credential $cred -ArgumentList $download_path -ScriptBlock {
$download_path = $args[0]
foreach ($crl in (Get-ChildItem $download_path))
{
certutil -addstore Root $crl.FullName
}

}
}

OMMENomain