none
ADCS: Manage CA roles from the cmdline

    Question

  • Hi all,

    As defined in https://technet.microsoft.com/en-us/library/cc732590.aspx a CA has different roles, which can be configured in the CA Properties in the Security tab.

    This is straight forward, however I want to automate the configuration and therefore I wonder, how can I script the ACL I mentioned above?

    Thanks,
    Michael

    Friday, March 10, 2017 4:55 PM

Answers

  • The CA ACL is not really the same as Enrollment Agent ACL, however you lead me into the right direction.

    Vadmins provides in his PSPKI Module the Cmdlet  Set-CASecurityDescriptor, that can be used to modify the CA ACL.

    Thanks

    • Marked as answer by mhedv Tuesday, March 14, 2017 2:23 PM
    Tuesday, March 14, 2017 2:23 PM

All replies