Check Certs Installed on AD Domain Controllers

This will query server certificates installed on all domain controllers

Get-ADDomainController -Filter * | 
    %{Invoke-Command -ComputerName $_.hostname -ScriptBlock {gci Cert:\LocalMachine\My\}} | 
    ft -AutoSize @{n='DC';e={$_.PSComputerName}}, Thumbprint, @{n='Expires';e={$_.NotAfter}}, @{n='SubjectAlternativeNames';e={$_.DnsNameList}}

which will display the following output

Leave a comment

Your email address will not be published. Required fields are marked *