[This command is not available in non-domain environments]
[This command requires installed Remote Server Administration Tools (RSAT)]
Name
Set-CATemplate
SYNOPSIS
Writes certificate templates to a specified Certification Authority (CA).
SYNTAX
Set-CATemplate [-InputObject] <CATemplate[]> [<CommonParameters>]
DESCRIPTION
Writes certificate templates to a specified Certification Authority (CA).
This command will rewrite all certificate templates assigned to a CA server with a new template list.
PARAMETERS
-InputObject<CATemplate[]>
Specifies the Certification Authority with assigned templates. This object can be retrieved by running eitherAdd-CATemplate orRemove-CATemplate command.
| Required? | True |
| Position? | 0 |
| Default value | |
| Accept pipeline input? | true (ByValue, ByPropertyName) |
| Accept wildcard characters? | False |
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
bout_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
PKI.CertificateServices.CATemplate
OUTPUTS
PKI.CertificateServices.CATemplate
NOTES
Author: Vadims Podans
Blog: http://en-us.sysadmins.lv
EXAMPLES
-------------- Example 1 --------------
PS C:\> Get-CertificationAuthority -Name "Company CA01" | Get-CATemplate | Add-CATemplate -Name "SmartCardV2","OfflineComputer" | Set-CATemplate
This command will add 'SmartCardV2' and 'OfflineComputer' templates (must be created by using Certificate Templates MMC snap-in by duplicating existing templates) and assigns them to a 'Company CA01' certification authority.
-------------- Example 2 --------------
PS C:\> Get-CertificationAuthority | Get-CATemplate | Add-CATemplate -DisplayName "Computer V2", "CA Exchange" | Set-CATemplate
This command will add templates with display names: 'Computer V2' (must be created by using Certificate Templates MMC snap-in by duplicating existing templates) and CA Exchange and assigns them to all Enterprise CAs in the forest.
This example is useful to provide template redundancy, so clients are able to enroll for a certificate even one CA server is down.
-------------- Example 3 --------------
PS C:\> $Template = Get-CertificateTemplate -Name WebServer C:\PS>Get-CertificationAuthority ca01.company.com | Get-CATemplate | Add-CATemplate -Template $Template | Set-CATemplate
In this example the first command retrieves template object by running Get-CertificateTemplate command. In the second line adds this template to a CA server running on 'ca01.company.com' server.
-------------- Example 4 --------------
PS C:\> Get-CertificationAuthority -Name "Company CA01" | Get-CATemplate | Remove-CATemplate -Name "Machine","WebServer" | Set-CATemplate
This command will remove 'Machine' and 'WebServer' templates from 'Company CA01' CA server. CA server will unable to issue any certificates based on specified templates.
-------------- Example 5 --------------
PS C:\> Get-CertificationAuthority | Get-CATemplate | Remove-CATemplate -DisplayName "Domain Controller" | Set-CATemplate
This command will remove 'Domain Controller' template from all Enterprise CAs in the forest.
-------------- Example 6 --------------
PS C:\> $Template = Get-CertificateTemplate -DisplayName "Key Recovery Agent" C:\PS>Get-CertificationAuthority ca01.company.com | Get-CATemplate | Remove-CATemplate -Template $Template | Set-CATemplate
In this example first command retrieves 'Key Recovery Agent' template object. In the second line specified template will be removed from CA server running on 'ca01.company.com' server.
RELATED LINKS
Get-CertificationAuthority
Connect-CertificationAuthority
Get-CATemplate
Add-CATemplate
Remove-CATemplate
PowerShell Requirements
- PowerShell 2.0
Operating System Requirements
- Windows Server 2003 all editions
- Windows Server 2008 all editions
- Windows Server 2008 R2 all editions
- Windows Server 2012 all editions
- Windows Server 2012 R2 all editions