Updated Wiki: Set-CertificateTemplateAcl

[This command requires installed Remote Server Administration Tools (RSAT)]

Name

Set-CertificateTemplateAcl

SYNOPSIS

Changes the security descriptor of a certificate template.

SYNTAX

Set-CertificateTemplateAcl [-InputObject] <SecurityDescriptor[]> [<CommonParameters>]

DESCRIPTION

The Set-CertificateTemplateAcl cmdlet writes the security descriptor of a specified certificate template to the actual certificate template object, to match the values in a security descriptor that you supply.

Note: in order to edit certificate template ACL, you must be granted for Enterprise Admins permissions or delegated permissions on 'Certificate Templates' Active Directory container.

PARAMETERS

-InputObject<SecurityDescriptor[]>

Specifies an ACL object of certificate template. This object can be retrieved by runningAdd-CertificateTemplateAcl or Remove-CertificateTemplateAcl cmdlet.

Required?	True
Position?	0
Default value
Accept pipeline input?	true (ByValue, ByPropertyName)
Accept wildcard characters?	False

<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
bout_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).

INPUTS

PKI.Security.SecurityDescriptor

OUTPUTS

PKI.Security.SecurityDescriptor

NOTES

Author: Vadims Podans
Blog: http://en-us.sysadmins.lv

EXAMPLES

-------------- Example 1 --------------

PS C:\> Get-CertificateTemplate -Name WebServer | Get-CertificateTemplate | Add-CertificateTemplateAcl -User WebServerGroup -AccessType Allow -AccessMask Read, Enroll

This commands adds 'WebServerGroup' security group to the certificate template 'WebServer' and grants Read and Enroll permissions. After that, a new ACL is written to the actual object.

-------------- Example 2 --------------

PS C:\> Get-CertificateTemplate -Name WebServer | Get-CertificateTemplateAcl | Remove-CertificateTemplateAcl -User OldWebServer -AccessType Allow | Set-CertificateTemplateAcl

This commands removes all granted permissions for 'OldWebServer' account from 'WebServer' certificate template ACL. After that, a new ACL will be written to the actual certificate template object (Set-CertificateTemplateAcl).

PowerShell Requirements

PowerShell 2.0

Operating System Requirements

Windows XP
Windows Vista
Windows 7
Windows 8
Windows 8.1
Windows Server 2003 all editions
Windows Server 2008 all editions
Windows Server 2008 R2 all editions
Windows Server 2012 all editions
Windows Server 2012 R2 all editions

Updated Wiki: Set-CertificateTemplateAcl

Trending Articles

Scuffham Amps - S-GEAR 2.6.0 VST, AAX, STANDALONE x86 x64 (R2R NO iLok2, +NO...

Practice Sheet of Right form of verbs for HSC Students

VHSE First (1st) Allotment 2025 - vhscap.kerala.gov.in

UNIVERSE LEAGUE – UNIVERSE LEAGUE – WAR (We Are Ready) – EP [iTunes Plus M4A]

City Hunter Teledrama – Episode 18 – 07th May 2016

Comment on Proposed Criteria for Identifying Predatory Conferences by Luke...

Bureau of Internal Revenue: Regional Offices (Directory)

Kendrick Lamar – Not Like Us (2024) [24Bit-88.2kHz] [PMEDIA] ⭐️

Inception 2010 Hindi Dual Audio 650MB BRRip 720p ESubs HEVC

East Hull MD admits sexual assaults after another victim comes forward

Download: Ziba Zako ft Rich Bizzy & General Kanene – Chikwati (Prod by: Bicko...

R. v. Sargeant, 2023 ONSC 6406 (CanLII)

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

Who’s been sentenced at Northampton Magistrates’ Court

मतलबी दोस्त स्टेट्स | Matlabi Dost Status in Hindi – Selfish Friends Status

Family cries out as traditional ruler allegedly abducts brother, extorts N2.5m

Long-Running Conflict In Springfield (MA) Gangland Sphere Has Manzi Family &...

Wondershare Filmora X v10.1.20.16 x64

Man arrested after fracas in flat

Man charged in ongoing Sexual Assault Investigation Derek Nyilas, 46, Faces...