I was doing some more research, going nuts trying to get my totally functional script from domain A working in domain B .... when I found this article:
http://pspki.codeplex.com/discussions/361720
It turns out this is the EXACT issue I am having in problematic Domain B.
The discussion above sites a work order, but the link refering to the work order has no meaningful target behind it.
Do you have any recomendations as to how I can impliment a work-around for trying to query CAs at the forest level, rather than at the domain level ?
Would I be able to modify some of the files in the module for forest-level CAs, and then put a little extra logic in my script so that if CAs in domain A use:
connect-ca $certsrv | get-issuedcertificate [ ... ]
and CAs in domain B (at the forest level) use:
connect-forest-ca $certsrv | get-forest-issuedcertificates [ ... ]
etc ??
Thanks !
http://pspki.codeplex.com/discussions/361720
It turns out this is the EXACT issue I am having in problematic Domain B.
The discussion above sites a work order, but the link refering to the work order has no meaningful target behind it.
Do you have any recomendations as to how I can impliment a work-around for trying to query CAs at the forest level, rather than at the domain level ?
Would I be able to modify some of the files in the module for forest-level CAs, and then put a little extra logic in my script so that if CAs in domain A use:
connect-ca $certsrv | get-issuedcertificate [ ... ]
and CAs in domain B (at the forest level) use:
connect-forest-ca $certsrv | get-forest-issuedcertificates [ ... ]
etc ??
Thanks !