Equivalent of the pkiview.msc snap-in or even better of the [camonitor.vbs](http://gallery.technet.microsoft.com/scriptcenter/164e8047-d7bf-4774-91cf-90d46b82e725) script.
This would take as input either a CA object or no object at all (i.e. all CAs in AD forest), optionally threshold values (ideally as an absolute value or a percentage value of the total validity) to define expiring certificates/CRLs.
Contrarily to the camonitor.vbs script, I don't think it should log or email anything on its own. It would simply serve as a building block for a monitoring script that would deal with the alerting itself.
The output should use a PowerShell friendly object structure (no host output that is).
This would take as input either a CA object or no object at all (i.e. all CAs in AD forest), optionally threshold values (ideally as an absolute value or a percentage value of the total validity) to define expiring certificates/CRLs.
Contrarily to the camonitor.vbs script, I don't think it should log or email anything on its own. It would simply serve as a building block for a monitoring script that would deal with the alerting itself.
The output should use a PowerShell friendly object structure (no host output that is).
