Show your support: Vote for AD cmdlets, PowerShell, and PowerGUI

If Get-QADUser (or any other QAD cmdlet) or PowerGUI ever saved your day – now is a good time to show your love and spread the news. 🙂

Windows IT Pro magazine put us in their community award finals. So if you want to show your support:

1. Simply go to the award voting page,

2. For the first nomination, Best Active Directory & Group Policy Product, pick Quest Software ActiveRoles Management Shell for Active Directory (who would have thought that the official name was so long):

3. And obviously leave them a note in the Give us a killer quote about your winner! box.

4. Also, believe it or not 17. Best Microsoft Product has PowerShell as one of the options.

5. 21. Best Scripting Tool has Quest Software PowerGUI:

6. And obviously feel free to either ignore all other categories or cast your vote there as well.

Cast your vote now – before the contest is over.

Advertisement

Clean up expired certificates from AD

Security MVP Vadims Podans just did a great post on using PowerShell to remove expired user certificates from Active Directory.

In a nutshell,

• If your company is using certificates for user authentication or encryption, these expire every now and then,
• Your Enterprise CA in that case appends new certificates to users’ userCertificate attribute, while leaving expired certs there as well,
• Over time these increasingly clutter your AD, making administration more difficult and negatively affecting AD replication traffic.

Luckily, cleaning up expired certificates with PowerShell is extremely easy.

To do the clean-up for a specific user you can run this one-liner:

Get-QADUser username | Remove-QADCertificate -Valid:$false

To clean-up the entire domain, just do:

Get-QADUser | Remove-QADCertificate -Valid:$false

See Vadim’s original post for details.

Read more about PKI management with PowerShell here.