Possible to delete certificate(s) set by gpo?
Hi (scripting) Guys,
I have a problem with the installation of an application. It tries to install a certificate which is already present. Therefore it fails with a 1603. The certificate that comes with the installation is needed by everyone in the network, therefore it's being
installed via GPO. But only a couple of people (approx 50) need the actual software...
Because of above problem, I want to (temporary) delete the certificate before the installation of the software.
After trying different kind of tactics I use the following script to search for the certificate(s) and delete them:
$certs = Get-ChildItem -Path cert:\ -Recurse | Where-Object { $_.Issuer -like "*cosign*" }
foreach($cert in $certs)
$path = $cert.PSPath
$X509Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate($cert)
$path2 = $path -Replace "Microsoft.PowerShell.Security\\Certificate::", "" -Split "\\"
$context = $path2[0]
$store = $path2[1]
$X509Store = New-Object System.Security.Cryptography.X509Certificates.X509Store("$store", "$context")
$X509Store.Open("ReadWrite")
$X509Store.Remove($X509Cert)
$X509Store.Close()
But whatever I try I receive the following error:
Exception calling "Remove" with "1" argument(s): "Access is denied.
At C:\Temp\Remove-Cert.ps1:17 char:22
+ $X509Store.Remove <<<< ($X509Cert)
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
I'm running the script as an (local) administrator. But I even tried to run it under the system account. Nothing works. Execution policy is set to bypass.
When I install the certificate on my personal (private) laptop and run the script, I get prompted and when I press OK the certificate gets deleted. So, the script works, right? But on my corporate laptop it fails... I'm !00% sure I have enough rights, by
hand I can do everything on the laptop.
I hope someone can help me out! Thanks in advance!
Bart
Bart Scheltinga | www.bartsp34ks.nl | MCSA
A cert installed by GPO will not allow you to uninstall it. It is protected.
Contact the vendor of the software or temporarily remove the system from the domain or place in an OU shielded from the policy - use a temporary sub OU or a filter to exempt the systems until the software is installed.
This is not really a scripting issue but it is one of how to deploy software and is best handled by the vendor.
¯\_(ツ)_/¯
Similar Messages
-
I would like to delete emails from my PC when I delete them from my Ipad (and vice versa, is possible). How do I set this up? Thanks in advance.
The ability to do that would depend on the type of email account that you have. If it is a POP account, it cannot be done. If it is an IMAP account, it should sync across devices automatically. If you are not sure what type of account it is, who is your email provider?
-
Is it possible to delete the original Admin Account, having set up other Admin Accounts on the computer?
Thanks,
iHopeOnce you have an additional Admin Account, there should be nothing "magical" about the original Admin account.
The Account you use to delete the original MUST be an Admin Account, or the old account cannot be deleted. But that is the "Acid test" for the veracity of the new Admin account. -
Is it possible to delete files from time machine?
Is it possible to delete files from time machine? I had a drive crash, restored the files to a new drive, and now the old versions and the new versions of the files are both backed up, taking up a mountain of drive space. Do I just have to wait 'til the drive gets full and then tell it what to delete first?
Hi, I need help in a related problem. I have 500gb time capsule. I needed larger hard drive, so I now use TM to back up to a different 1tb hard drive. So I don't need the TC as a TM back up device. But I want to use the TC's hard drive as an extra external hard drive. I deleted the files that were on it. but it still shows it has a sparsebundle file with a size of over 400gb ( probably the size of the old backups). When I use disk utility to try to erase it, I am not offered the erase tab. This "disk" does show on the desk top as a mounted disk (I think) with only 53 gb free. How can I set this up so all the disk space is free and I can use it for storing files, not as a back up? Thanks
-
I can't connect to my MacBook because I can't get THAT to start. It just sits in it's blue screen With the apple, spinning it's gear. All this happened after I used mackeeper. If anyone can help with that, I'd appreciate it. I've tried starting in safe mode,resetting everything but nothing happens. It's not the kernel, ive delt with that it looks like it's going to boot but it won't. Then there's my iPad which says I need to delete some stuff to be able to download anything. I know I have room on there but there are 2copies of a movie and I'd like to delete one of them. Is it possible to delete anything on the ipad without connecting to MacBook? I do have an appt later in the week but if I could fix this myself that would save me a couple hours driving time. Thanks for anyone's help in both of these matters.
Be sure Safari does not have the Block Pop-Up Windows preference set.
Where I work now there are several unencrypted VLANs that require authentication, and Safari promptly pops up a window for me to register every time. -
Is it possible to delete part of a video in DVDSP?
I have DVD Studio Pro 4. I encoded the video and dropped it on the timeline. I realized that there is about 5 seconds of black that I want to delete from it. Is it possible to delete these 5 seconds in DVD Studio Pro? Is there any way just to cut it out?
There is another thing I could do but I can't seem to figure it out. The 5 seconds that I want to delete is at the beginning of the timeline. DVD Studio Pro automatically puts a chapter marker at the beginning of the timeline. Is there a way to move that chapter marker 5 seconds into the project so I would not have to delete the 5 seconds of black? The reason I ask this is because there is a chapter at the beginning of the timeline and then there is one at the 5 seconds point, where the black ends and the video begins. I need to either get rid of the black or get rid of the very first chapter marker.
If there is no possible way to do either of these things, I am going to have to re-encode it and take out the 5 seconds of black in Final Cut Pro. I really don't want to have to do that because the encoding just took 3 hours.
Thanks in advanceI have been doing that, but here is the problem. This DVD has 3 tracks.
Track 1 is 16:9 footage
Track 2 is 4:3 footage
Track 3 is 16:9 footage.
I have the end jump of track 2 jumping to track 3. It works perfectly. I need to set a previous jump back to track 2. Here is where the 2 markers couse a problem. I set the previous jump on the 2nd chapter of Track 3 (this is the one that is 5 seconds in) to go back to Track 2. Instead, when I hit back on the remote control in simulator it goes back to the first chapter of Track 3(this is the one at the beginning of the timeline) not Track 2. If I get rid of the first chapter in track 3 I know it will go straight back to Track 2 where I want it to go. So I have to get rid of either the 5 seconds of black or the first chapter at the beginning of track 3.
Is this possible?
Thanks again for all of your help. -
HOW TO DELETE PARTICULAR TRIPLE SET FROM Oracle SEMANTIC TABLES in 11g
Can somebody help us how to delete a particular set of triples from Oracle(11g) semantic that we have. Because we noticed that few triple belongs to particular data sets were wrongly loaded so we need to remove only those triples.
Usually we delete all triples including others such and reload them again along with new triples. We would like to avoid this as we go to production.
Otherwise When we insert a set of triples belongs to a particular data set, is it possible to know what ids Oracle assigned to that set? Can we delete by id? Just a thought.
Rgds
SriniHi,
It is very strange. I got an email in my inbox saying that you want to find out
IDs of triples that belong to RNAIDB data set like the following.
"<http://www.lscdd.lilly.com.sg/lscdd/RNAIDB/...../.../:>".
This forum does not have your message somehow.
Assume you have asked such an question :), my answers are
1) from a modeling perspective, it is not a very good idea to encode
semantics in the URI lexical form itself. A URI should be treated
as a symbol.
2) now assume you have a valid reason for doing this, you can try something like the following.
CREATE INDEX testdel_sub_idx ON tstdel (triple.GET_SUBJECT());
-- You can then get the rowid out for those offending rows.
select rowid
from tstdel t
where t.triple.GET_SUBJECT() like '<urn:su%'
-- Or you can remove them directly.
delete from tstdel t
where t.triple.GET_SUBJECT() like '<urn:su%'
; -
Hello.
in Solaris 10 i need auditing process create, delete, privilege escalation, set and change password and etc... from users account and group.
I set settings:
in file syslog.conf:
*.info;mail.none;cron.none;audit.notice @IP-Remote-syslog-server-SIEM
in file /etc/security/audit_control:
dir:/var/audit
flags:lo,ad,ex,cc,am,no,fc,fd
minfree:20
naflags:lo
plugin:name=audit_syslog.so;p_flags=lo,ad,ex,cc,am,no
in file /etc/security/audit_user:
root:lo,ad:no
Now I see in the logs only the fact of a connection via SSH and run processes on behalf of users. Creation. delete users, change passwords for some reason do not is logged.
Many users. For each individual write permissions in the file /etc/security/audit_user not possible, it is likely to forget any new user (or there is a possibility in this file one line to describe the audits for all accounts?)
Where is the mistake?You are most likely hitting Bug 15779000 user/role/groupadd/mod/del don't audit their use.
And the fix is only available in S11.2.
-- Renaud -
Is it possible to delete datas
HI Gurus
Is it possible to delete the old datas from the cache server.
if iam deleting the old datas from the content server and now the cache server shows the datas, is it possible?. if possible how can i delete the datas from cahce server what are the steps to be followed
regards
kannanHi Kanna,
If your query is still not resolved, kindly refer the following method. It may help.
You can delete a document info record in CV02N, by setting the deletion flag in the header of the document info record. If the document could be deleted the deletion indicator turns green. For removing the document from the database tables you have to run report MCDOKDEL which removes all document info records that have set the deletion indicator.
Regards,
Ravindra -
Is it possible to delete original, linked photos?
Hi,
I have iPhoto '09 setup to leave photos in their original location (Preferences > Advanced > uncheck "Copy Items to the iPhoto Library"). In testing, it seems that with this setting off, it's not possible to delete a photo from the hard drive from within iPhoto. I right click on a photo and click "Show File" to confirm that it is definitely linked to the original location. Then I put the photo in the trash in iPhoto and empty the trash. Looking at the original location, the file is still there.
This isn't a bad thing but I'd like to confirm it before I rely on iPhoto never touching my photo library.
thanks.I have iPhoto '09 setup to leave photos in their original location (Preferences > Advanced > uncheck "Copy Items to the iPhoto Library"). In testing, it seems that with this setting off, it's not possible to delete a photo from the hard drive from within iPhoto. I right click on a photo and click "Show File" to confirm that it is definitely linked to the original location. Then I put the photo in the trash in iPhoto and empty the trash. Looking at the original location, the file is still there.
You are correct - why you tell iphoto not to copy the photos to the iPhoto library it makes an alias in the iPhoto library - deleting the photo from iPhoto deletes it form iPhoto but does not do anything with the external photo - which is what you told it do to - when you use this references library you are taking full responsibly for managing the originals INCLUDING making sure that they never change locations - including to a different hard drive or to a new computer at least in iPhoto '08 - FOr this and many other reasons it is recommended that you not use a referenced library
This isn't a bad thing but I'd like to confirm it before I rely on iPhoto never touching my photo library.
If you use a referenced library iPhoto will not ever touch your original photos - or notice if you edit them - or find them if you move or delete them
LN -
I have an IPad with a Restriction code that we cannot remember. Is it possible to delete and restore the IPad without the code. If not how do I figure out the code or how to remove it?
The only option is to wipe the device clean and restore it to factory settings. Hope you have a backup.
Follow the instructions in iOS: How to back up your data and set up your device as a new device http://support.apple.com/kb/HT4137 to restore the device to factory settings.
Once you have setup the device as a new one, you can then sync it back with your iTunes account and all your music, apps, contacts and any other content sync'ed with iTunes will be loaded on the device. Any content that is stored only on the device and not sync'ed with iTunes, like app logins or data, will be lost during this process. Be forewarned that this is a long process and can take a couple of hours or more to complete. This can be painful, but it is necessarily so to prevent users from working around the security settings. After the restore is complete, you can setup a new Restrictions passcode. Make a note of the passcode to avoid this situation in future.
Cheers, Tom -
Possible to delete SC item after PO creation?
Dear all
We use Extended classic. I need a piece of info.
I am able to delete the SC item after PO creation..! Is it allowed as per general business scenario. Is it possible to delete SC items after PO creation?
How to curb this?
Please share your valuable knowledge in this regards
Thanks in advance
KrupaHello,
As per standard design, it is possible to delete a shopping cart if only
one follow-on document exists. For example, a purchase order or a
purchase requisition.
When you delete the shopping cart in EBP, the deletion indicator will
be set in the purchase order.
You cannot delete the shopping cart if the follow-on document has other
follow-on documents, like confirmation or invoice.
The following is the standard behaviour for SC/limit SC deletion:
SC -> PO : deletion possible
SC -> PReq: deletion possible
SC -> PReq + PO: deletion NOT possible
SC -> PO + CF: deletion NOT possible
SC -> PReq + PO + CF: deletion NOT possible
SC -> PO + CF + INV: deletion NOT possible
SC -> PReq + PO + CF + INV: deletion NOT possible
Standard logic: in general SC does not prevent the deletion of SC items
just because of existence of follow-on documents.
The SC item itself does not know if the deletion is possible.
It just tries to delete the corresponding item of follow-on document.
If this deletion has been successful, then also the SC item can
and will be deleted. If the deletion of follow-on document item has
failed, the SC item deletion is not possible.
So it is a task of follow-on document to know if its items can be
deleted or not.
Best regards,
Ricardo -
Is it Possible to delete workitems in the UWL Inbox?
Hi All,
Can we delete workitems in the UWL inbox?
Please let me know.. we have two types of workitems ., one comes from workflows and another from Guided Procedures.
i have added delete action in the UWL XML file and tried deleting the workitems but i got the message..
"Unable to perform the request. Try again and if the problem persists, inform your system administrator"
and also this action button is visible only for Guided procedure workitems.
Please help me..
is it possible to delete the workitems in the UWL inbox? then how? is there any documents?
if it is not possible then why they have provided "Delete" action?is there any supporting documents or SAP Notes for this..
Regards
Vijayhi
Please run the report in r/3 to delete the workitem.RSWWWIDE.
To delete the GP items
Step 1: Select the process template.
GOTO: Guided Procedures >> Administration >>Archiving and Deleting >> Maintain Process Templates >> Process Template Settings
Click on u201CBrowseu201D
Select the Process Template
Click on "Choose"
Step 2: Specify a schedule.
Make sure the previously created Template setting is selected.
Select u201CSpecify Custom Settingsu201D
Select the appropriate intervals for removal of processes.
Step 3 Schedule a task to run daily and perform our desired deletion setting.
GOTO: Guided Procedures >> General >> Schedule Tasks >> Select u201CTask Archiving and Deleting.u201D
Click on "Create".
Mention the schedule required,
Preferably
Type: Recurrent Daily
Time : non productive hours [after midnight] -
Is it possible to delete a released transport request
Hello
I wander is it possible to delete a released transport request. Is it possible to delete a transport request with released only an taskYou can but you have to chnage status of the request:
Use transaction SE38 or SA38 and run program: RDDIT076
Set your request number and run the program
After request is shown double click on it
You should be able to change status from R to D
And now, you can delete the transport for example in transaction: SE10...
Help on ABAP: Few Tips for Transport Request Manipulation -
Is it possible to delete a product in GTS?
Hi Gurus,
Is it possible to delete a product in GTS?
When we set for a material in ERP a deletion indicator
is this information also coming to GTS via regular /SAPSLL/MATMAS_DISTRIBUTE_R3 material transfer job?
Rgds
DieterHi Gabriel,
I have tried this dev. once.. Just thought of sharing the same. Defined some product attributes in GTS to hold some customized flags in Product master-Additional data tab.
For example: Tried updating country flags in the Product master in GTS.
Country flags are updated based on extension of a Material to a Plant in R/3. i.e, Whenever a Material is extended to a Plant in GTS, we use the Plant country code and update the same in Product master.
And similarly, whenever the Deletion flag is setup, the same can be removed. For this to work automatically, just activated change pointers for MARC-LVORM for /sapsll/matmas_sll.
But in my case, it was a customized development.Not really sure, if this is available in standard.
Thanks
Dhilipan
Maybe you are looking for
-
try to open itunes on my computer and get messageprogram can't start because MSVCR80.dll is missing from computer and a windows error 126 comes up
-
I want to renew and keep using the FormsCentral until I can transition to another service in the coming months, but I can't change my subscription to month-to-month, it is only letting me renew the annual subscription - which ends in June. Will I get
-
Error while stock posting through template
Hi im using stock taking tamplate for posting stock.after importing dtw shows no error, but when i observe the stock then the stock is not inserted.Whats the reason?how to solve it? Thanks
-
How to find all the objects by Module.
Hey all, Can any one please help me in finding all the objects by Module. I need to have all the objects(like app engines, records, fields, file layouts, etc,.) in AP, AM, GL, BI, AR. thank you, Bye.
-
Importing CD then DVD player opens
Hi All My friend has just freaked out. She is completely Mac and Computer new so i thought i'd ask on her behalf as she'd need an hours tutoring on how to post a question. She's tried to import a CD into itunes. Normal. Then, drive starts making a wh