Last active
August 29, 2015 14:01
-
-
Save tomarbuthnot/06ca256989213b7080d3 to your computer and use it in GitHub Desktop.
PowerShell to Request and Assign Lync Server Certificates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #################################################### | |
| function Get-CertificationAuthority ([string]$CAName) | |
| { | |
| $domain = ([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()).Name | |
| $domain = “DC=” + $domain -replace ‘\.’, “, DC=” | |
| $CA = [ADSI]“LDAP://CN=Enrollment Services, CN=Public Key Services, CN=Services, CN=Configuration, $domain” | |
| $CAs = $CA.psBase.Children | %{ | |
| $current = “” | Select CAName, Computer | |
| $current.CAName = $_ | %{$_.Name} | |
| $current.Computer = $_ | %{$_.DNSHostName} | |
| $current | |
| } | |
| if ($CAName) {$CAs = @($CAs | ?{$_.CAName -eq $CAName})} | |
| if ($CAs.Count -eq 0) {throw “Sorry, here is no CA that match your search”} | |
| $CAs | |
| } | |
| $OutputFromCAFunction = Get-CertificationAuthority | |
| $CAName = $OutputFromCAFunction.CAName | |
| $CAComputer = $OutputFromCAFunction.Computer | |
| $CA = “$CAComputer” + “\” + “$CAName” | |
| ############################################### | |
| # 2013 FE: | |
| Import-Module Lync | |
| $OU = “IT” | |
| $Org = “Org Name Here” | |
| $city = “London” | |
| $state = “London” | |
| $country = “GB” | |
| $AdditionalDomains = “sip.tomuc.com” | |
| $FriendlyName = “$env:computername” + “_Public” | |
| Request-CSCertificate -New -Type Default,WebServicesInternal,WebServicesExternal -CA $CA -Country $country -State $state -City $city -FriendlyName $FriendlyName -KeySize 2048 -PrivateKeyExportable $True -Organization $org -OU $OU -DomainName $AdditionalDomains -AllSipDomain -Verbose | |
| ################################################ | |
| # Assign Cert to Lync Services | |
| Start-sleep -seconds 5 | |
| $lyncCertThumb = Get-ChildItem -path cert:\LocalMachine\my | where {$_.FriendlyName -eq $friendlyname} | Select-object -ExpandProperty Thumbprint | |
| # Assign Cert: | |
| Set-CSCertificate -Type Default,WebServicesInternal,WebServicesExternal -Thumbprint $lyncCertThumb | |
| # start-cswindowsservice | |
| ############# | |
| ################################################# | |
| # Edge Internal | |
| Import-Module Lync | |
| $OU = “IT” | |
| $Org = “Org Name Here” | |
| $city = “London” | |
| $state = “London” | |
| $country = “GB” | |
| $FriendlyName = “$env:computername” + “_Internal” | |
| $OutputFile = “C:\” + “$env:computername” + “_Internal” + “.req” | |
| Request-CsCertificate -New -Type Internal -FriendlyName “$FriendlyName” -Organization “$Org”-City “$city”-State “$State”-Country “$country” -OU “$OU”-Keysize 2048 -PrivateKeyExportable $True -Output “$OutputFile” | |
| ####################################### | |
| # 2013 Edge Public | |
| Import-Module Lync | |
| $OU = “IT” | |
| $Org = “Org Name Here” | |
| $city = “London” | |
| $state = “London” | |
| $country = “GB” | |
| $FriendlyName = “$env:computername” + “_Public” | |
| $OutputFile = “C:\” + “$env:computername” + “_Public” + “.req” | |
| $AdditionalDomains = “sip.tomuc.com, tomuc.com” | |
| Request-CsCertificate -New -Type AccessEdgeExternal,DataEdgeExternal,AudioVideoAuthentication -FriendlyName “$FriendlyName” -Organization “$Org”-City “$city”-State “$State”-Country “$country” -OU “$OU”-Keysize 2048 -PrivateKeyExportable $True -DomainName $AdditionalDomains -AllSipDomain -Output “$OutputFile” | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment