Is what you looking for built in mecm? No. Can you added this as custom inventory? Yes. A bing search will help you do this.
read the certificate from personal store using SCCM in windows 10
Hi Team
we are using SCCM Tool to deploy the package for all windows 10 and reading the system information in store in SCCM DB.
Current requirement : We need to read the certificates from machine level and user level in personal store and saved in SCCM Database
Certificate Location : Personal store
Type of Certificate :
- Current machine
- Current user
Operating System : windows 10
Please confirm me whether it is possible
8 answers
Sort by: Most helpful
-
-
AllenLiu-MSFT 40,881 Reputation points Microsoft Vendor
2021-03-10T07:19:04.233+00:00 Hi, @Mahendran M
Thank you for posting in Microsoft Q&A forum.
SCCM cannot get the certificate information from clients directly like Garth said.
We can first inject certificates info into WMI by using the VBscript Tool.
Then use sccm custom hardware inventory to collect the info from WMI, for the detailed steps, we may refer to Sherry's answer in another thread:
https://social.technet.microsoft.com/Forums/en-US/53170213-4711-49fe-a867-698069a553c0/inventory-computer-certificates-in-wmi?forum=configmanagergeneral
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. -
Mahendran M 21 Reputation points
2021-03-10T11:55:30.35+00:00 Thanks for your clarifications.
SCCM can read the certificate from Machine level but current user is not working...
OS : Windows 10 and Windows 7
Scripts : Powershell
Cert:\LocalMachine\My --> working fine
Cert:\currentuser\my -->not working
-
Garth Jones 2,071 Reputation points
2021-03-10T13:30:02.453+00:00 You will need to give more details as to why it is not working. What exactly are you doing?
-
Nicholas Walker 1 Reputation point
2021-03-11T07:49:23.817+00:00 I am trying to do exactly the same thing.
So far I am considering creating a scheduled task that runs when the user logs on to write the user certificate information to WMI. From there it is easy to collect it.I guess an application/package or even compliance item could be used to create such a scheduled task.
But maybe someone has a some more elegant idea?