Hi Team
we are using SCCM Tool to deploy the package for all windows 10 and reading the system information in store in SCCM DB.
Current requirement : We need to read the certificates from machine level and user level in personal store and saved in SCCM Database
Certificate Location : Personal store
Type of Certificate :
1. Current machine
2. Current user
Operating System : windows 10
Please confirm me whether it is possible
It seems the issue is more related to sccm, so I removed the windows-10 tag, thanks for your understanding!
Is what you looking for built in mecm? No. Can you added this as custom inventory? Yes. A bing search will help you do this.
Hi, @MahendranM-6808
Thank you for posting in Microsoft Q&A forum.
SCCM cannot get the certificate information from clients directly like Garth said.
We can first inject certificates info into WMI by using the VBscript Tool.
Then use sccm custom hardware inventory to collect the info from WMI, for the detailed steps, we may refer to Sherry's answer in another thread:
https://social.technet.microsoft.com/Forums/en-US/53170213-4711-49fe-a867-698069a553c0/inventory-computer-certificates-in-wmi?forum=configmanagergeneral
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thanks for your clarifications.
SCCM can read the certificate from Machine level but current user is not working...
OS : Windows 10 and Windows 7
Scripts : Powershell
Cert:\LocalMachine\My --> working fine
Cert:\currentuser\my -->not working
You will need to give more details as to why it is not working. What exactly are you doing?
I am trying to do exactly the same thing.
So far I am considering creating a scheduled task that runs when the user logs on to write the user certificate information to WMI. From there it is easy to collect it.
I guess an application/package or even compliance item could be used to create such a scheduled task.
But maybe someone has a some more elegant idea?
btw - it is apparently not possible to access user certificate stores when running under system context.
I will be happy if someone proves me wrong here :-)
So are you running the deployment in the user content?
We need to run in user content but I need to get an idea from Microsoft team with additional support exe will solve the issues
What exact do you mean by Microsoft team to support an exe? SCCM supports exe, so....
To execute the script from system context to user context like runas current user
Sorry, just assumed I would automatically get email notification on activity here...
You are absolutely correct - I just needed to add a user based compliance item to get the user certificates. Strange how I actually answered my own question :-(
Thanks for the virtual shake :-)
11 people are following this question.
