Test-CsClientAuth
Determines whether or not a user can log on to Microsoft Lync Server 2010 by using a certificate downloaded from the certificate provisioning service.
Syntax
Test-CsClientAuth
[[-TargetFqdn] <String>]
-UserCredential <PSCredential>
-UserSipAddress <String>
[-RegistrarPort <Int32>]
[-TargetUri <String>]
[-Force]
[-Verbose]
[-OutVerboseVariable <String>]
[<CommonParameters>] Description
Client certificates provide an alternate way for users to be authenticated by Lync Server 2010.
In order to determine whether or not a user can log on to the system by using a client certificate, you can run the Test-CsClientAuth cmdlet.
When you run this Test-CsClientAuth you must specify the Registrar pool and SIP address of the user account being tested; you must also be able to supply the user's logon name and password.
After calling Test-CsClientAuth, the cmdlet will contact the certificate provisioning service and download a copy of any client certificates for the specified user.
If a client certificate can be found and downloaded, Test-CsClientAuth will then attempt to log on using that certificate.
If logon succeeds, Test-CsClientAuth will log off and report that the test succeeded.
If a certificate cannot be found or downloaded, or if the cmdlet is unable to logon using that certificate, then Test-CsClientAuth will report that the test failed.
Who can run this cmdlet: To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt:
Get-CsAdminRole | Where-Object {$_.Cmdlets -match "Test-CsClientAuth"}
Examples
-------------------------- Example 1 --------------------------
$cred1 = Get-Credential "litwareinc\kenmyer"
Test-CsClientAuth -TargetFqdn atl-cs-001.litwareinc.com -UserSipAddress "sip:kenmyer@litwareinc.com" -UserCredential $cred1The commands shown in Example 1 test the ability of the user litwareinc\kenmyer to log on to the Registrar pool atl-cs-001.litwareinc.com by using a client certificate.
To carry out this task, the first command in the example uses Get-Credential to create credential object for the user in question.
The resulting credential object (which requires you to enter the password for the user) is stored in a variable named $cred1.
The second command then calls Test-CsClientAuth, specifying the FQDN of the Registrar pool (TargetFqdn), the user's SIP address (UserSipAddress) and the credential object created in the initial command (UserCredential).
Parameters
-Force
Suppresses the display of any non-fatal error message that might occur when running the command.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Lync Server 2010 |
-OutVerboseVariable
{{Fill OutVerboseVariable Description}}
| Type: | String |
| Aliases: | ovv |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Lync Server 2010 |
-RegistrarPort
SIP port used by the Registrar service. This parameter is not required if the Registrar uses the default port 5061.
| Type: | Int32 |
| Aliases: | rp |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Lync Server 2010 |
-TargetFqdn
Fully qualified domain name (FQDN) of the Registrar pool where client authentication is to be tested.
For example: -TargetFqdn "atl-cs-001.litwareinc.com".
| Type: | String |
| Aliases: | t |
| Position: | 2 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Lync Server 2010 |
-TargetUri
URL of the certificate provisioning service.
If this parameter is not included then the Test-CsClientAuth will use the certificate provisioning service configured for the Registrar pool.
| Type: | String |
| Aliases: | tu |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Lync Server 2010 |
-UserCredential
User credential object for the user account to be used in the test.
The value passed to UserCredential should be an object reference obtained by using the Get-Credential cmdlet.
For example, this code returns a credentials object for the user litwareinc\kenmyer and stores that object in a variable named $x:
$x = Get-Credential "litwareinc\kenmyer"
You need to supply the user password when running this command.
| Type: | PSCredential |
| Aliases: | uc |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Lync Server 2010 |
-UserSipAddress
SIP address of the user to be used in the test.
For example: -UserSipAddress sip:kenmyer@litwareinc.com.
| Type: | String |
| Aliases: | ua |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Lync Server 2010 |
-Verbose
Reports detailed activity to the screen as the cmdlet runs.
| Type: | SwitchParameter |
| Aliases: | vb |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Lync Server 2010 |
Inputs
None.
Outputs
Test-CsClientAuth returns an instance of the Microsoft.Rtc.SyntheticTransactions.TaskOutput object.
フィードバック
以下は間もなく提供いたします。2024 年を通じて、コンテンツのフィードバック メカニズムとして GitHub の issue を段階的に廃止し、新しいフィードバック システムに置き換えます。 詳細については、「https://aka.ms/ContentUserFeedback」を参照してください。
フィードバックの送信と表示