DSCResources/DSC_AdcsAuthorityInformationAccess/en-US/about_AdcsAuthorityInformationAccess.help.txt
|
.NAME
AdcsAuthorityInformationAccess .DESCRIPTION This resource can be used to configure the URIs in the Authority Information Access and Online Responder OCSP extensions of certificates issued by an Active Directory Certificate Authority. .PARAMETER IsSingleInstance Key - String Allowed values: Yes Specifies the resource is a single instance, the value must be 'Yes'. .PARAMETER AiaUri Write - StringArray Specifies the list of URIs that should be included in the AIA extension of the issued certificate. .PARAMETER OcspUri Write - StringArray Specifies the list of URIs that should be included in the Online Responder OCSP extension of the issued certificate. .PARAMETER AllowRestartService Write - Boolean Allows the Certificate Authority service to be restarted if changes are made. Defaults to false. .EXAMPLE 1 This example will set the Authority Information Access URIs to be included in the AIA extension. configuration AdcsAuthorityInformationAccess_SetAia_Config { Import-DscResource -ModuleName ActiveDirectoryCSDsc node localhost { AdcsAuthorityInformationAccess SetAia { IsSingleInstance = 'Yes' AiaUri = @( 'http://setAIATest1/Certs/<CATruncatedName>.cer' 'http://setAIATest2/Certs/<CATruncatedName>.cer' 'http://setAIATest3/Certs/<CATruncatedName>.cer' 'file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CAName><CertificateName>.crt' ) AllowRestartService = $true } } } .EXAMPLE 2 This example will set the Online Responder OCSP URIs to be included in the OCSP extension. configuration AdcsAuthorityInformationAccess_SetOcsp_Config { Import-DscResource -ModuleName ActiveDirectoryCSDsc node localhost { AdcsAuthorityInformationAccess SetOcsp { IsSingleInstance = 'Yes' OcspUri = @( 'http://primary-ocsp-responder/ocsp' 'http://secondary-ocsp-responder/ocsp' 'http://tertiary-ocsp-responder/ocsp' ) AllowRestartService = $true } } } .EXAMPLE 3 This example will set the Authority Information Access and Online Responder OCSP URIs to be included in the AIA and OCSP extensions respectively. configuration AdcsAuthorityInformationAccess_SetAiaAndOcsp_Config { Import-DscResource -ModuleName ActiveDirectoryCSDsc node localhost { AdcsAuthorityInformationAccess SetAiaAndOcsp { IsSingleInstance = 'Yes' AiaUri = @( 'http://setAIATest1/Certs/<CATruncatedName>.cer' 'http://setAIATest2/Certs/<CATruncatedName>.cer' 'http://setAIATest3/Certs/<CATruncatedName>.cer' 'file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CAName><CertificateName>.crt' ) OcspUri = @( 'http://primary-ocsp-responder/ocsp' 'http://secondary-ocsp-responder/ocsp' 'http://tertiary-ocsp-responder/ocsp' ) AllowRestartService = $true } } } .EXAMPLE 4 This example will clear the Authority Information Access and Online Responder OCSP URIs from the AIA and OCSP extensions respectively. configuration AdcsAuthorityInformationAccess_ClearAiaAndOcsp_Config { Import-DscResource -ModuleName ActiveDirectoryCSDsc node localhost { AdcsAuthorityInformationAccess ClearAiaAndOcsp { IsSingleInstance = 'Yes' AiaUri = @() OcspUri = @() AllowRestartService = $true } } } |